C-TPAT: Has your company completed their annual risk assessment?

Posted April 17, 2012
Dear Friends,

The Customs Trade Partnership Against Terrorism program, more commonly known as C-TPAT, was established in November 2001 with the goal of building collaborative relationships to strengthen and improve the international supply chain and U.S. border security.  It is a voluntary government and business program based on the concept that CBP can provide the highest level of cargo security only through close cooperation with the owners of the international supply chain; e.g.: importers, truckers, ocean carriers, consolidators, direct and 3rd party warehouses, licensed customs brokers, foreign distributors and manufacturers.

Although it’s been more than ten years since the events of 9/11 the world remains a dangerous and unpredictable place.  To remain effective in securing the supply chain against acts of terrorism the C-TPAT program must evolve and adapt itself in this ever-changing environment.  This makes perfect sense as from the beginning CBP has identified or come to recognize vulnerabilities to the supply chain and has required members compliance in addressing these concerns.

Through either the validation or reevaluation process CBP has also become aware some C-TPAT members are either not performing an assessment at all, or are not carrying out an adequate assessment of their supply chain security.  With many of those who did conduct an assessment it tended to be of only their own domestic facility, with no consideration or follow through given to assessing their international partners and vendors.  The result of this has been the creation of additional processes U.S. importers must address if they wish to remain in the program.

CBP states C-TPAT members must perform at least once a year an international supply chain risk assessment from point of origin to end delivery with the goal of identifying areas within the supply chain needing improvement.

There is a CBP recommended Five Step Risk Assessment Process that will help potential new members meet the minimum security guidelines for joining C-TPAT, and for established member companies to use in aiding their ongoing assessments to maintain their memberships in the program.

The five steps importers should follow in their supply chain assessments are:

  • Map Cargo and Business Partners: Identify your business partners and how cargo moves throughout the supply chain from point of origin to delivery.  Include the mode(s) of transportation; e.g.: air, sea, rail, or truck, and individual modes; e.g.: country of origin, transit through and/ or transshipment points.

  • Conducting a Threat Assessment: Identify threats such as terrorism (Political, Bio, Agro, Cyber), contraband or human smuggling, organized crime, or other situations or conditions (e.g.: poverty, social unrest, political instability) within a source country which may increase the prospect of a security breach.
    A grade, or some other way to measure the threat level must be included.  CBP suggests the following grades:

a) Low Risk - No recent incidents / intelligence / information.

b) Medium Risk – No recent incidents / some intelligence / information on possible activity.

c)  High Risk – Recent incidents and intelligence / information.

  • Conducting a Security Vulnerability Assessment: Based on C-TPAT minimum security standards, determine if business partners and vendors have vulnerabilities or weaknesses (e.g.: theft, pilferage, hijacking, piracy) which may lead or contribute to a security breach.

  • Preparing an Action Plan to Address Vulnerabilities: Developing a written policy / procedure to address potential vulnerabilities and weaknesses.

  • Documenting How the Security Risk Assessment is Conducted: Write policies / procedures on who will be responsible for conducting the assessment, what will be included in the assessment, why the assessment is necessary, how often the assessment will be performed, and where and how the assessment will be executed.

While these five steps do not define how companies could resolve any supply chain failings of their business partners, they do suggest education plays an important part.

It is also important to note not just importers but all C-TPAT members; truckers, consolidators, ocean carriers, customs brokers, freight forwarders, etc., are expected to abide by the five steps as much as possible.  Small companies are not excused from compliance and importers cannot rely on INCOTERMS to get around having to control and ensure their supply chain security.

The five steps provide some latitude for companies who have not fully met all the C-TPAT criteria, but by following these steps show they are committed to making improvements by taking, suggesting or recommending corrective actions with follow-up procedures to ensure any discovered weaknesses have been mitigated.

Participation by each of the supply chain players, alone and together gives the program its strength, just as non-participation or non-compliance lends itself to the weakening of the program. It’s important each player do their part insuring the integrity of their own security practices, as well as communicating and verifying the security guidelines of their business partners within the supply chain, both foreign and domestic.

What’s the benefit to the importer who has taken the necessary steps to ensure their supply chains are secure from point of origin to delivery?  There are many but to name a couple; a reduction in CBP examinations and priority processing when an examination is required.  Per CBP statistics certified C-TPAT members are 4-6 times less likely to be examined for security or compliance reasons, but when shipments are flagged for any reason they get front of the line status for the examination.

Another benefit, if desired, is the assignment to your company of a C-TPAT Customs Account Manager.  Such account managers work jointly with the importer to establish and/ or update jointly developed action plans to reflect C-TPAT commitments and to track progress in making security improvements, communicating C-TPAT principles and/or strategies to business partners, and establishing improved security relationships with other C-TPAT member companies.

For more information on the C-TPAT benefits and an overview and review of the strategic plan of the program please visit: http://www.cbp.gov/xp/cgov/trade/cargo_security/ctpat/ctpat_program_information/what_is_ctpat/

By extending the U.S security zone out to the point of shipment origin, the C-TPAT program allows for better risk assessment and targeting, freeing CBP to assign resources to more dubious shipments. The program recognizes in order to improve, protect, and strengthen the cargo supply chain, the involvement of all members of the trading community is required.  Importers obtaining and maintaining membership in C-TPAT, following through on the assessment of their supply chain, and addressing any shortcomings contributes to a more secure and efficient supply chain for their employees, suppliers and customers.


W.J. Yennie
V.P. Exports / NVOCC
« Back to From the Desk of....