Zambia and Zimbabwe’s single-stop solution to boosting intra-African trade, The Guardian 2012 (CORE2008)

Summary

The Guardian news article summarizes benefits and challenges of the African first one-stop border post, located at the Chirundu border crossing across the Zambezi river between Zambia and Zimbabwe. At the border post, officials in both countries inspect only inbound traffic, for example Zambian authorities control only incoming traffic from Zimbabwe. Thanks to this one-stop arrangement, trucks and barges are obliged to stop only once and undergo only one set of border formalities. The one-stop system has accelerated border crossing times tremendously, from a two or three day wait down to a thirty-minute rest. Moreover, the faster border formalities have translated into higher traffic at the border post (from earlier 2000 to today’s 14000 trucks per month) and associated larger tax and duty revenues. But most importantly, the faster and simpler border formalities have facilitated trade of many small-scale merchants, who commonly trade small amounts of food, clothes, and other everyday commodities. Today, these small merchants face less delays, cumbersome formalities, and arbitrary duties and facilitation payments that dishonest customs officials may impose on their goods. This progress has brought many of the informal merchants, who used to smuggle their merchandise before, back into the sphere of the formal economy. Even so, the smuggling is still a major problem in Africa: the article suggests that there are smuggling routes so established that 30 tonne trucks use them to evade customs controls, and that this informal smuggling economy accounts for a staggering one-third of the African gross domestic product (GDP). The article implies that the share of the informal economy could be further reduced through consolidation of African trade blocks (there are several), harmonization and simplification of border formalities, and enhanced border agency cooperation. The news report is available at: http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade

Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

This Guardian article showcases a great example of successful border agency cooperation in Africa. The CORE WP12, the “demonstrator Schipol” focusing on shipping of fresh cut flowers from Kenya to the Netherlands, might choose to study this African one-stop border concept in more detail. Closer analysis may reveal key success factors and obstacles that characterize the border agency cooperation in Africa. Also CORE’s WP19, that produces material for training and education, may use this African one-stop border as an illustrative example of border agency cooperation in developing countries. The CORE’s risk and IT clusters might need to explore this case in more detail to understand technical aspects of this one-stop border post concept.

Reference

The Guardian, Zambia and Zimbabwe’s single-stop solution to boosting intra-African trade, the Guardian, 29. May, 2012. Retrieved from http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade

CORE2008

[/s2If]

Review on “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014 (CORE1098)

CORE1098-Summary: Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited. Report is available at: http://www.gao.gov/assets/670/663828.pdf

[s2If is_user_logged_in()]

Full review: While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences. Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.

Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.

The degree to which information-sharing mechanisms (e.g., councils) were active and shared cybersecurity-related information varied. Specifically, the Coast Guard established a government coordinating council to share information among government entities, but it is unclear to what extent this body has shared information related to cybersecurity. In addition, a sector coordinating council for sharing information among nonfederal stakeholders is no longer active, and the Coast Guard has not convinced stakeholders to reestablish it. Until the Coast Guard improves these mechanisms, maritime stakeholders in different locations are at greater risk of not being aware of, and thus not mitigating, cyber-based threats.

Under a program to provide security-related grants to ports, FEMA identified enhancing cybersecurity capabilities as a funding priority for the first time in fiscal year 2013 and has provided guidance for cybersecurity-related proposals. However, the agency has not consulted cybersecurity-related subject matter experts to inform the multi-level review of cyber-related proposals—partly because FEMA has downsized the expert panel that reviews grants. Also, because the Coast Guard has not assessed cyber-related risks in the maritime risk assessment, grant applicants and FEMA have not been able to use this information to inform funding proposals and decisions. As a result, FEMA is limited in its ability to ensure that the program is effectively addressing cyber-related risks in the maritime environment.

Why GAO Did This Study? U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular DHS—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats. GAO’s objective was to identify the extent to which DHS and other stakeholders have taken steps to address cybersecurity in the maritime port environment. GAO examined relevant laws and regulations; analyzed federal cybersecurity-related policies and plans; observed operations at three U.S. ports selected based on being a high-risk port and a leader in calls by vessel type, e.g. container; and interviewed federal and nonfederal officials.

What GAO Recommends? GAO recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance. DHS concurred with GAO’s recommendations.

Full citation:  “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014.

CORE1098

Keywords: Maritime Security, Port Security, Cyber – Security, CBP U.S. – Customs and Border Protection, Coast Guard U.S., DHS-Department of Homeland Security, FEMA-Federal Emergency Management Agency, ISAC-information sharing and analysis center, IT-information technology, MTSA-Maritime Transportation Security Act of 2002, NIPP-National Infrastructure Protection Plan, AFE Port Act-Security and Accountability for Every Port Act of 2006, TSA-Transportation Security Administration

[/s2If]

Review on Consideration and Adoption of Amendments to the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization (CORE1097)

Summary: The International Ship and Port Facility Security (ISPS) Code sets new standards for security for ships at sea as well as port facilities around the world. It aims to make shipping activities more secure against threats of terrorism, piracy and smuggling. Security at sea has been a concern to governments, shipping lines, port authorities and importers and exporters for years. The terrorist attacks of September 11, 2001, however, provided the catalyst for formalizing tough new security measures. In December of 2002, the International Maritime Organization (IMO) a specialized agency of the United Nations (UN) organized a conference to discuss issues related to security at sea. At this conference, representatives from 150 nations (the Contracting Governments) participated in drafting amendments to the Safety of Life at Sea (SOLAS) Convention, and the ISPS Code was adopted. Changes to the SOLAS Convention include amendments to Chapters V and XI, and Chapter XI was divided into Chapters XI-1 and XI-2. The new Chapter XI-2 provides the umbrella ISPS regulations. The Code itself is divided into two parts. Part A presents mandatory requirements, Part B contains guidance regarding the provisions of Chapter XI-2 of the Convention and part A of the Code. Source document is available at: http://www.un.org/en/sc/ctc/docs/bestpractices/32.pdf

[s2If is_user_logged_in()]

Full review: The Code aims, among other things, to establish an international framework for co-operation between Contracting Governments, government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade and to establish relevant roles and responsibilities at the national and international level. ISPS provisions relating to port facilities relate solely to the ship/port interface. Also, ISPS provisions do not extend to the actual response to attacks or to any necessary clear-up activities after such an attack. In addition, for each ship and port authority affected, the ISPS Code requires:

  • The implementation of a Ship Security Plan (SSP),
  • The implementation of a Port Facility Security Plan (PFSP),
  • The appointment of a Ship Security Officer (SSO),
  • The appointment of a Company Security Officer (CSO),
  • The appointment of a Port Facility Security Officer (PFSO),
  • The installation of ship alarms, and
  • The installation of shipboard Automatic Identification Systems (AIS).

Enforcement Date: The ISPS Code went into effect on July 1, 2004.

Full citation:   Consideration and Adoption of Amendments to the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization. SOLAS/CONF.5/32. 12 December 2002

CORE1097

Keywords: Maritime Security, Port Security, Ship Security Plan (SSP), Port Facility Security Plan (PFSP), Ship Security Officer (SSO), Port Facility Security Officer (PFSO), International Maritime Organization (IMO), Safety of Life at Sea (SOLAS).

[/s2If]

Review on“Contributing to shipping container security: can passive sensors bring a solution?” G. Janssens-Maenhout a, F. De Roob, W. Janssens, Journal of Environmental Radioactivity, 2009 (CORE1096)

Summary: Illicit trafficking of fissionable material in container cargoes is recognized as a potential weakness in Nuclear Security. Triggered by the attacks of 11 September 2001, measures were undertaken to enhance maritime security in extension to the Safety Of Life At Sea (SOLAS) Convention and in line with the US Container Security Initiatives. Effective detection techniques are needed that allow the inspector to intercept illicit trafficking of nuclear weapons components or components of other nuclear explosive devices. Report abstract is available at (one can ask for the full report e.g. vie ResearchGate): https://www.researchgate.net/publication/38053693_Contributing_to_shipping_container_security_can_passive_sensors_bring_a_solution

[s2If is_user_logged_in()]

Full review: Many security measures focus on active interrogation of the container content by X-ray scan, which might be extended with the newly developed tagged neutron inspection system. Both active interrogation techniques can, with the current huge volume of container traffic, only be applied to a limited number of selected containers. The question arises whether a passive detection technique can offer an alternative solution.

This study investigates if containers equipped with a small passive detector will register during transport the neutron irradiation by fissionable material such as plutonium in a measurable way. In practice, 4/5 of the containers are about 1/8 filled with hydrogenous material and undergo a typical 2 months route. For this reference case, it was found that the most compatible passive detector would be an activation foil of iridium. Monte-Carlo simulations showed that for the reference case the activity of a 250 μm thin foil with 6 cm2 cross-section would register 1.2 Bq when it is irradiated by a significant quantity of Reactor-Grade PuO2. However this activity drops with almost two orders of magnitude for other fillings and other isotopic compositions and forms of the Pu-source. The procedure of selecting the target material for Pu detection is detailed with the theoretical methods, in order to be useful for other applications. Moreover the value of such additional passive sensors for securing maritime container transport is situated within the global framework of the First, Second and Third Line of Defense against illicit trafficking.

Full citation:   G. Janssens-Maenhout a, F. De Roob, W. Janssens (2009). Contributing to shipping container security: can passive sensors bring a solution?” Journal of Environmental Radioactivity 101(2):95-105 · OCTOBER 2009.

Keywords: Nuclear illicit trafficking, Maritime container transport, Passive detection technique

[/s2If]

Review on The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities, Policy Paper, July 2013, Center for 21st Century Security and Intelligence (CORE1095)

Summary: In a 50-page policy paper by the Brookings Institute and authored by Commander Joseph Kramek of the U.S.Coast Guard and a Federal Executive Fellow at the institute, the current state of affairs related to vulnerabilities at our national seaports is discussed and options to shore up cyber security are presented. In the executive summary, Commander Kramek writes that today’s U.S. port facilities rely as much upon networked computer and control systems as they do upon stevedores to ensure the flow of maritime commerce that the economy, homeland, and national security depend upon. Yet, unlike other sectors of critical infrastructure, little attention has been paid to the networked systems that undergird port operations. Report is available at: http://www.brookings.edu/~/media/research/files/papers/2013/07/02%20cyber%20port%20security%20kramek/03%20cyber%20port%20security%20kramek.pdf

[s2If is_user_logged_in()]

Full review: No cybersecurity standards have been promulgated for U.S. ports, nor has the U.S. Coast Guard, the lead federal agency for maritime security, been granted cybersecurity authorities to regulate ports or other areas of maritime critical infrastructure. In the midst of this lacuna of authority is a sobering fact: according to the most recent National Intelligence Estimate (NIE) the next terrorist attack on U.S. Critical Infrastructure and Key Resources (CIKR) is just as likely to be a cyber attack as a kinetic attack.

The potential consequences of even a minimal disruption of the flow of goods in U.S. ports would be high. The zero-inventory, just-in-time delivery system that sustains the flow of U.S. commerce would grind to a halt in a matter of days; shelves at grocery stores and gas tanks at service stations would run empty. In certain ports, a cyber disruption affecting energy supplies would likely send not just a ripple but a shockwave through the U.S. and even global economy.

Given the absence of standards and authorities, this paper explores the current state of cybersecurity awareness and culture in selected U.S. port facilities. The use of the post-9/11 Port Security Grant Program (PSGP), administered by the Federal Emergency Management Agency, is also examined to see whether these monies are being used to fund cybersecurity projects.

Full citation:   The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities, Policy Paper, July 2013, Center for 21st Century Security and Intelligence.

CORE1095

Keywords: Maritime Security, Cyber-security, Port Security Grant Program (PSGP), Port facility, Coast Guard, Maritime Transportation Security Act (MTSA).

[/s2If]

Introduction to Supply Chain Management (CASSANDRA Compendium Chapter 2, CORE2007a)

Summary

The second chapter of the CASSANDRA compendium gives a general outlook on the theory and practice of modern supply chain management. Written in lay-man’s language, the text explains a broad range of strategies for managing supply chains, from lean management to agile and responsive logistics. The chapter also defines fundamental supply chain terminology and discusses current trends in the logistics, including synchromodality, use of 4PL logistics service providers, and green logistics. The chapter introduces several supply chain reference frameworks that illustrate a series of interdependent activities and stakeholders involved in the international transport of cargo. The CASSANDRA compendium is available for download here.

Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

The compendium summarizes the SCOR and UN/CEFACT supply chain models, that may be the two most used logistics reference frameworks in the world. The document also discusses less known academic conceptual models that seek to simplify the complexity of supply chain management by categorizing and explaining management strategies, activities, stakeholders and their roles and responsibilities. The section on the future trends in logistics offers a great outlook on the most likely changes and driving forces in the logistics industry. The outlook suggests that for example synchromodality (increased flexibility in transport mode selection), green logistics (less emissions), use of 4PL logistics service providers (outsourced supply chain management), and continuously increasing ship and port sizes will reshape the cross-border logistics over the years. The document also explains key CASSANDRA concepts and their impacts on international supply chain management. For instance, the Data Pipeline, a pivotal CASSANDRA concept, seeks to enhance sharing of information across supply chain stakeholders, in particularly from business operators to customs and other border control authorities. Most importantly, the Data Pipeline would allow customs officers to access commercial information, that normally is exchanged only between buyers and sellers, early in the upstream supply chain at the consignment completion point (CCP). This accurate, early commercial information would enable the customs and other border control agencies to assess security and other risks of cargo early on.

All in all, the document provides a crash refresher course on basic and advanced logistics terminology that would be beneficial for many the CORE consortium, especially for those partners whose expertise is mainly outside the logistics industry. The CORE demonstrators benefit from descriptions of CASSANDRA innovations that support information exchange and improve visibility across the supply chain. The demos might choose to reuse some of these CASSANDRA innovations or their components. The CASSANDRA compendium also contains a great deal of material that could be reused for education and training purposes in CORE (WP19). Finally, the chapter concludes with recommendations that are relevant also for CORE. The chapter recommends, for example, that because of broad variety of international supply chains, CASSANDRA solutions should be adaptable for different contexts.

Reference

Hintsa, J. and Uronen, K. (Eds.) (2012), “Common assessment and analysis of risk in global supply chains “, Compendium of FP7-project CASSANDRA, Chapter 2

CORE2007

[/s2If]

Trade and money laundering uncontained (the Economist, May 2014, CORE2006)

Summary

International trade is becoming one of the main instruments for cross-border money laundering aside common bank transfers, remittances and cash smuggling. The ”trade-based money laundering” disguises illegal trading as seemingly legitimate commercial transactions. The most common technique is mis-invoicing in which fraudsters undervalue imports or overvalue exports to repatriate ill-gotten money from abroad. For example, official records show that Mexican exports to US are much higher than the US imports from Mexico, a discrepancy that signs fraud by Mexican criminals, most likely drug cartels. In general, the trade-based money laundering offers new financial tools for a broad range of drug traffickers, arms smugglers, corrupt politicians, terrorists and evaders of taxes, duties and capital controls. Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

International trade is becoming one of the main instruments for cross-border money laundering aside common bank transfers, remittances and cash smuggling. The ”trade-based money laundering” disguises illegal trading as seemingly legitimate commercial transactions. The most common technique is mis-invoicing in which fraudsters undervalue imports or overvalue exports to repatriate ill-gotten money from abroad. For example, official records show that Mexican exports to US are much higher than the US imports from Mexico, a discrepancy that signs fraud by Mexican criminals, most likely drug cartels. In general, the trade-based money laundering offers new financial tools for a broad range of drug traffickers, arms smugglers, corrupt politicians, terrorists and evaders of taxes, duties and capital controls.

The new methods for cross-border money laundering and tax evasion concern most CORE demonstrations, especially those involving international cargo movements. The emerging risk of trade-based money laundering calls for new and more effective enforcement of trade transactions. CORE is developing new solutions (e.g., data pipeline and system-based supervision) for capturing and sharing trade information across logistics operators and law enforcement agencies. The new solutions likely improve law enforcement’s capability to detect suspicious trade transactions that may have something to do with the trade-based money laundering. However, building such capability requires IT integration (e.g., interoperability), risk awareness and education and training. CORE consortium addresses these complementary activities in work carried out in risk, IT and educational clusters.

Reference

Trade and money laundering uncontained, the Economist, May 3rd 2014

CORE2006

[/s2If]