What is CTPAT
U.S. Customs and Border Protection (CBP) listened to the recommendations made by the Advisory Committee on Commercial Operations (COAC), which encouraged the creation of the C-TPAT Exporter Entity. CBP is introducing an exporter entity to C-TPAT to support export growth and increase the competitiveness of the U.S. business community, as outlined by President Obama’s National Export Initiative. CBP is also interested in providing the U.S. business community with benefits currently enjoyed by foreign importers through Mutual Recognition Arrangements (MRA), which are explained below. Finally, this is an opportunity to align with the programs of foreign customs under the World Customs Organization’s (WCO) Framework of Standards to Secure and Facilitate Global Trade (SAFE Framework)
CTPAT Risk Assessment Process
The Five Step Risk Assessment Process includes:
- Mapping Cargo/Data Flow and Control and Identifying Business Partners (whether directly or indirectly contracted) and how cargo moves throughout the supply chain to include modes of transportation (air, sea, rail, or truck) and nodes (country of origin, transit points).
- Conducting a Threat Assessment focusing on Terrorism, Contraband Smuggling, Human Smuggling, Agricultural and Public Safety Threats, Organized Crime, and conditions in a country/region which may foster such threats, and ranking those threats.
- Conducting a Vulnerability Assessment in accordance with the C-TPAT Minimum Security Criteria. A vulnerability assessment includes identifying what the Partner has that a terrorist or criminal might desire. For brokers this might be data; for importers, manufacturers, and exporters, this might be access to cargo and company information. Then, identifying weaknesses in company procedures that would allow a terrorist or criminal to gain access to these processes, data, or cargo.
- Preparing a Written Action Plan to Address Vulnerabilities. This includes mechanisms to record identified weaknesses, who is responsible for addressing the issues, and due dates. Reporting results to appropriate company officials and employees on completed follow up and changes is also essential.
- Documenting the Procedure for How Risk Assessments are Conducted, to Include Reviewing and Revising the Procedure Periodically. The process itself should be reviewed and updated as needed at least annually, and a Risk Assessment should be conducted — and documented — at least annually, more frequently for highway carriers and high risk supply chains
Q: What is a C-TPAT validation?
A: A C-TPAT validation is a process through which the U.S. Customs and Border Protection (CBP) C-TPAT program meets with company representatives and visits selected domestic and foreign sites to verify supply chain security measures contained in the C-TPAT participant’s security profile are accurate and are being followed.
Q: What is the goal of a C-TPAT validation?
A: The principal goal of a validation for CBP is to ensure that the company’s C-TPAT security profile is reliable, accurate, and effective. However, validations also provide a forum through which CBP and a C-TPAT participant can build a stronger partnership by discussing supply chain security issues, sharing “best practices,” and cooperatively developing solutions to address potential vulnerabilities. The face-to-face nature of a validation encourages both CBP and the CTPAT participant to better understand the role each plays in securing our borders against international terrorism.
Q: Is a C-TPAT validation an audit?
A: No. A validation is not an audit. Whereas CBP routinely performs audits in a variety of operational and regulatory areas (e.g. trade compliance, NAFTA), C-TPAT validations do not measure a company’s adherence to existing government rules and regulations. Instead, the validation is focused on the verification of supply chain security processes and procedures that a company voluntarily agrees to verify or perform under the auspices of the C-TPAT program.
How CTPAT works
When an entity joins CTPAT, an agreement is made to work with CBP to protect the supply chain, identify security gaps, and implement specific security measures and best practices. Applicants must address a broad range of security topics and present security profiles that list action plans to align security throughout the supply chain.
CTPAT members are considered to be of low risk, and are therefore less likely to be examined at a U.S. port of entry.
Q: Why should I get my Company Audited by EUROCERT for C-TPAT?
EUROCERT provides methods /Audits /Reviews to better manage, and improve on shipment-related data, and can help businesses achieve C-TPAT status. With a potential for fines, maintaining compliance is important. We perform supply chain security audits against all Customs-Trade Partnership against Terrorism (C-TPAT) global and regional requirements, including the updated Minimum Security Requirements taking effect in 2020.
C-TPAT New Criteria
- Management Commitment to a Culture of Security
- Cyber security and Protection from Social Engineering Threats
- Agricultural Security
- Prevention of Money Laundering and Terrorism Financing