MARITIME SECURITY – Ongoing U.S. Counterpiracy Efforts Would Benefit From Agency Assessments, GAO, June 2014 (CORE1017)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This GAO report explains how the US government agencies have fought sea piracy around the Horn of Africa and at the Gulf of Guinea since 2010. The report also describes the current state of sea piracy threats in these two areas, and it urges US government agencies to reconsider their resource allocations, strategies and tactics related to the counterpiracy efforts. The report points out that the number of annual piracy incidents at the Gulf of Guinea has surpassed the yearly incidents off the Horn of Africa. This shift in pirate attacks prompt changes in the US counterpiracy operations. However, as the report points out, the US government agencies responsible for the counterpiracy activities have not recently conducted reassessments of their actions, despite the changing conditions. The report therefore recommends the US government agencies to re-evaluate the counterpiracy efforts, especially at the Gulf of Guinea that is becoming the most important hotspot of the international sea piracy. This GAO report provides information about modern sea piracy from which CORE’s maritime demonstrations might benefit. The report is available for download at: www.gao.gov/assets/670/664268.pdf.

[s2If is_user_logged_in()]

Full review: This GAO report delivers a comprehensive analysis of the current state of sea piracy at the two African hotspots and the US government’s counterpiracy efforts. This information benefits those CORE demonstrations that involve maritime shipping. The detailed description of the US counterpiracy efforts might also inspire the risk cluster to find effective and efficient risk-based solutions to protect maritime logistics and transport from sea piracy.

Cross-references:

  • Maritime Security: Federal Efforts Needed to Address Challenges in Preventing and Responding to Terrorist Attacks on Energy Commodity Tankers. GAO-08-141. Washington, D.C.: December 10, 2007.
  • Maritime Security: Actions Needed to Assess and Update Plan and Enhance Collaboration among Partners Involved in Countering Piracy off the Horn of Africa. GAO-10-856. Washington, D.C.: September 24, 2010.

Additional keywords: Maritime security, sea piracy

 

CORE1017 

[/s2If]

 

Mr. Chris Thibedeau and the Barbados ESW

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , /by

CBRA Interview with Mr. Chris Thibedeau, on the Barbados Single Window

Hi Chris, and thanks for agreeing to join CBRA Interview. Can you first tell a bit about yourself, your background, where you work and so forth?

Sure thing.  For those that don’t know me, I’m an ex Customs official and a mediocre hockey player from Canada.  I worked at Canada Customs for about 17 years.  In 2006, I joined a firm called GreenLine Systems as a Vice President and went to work on contract as a resident subject matter expert for US Customs and Border Protection in their Office of Anti-Terrorism. In Canada I was awarded a Government of Canada Technology Award gold medal and the Canadian Public Service Award of Excellence for leading the design and development teams responsible for the TITAN automated risk assessment system.

I am a co-author – along with you, Juha, and other colleagues – of the World Customs Organization’s Customs Risk Management Study, the Inter-American Development Bank’s Knowledge and Capacity Product on Risk Management of Cargo and Passengers, and the WCO’s “Global Container Security and Identification of High Risk Indicators” that served as a core input to the General High Risk Indicator document.

GreenLine was acquired by A-TS in 2013 and then PAE in 2015. Over the last 10 years, I’ve been responsible for leading the development and providing guidance to internal and external clients and stakeholders for solutions that provide a customized risk management solution to support screening and facilitation of cargo, passengers, and conveyances. I also just completed my Master’s degree in International Customs Administration from the Charles Sturt University in Australia.

It’s great to be here Juha and nice to see you again!

Thanks Chris for the comprehensive background notes, and great to see you too again, since quite some while! In 2015, the Barbados Government initiated an Electronic Single Window project sponsored and funded by the InterAmerican Development Bank. Can you provide an overview of this project?

The Barbados Government recently initiated a major project to modernize Barbados with an Electronic Single Window, or, ESW.  Sponsored and funded by the InterAmerican Development Bank, the ESW initiative intends to optimize the management of trade facilitation and border security through the use of new border management technologies to be developed by my firm, A-T Solutions and its partner, a Canadian-based commodity classification specialist, 3CE Technologies. The ESW intends to provide a Single interface for the exchange of trade-related documents between the trading community, customs, and other government agencies with a stake hold in border processing.  The ESW will also provide a public one stop user-friendly repository for comprehensive tariff and regulatory trade information, government advisories, and training materials.

Ultimately, the ESW project intends to reduce business costs involved in the movement of goods for export and import, international trade, particularly to maximize the efficiency of Customs and trading processes and improve integration with related agencies that involve legal and business partners in the trading community.

Our ESW seeks to establish an integrated solution for commercial trade processing that addresses both the needs of the Barbados Customs mandate and those of 30 other government agencies, OGAs.  It is believed that this initiative will expand the number of OGA programs that interact with Customs commercial processing and deliver a more advanced electronic approach to the collection, consolidation and dissemination of commercial trade data for both the trade community and regulating programs.

Which other government agencies, OGAs – next to Customs – will benefit from the ESW?

At this stage we are working directly with 30 OGAs, including, but not limited to, the following ones: Ministry of Agriculture – Animal Health, Food Safety, Plant Health; Barbados Defense Force; Barbados Drug Service; Barbados Licensing Authority; Barbados Investment and Development Corporation; Barbados Police Service; Barbados Port Incorporated; Barbados Postal Service; Barbados Revenue Authority; Department of Commerce And Consumer Affairs; Department of Corporate Affairs and Intellectual Property Office; Ministry of Finance; Data Processing Department; Department of Economic Affairs – Research and Planning Unit; Immigration Department; Ministry of Health; Port Authority; and, Statistical Service.

We ‘ve learned that some OGA mandates add an additional layer of operational complexity for risk based border management methodologies.  In one example, the Ministry of Health in Barbados, MoH, requires a 100% visual or physical inspection for all their regulated commodities. The MoH does not have access to the ASYCUDA – the system developed by the United Nations Conference on Trade and Development, or, UNCTAD, used to record declarations – and therefore the Ministry doesn’t have visibility for what will be arriving until they receive a notification from the consignee or importer, usually done by fax. They also lack access to a historical repository of enforcement data in order to analyze and develop recurring profiles that could be used as a risk management resource. In this sense, the ESW project can help the MoH by giving them access to earlier and updated information of the cargo data when initially reported to begin the decision making process under their protection mandate. interview 07.04.2016

In many cases, our ESW is providing visibility into border processing that the OGAs never had in the past.  The ESW does not intend to replicate information that is already collected by the ASYCUDA. However, ESW can monitor controlled goods that enter and leave the country for permit and control purposes.

The ESW can also give an OGA a regular count of “License, Permit, Certificate, Other document”, LPCOs, by commodity or goods within identified periods of time.  We essentially are providing the core OGA/LPCO management capability where ASYCUDA does not – in other words, we are closing this gap.  However, this is not a knock at ASYCUDA.  ASYCUDA is a great system for declaration processing and accounting, but it was never designed to do all things.  ESW functions are really not part of its true capability.  This project is a great example of how ASYCUDA can work hand in hand with a parallel and complimentary system. Here’s an analogy to consider:  I see ASYCUDA as an iPhone.  We are a vendor building apps for that iPhone where the app adds large value for developing and modernizing nations.  I believe this is a framework for modernization that should be fostered internationally and replicated.  I would like to see UNCTAD agree and endorse this type of approach and methodology.  It’s time for all of us to collaborate and offer larger value.

Interesting! What do you consider as the most important lessons learned from the Barbados ESW-case, so far?

Well, there are a few I might highlight that I personally think are important:

First, in principle, information visibility for Customs and OGAs is important in order to efficiently apply risk management techniques, reduce release times, and improve physical inspections. OGAs should have access to the declarations made through ASYCUDA in order to find specific threats and create Risk Assessment modules according to the protection mandate of an institution.

Second, there should be greater coherence between different IT systems. ASYCUDA, the ESW and other IT systems of Barbados should work together without any task redundancy.  This is where the time savings are found associated with the release of goods. I can’t underestimate how important change management and business transformation is on a project of this nature.  I still struggle with this in my own company trying to convince others how important this is.  We’ve made sure to include Change Management and Business Transformation Architects on our delivery team in this instance and it has paid off in dividends.  Our Barbadian clients praise this approach.

Third, I’d certainly recommend that OGAs use a common risk assessment decision support system.  This will guide OGAs through a data exploitation framework using risk-based principles tailored to their mandate and mission.  In Barbados, Customs actually has access to an Automated Risk Management System.  I seriously think they should consider sharing access with the OGAs.  By distributing access to the other OGAs, each agency would have full visibility into all declaration filings, and an ability to scan this information and seek out inspections that could be in violation of their controls or mandate.  If this access can be provided, I see this as the greatest single step forward to having OGAs endorse and adopt risk based decisions at the border.  This would help lead to interoperability with Customs.  Until that happens, we will continue to see conflicting mandates where one agency endorses risk management and the other endorses risk aversion.  That’s a real problem.

And fourth, I’d also recommend that when two or more inspections must be done, the inspections should be executed at the same time and location with both Customs and OGAs present. This will reduce redundancy and unnecessary cost for the trade community.

Thanks Chris for sharing these insights! Any final comment or greetings you would like to send to CBRA Interview readers?

Yes, one important thing to take away.  There have been many time release studies that have taken place over the years in this region and in Barbados.  Current release times sit at approximately eight days for import and export.  Now think about that: eight days to import your goods into the country!  I believe this timeline is unacceptable in any modern nation or a country that seeks to endorse trade facilitation. Our ESW solution will ideally eliminate many of the redundant tasks that exist today and improve on the time release of import and export shipments significantly and extensively.

Here is an example: Today, an importer or their broker has to file an electronic declaration in ASYCUDA.  If the goods are controlled, commonly done for example with meat products, then the importer or the broker has to travel across Bridgetown to the Department of Agriculture and Veterinary Services to apply and pay for a paper permit.  Once approved and obtained, they then have to travel back to Customs, and submit the paper permit along with a paper copy of their declaration as a release package.  Once duties and taxes are paid, the customs officer stamps up the release and re-releases the shipment in ASYCUDA.  A paper delivery authority is provided.  The importer makes arrangements to pull their container or shipment out of the terminal or sufferance warehouse and provides the delivery authority to the terminal operator or warehouse keeper.  Only then can the goods enter the economy.
interview 07.04.2016

If you can appreciate how long that might take – that is currently eight days on average – think about what happens when you have other controlled goods in your shipment, requiring additional visits to OGAS, and possible offload inspections at the port or inland.  It’s no wonder the release time sits at around eight days!  I have a strong belief this is where all the time savings are.  We are automating much of this process in the ESW and will reduce the redundancy of tasks and visits to Customs and OGAs.

The solution to an ESW is in the workflow and approval process.  It’s not about scanning paper permits to attach to a declaration.  The solution is about interoperability.  I’m excited about this.  Just think about reducing a release time from eight days to a number of hours.  That will be quite the story to tell!

Great! Let’s be soon in touch about writing a joint journal paper on this highly topical project. Thanks Chris for the interview, Juha.

We should!  It’s an important topic for the community of WCO and WTO members, donor agencies etc.  Talk soon.

 

SUPPLY CHAIN SECURITY – DHS Could Improve Cargo Security by Periodically Assessing Risks from Foreign Ports, GAO, September 2013 (CORE1007)

/0 Comments/in , , , , , , , , , , , , , , , , , /by

Summary: This GAO report reviews maritime supply chain security programs that the Department of Homeland Security and its component agencies – mainly the Customs and Border Protection (CBP) and the Coast Guard – have implemented since 2001. The report examines (1) the extent to which DHS has assessed risk levels of foreign ports and allocated security resources accordingly and (2) activities DHS has taken to monitor and improve efficiency and effectiveness of its security initiatives. Drawing on numerous interviews of key stakeholders and examination of key documents, the report recommends CBP to consider expansion of its Container Security Initiative (CSI) into new ports based on a periodic risk assessment of foreign ports. The report also highlights opportunities for further harmonization of the US maritime security initiatives with their foreign counterparts through mutual recognition agreements. Since this report contains fundamental information about the US maritime security programs, many CORE work packages are likely to benefit from the insights this report provides. Especially, the demonstrations, which involve ocean shipping, as well as the risk cluster, can use this information to support and guide their work. The document is available for download at: http://www.gao.gov/assets/660/657893.pdf (accessed 13.3.2016)

[s2If is_user_logged_in()]

Full review: The report provides a comprehensive outlook on the US maritime supply chain security initiatives that the DHS and its component agencies – mainly CBP and Coast Guard – have implemented since 2001. The report features some interesting figures that map the security initiatives on the global supply chain and that illustrate current solutions the US government employs to screen and examine US-bound shipping containers. The CORE’s demonstrations that involve maritime shipping are likely to benefit from the information this report provides. Also the risk cluster can use the information, and especially the mapping of the US maritime security initiatives over the global supply chain, to design risk-based, layered approaches to maritime supply chain security. The education cluster can also reuse the contents of this report to produce relevant and informative training material for various supply chain stakeholders that are involved in the seaborne trade and logistics.

Cross-references:

  • Maritime Security: Progress and Challenges 10 Years after the Maritime Transportation Security Act. GAO-12-1009T. Washington, D.C.: September 11, 2012.
  • Supply Chain Security: Container Security Programs Have Matured, but Uncertainty Persists over the Future of 100 Percent Scanning. GAO-12-422T. Washington, D.C.: February 7, 2012.
  • Homeland Security: DHS Could Strengthen Acquisitions and Development of New Technologies. GAO-11-829T. Washington, D.C.: July 15, 2011.
  • Maritime Security: Responses to Questions for the Record. GAO-11-140R. Washington, D.C.: October 22, 2010.
  • Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended. GAO-10-887. Washington, D.C.: September 29, 2010.
  • Supply Chain Security: CBP Has Made Progress in Assisting the Trade Industry in Implementing the New Importer Security Filing Requirements, but Some Challenges Remain. GAO-10-841. Washington, D.C.: September 10, 2010.

Additional keywords: Mutual recognition, Customs-trade partnership against Terrorism (C-TPAT), Container Security Initiative (CSI), maritime security, counter-terrorism

CORE1007

[/s2If]

SUPPLY CHAIN SECURITY – Container Security Programs Have Matured, but Uncertainty Persists over the Future of 100 Percent Scanning, GAO, February 2012 (CORE1005)

/0 Comments/in , , , , , , , , , , , , , , , /by

Summary: This GAO document analyses the progress and challenges of the US maritime supply chain security initiatives. The document puts a special emphasis on (1) the advance cargo information (ACI) schemes that enable the US Customs and Border Protection (CBP) to assess risk levels of US-bound cargo containers, (2) technologies to track, monitor and screen the shipping containers for weapons of mass destruction (WMD) and other contraband, and (3) to evaluate the progress towards the 100-percent scanning of the US-bound containerized cargo. As the overarching theme, the report addresses the current state of the partnerships the component agencies of the Department of Homeland Security (DHS) have been fostering with the private sector and foreign governments. Besides the demonstrations, which deal with the US-related maritime logistics, the CORE’s risk and educational clusters can benefit from the insight and information this report offers. The document is available for download at: http://www.gao.gov/assets/590/588253.pdf (accessed 12.3.2016)

[s2If is_user_logged_in()]

Full review: This report provides a general outlook on the US maritime supply chain security initiatives, but the contents of this document largely overlaps with other, reviewed GAO documents. However, this report offers some fresh perspectives on the US maritime security – particularly the best updates available on the advanced cargo information programs –, and therefore the CORE’s partners, which are engaged in demonstrations on maritime security, might benefit from studying this GAO document. Moreover, the CORE risk, educational and IT clusters might learn from this document how the US Department of Homeland Security (DHS) has implemented its supply chain security philosophy in the maritime context. In particular, the risk cluster may use the description of the US risk-based approach to cargo inspections as a starting point for the related CORE solutions. The IT cluster may learn from the ways how the US government has organized its IT processes and infrastructure that support the maritime security initiatives. Finally, the educational cluster can use the material of this report to produce meaningful training material for CORE’s stakeholders that are engaged in maritime supply chain security.

Cross-references:

  • Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended. GAO-10-887. Washington, D.C.: September 29, 2010.
  • Supply Chain Security: CBP Has Made Progress in Assisting the Trade Industry in Implementing the New Importer Security Filing Requirements, but Some Challenges Remain. GAO-10-841. Washington, D.C.: September 10, 2010.
  • Combating Nuclear Smuggling: Inadequate Communication and Oversight Hampered DHS Efforts to Develop an Advanced Radiography System to Detect Nuclear Materials. GAO-10-1041T. Washington D.C.: September 15, 2010.
  • Supply Chain Security: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers. GAO-10-12. Washington, D.C.: October 30, 2009.
  • Combating Nuclear Smuggling: Lessons Learned from DHS Testing of Advanced Radiation Detection Portal Monitors. GAO-09-804T. Washington, D.C.: June 25, 2009.

Additional keywords: Importer Security Filing (10+2 rule), Advanced Targeting System (ATS), 24-hour rule, 100-percent scanning requirement

CORE1005

[/s2If]

C-TPAT Program Benefits Reference Guide, 2014 (CORE1032)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This guidebook outlines the key elements and benefits of the Customs-Trade Partnership Against Terrorism (C-TPAT) program that is designed to secure global supply chains and to improve United States border security. Document is available at: https://www.cbp.gov/sites/default/files/documents/C-TPAT%20Program%20Benefits%20Guide.pdf (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: C-TPAT partners receive a wide range of benefits listed below:

  • C-TPAT Partners are examined at a considerably lower rate than non-C-TPAT Partners.
  • C-TPAT certified/validated highway carrier Partners are granted expedited border crossing privileges. C-TPAT Partners at many Canada/Mexico land border ports of entry have access to Free and Secure Trade (FAST) Lanes.
  • Some categories of C-TPAT importer Partners are exempt from stratified exams.
  • C-TPAT shipments subject to examination are moved ahead of any non-C-TPAT shipments, to the extent possible.
  • In the event of a significant disruption/delay in cargo processing operations, actions are taken to maintain communication and coordination with C-TPAT Partners for business resumption.
  • C-TPAT Partners’ trade compliance issues are given priority over those issues related to non-C-TPAT Partners.
  • Each C-TPAT Partner is assigned a Supply Chain Security Specialist (SCSS) who coordinates between the C-TPAT Partner and the US Customs and Border Protection agency (CBP). The Specialist also assists the Partner with supply chain security issues.
  • Partners have access to the C-TPAT’s automated Portal system, to communicate with CBP and exchange program related information in a secure manner.
  • C-TPAT Partners are eligible to attend C-TPAT events like the annual Conference and other training seminars organized by the program.
  • C-TPAT importer Partners are eligible to participate in the Importer Self-Assessment (ISA) Program.
  • The Penalty Mitigation benefit is granted to sea carriers for late submission of data required under the Importer Security Filing requirements.
  • C-TPAT members are eligible to participate in other U.S. Government pilot programs, such as the Food and Drug Administration’s Secure Supply Chain program.

In addition, some benefits are associated with Mutual Recognition Arrangements (MRAs) when two customs authorities formally acknowledge the security requirements or standards of one program, as being equivalent to the other program. Some of the resulting benefits to the trade community are illustrated below:

  • C-TPAT importer Partners that also conduct export operations and Partners of the foreign Customs Administration programs (manufacturers and exporters of record) are granted a reduction in their overall cargo risk score, implying fewer examinations at export and import ports.
  • A C-TPAT validation for an overseas partner is not required if an MRA is in place because CBP recognizes the status of the Partner in the foreign partnership program.
  • Companies covered by MRAs need only to comply with a common set of security requirements, avoiding the hassle of following multiple sets of requirements from one partnership program to another.
  • MRAs lead to more transparency in international commerce. Mutual exchange of information between these partners facilitates trade across Mutual Recognition Partner nations.

CORE1032

[/s2If]

C-TPAT Best Practices Catalog Addendum, 2009 (CORE1031)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This addendum document lists cargo security best practices with focus on prevention of weapons of mass effect, terrorists, and/or contraband from infiltrating into the international supply chain. Each best practice is linked to a specific business entity, such as a Manufacturing Company, a Highway Carrier, an Importer or a Foreign Consolidator but these may apply to other business types as well. The document is available at: https://www.cbp.gov/sites/default/files/documents/ctpat_bpa_2009_0.pdf (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The best practices are outlined as follows:

Risk assessment: Programs are in place to enable the identification of the most vulnerable supply chain areas, to grade suppliers supply chain security criteria. Specific processes have been developed to manage the supplier’s products, software and services and internal monitoring systems to enhance the safety and security procedures.

Business partner requirements: Several security measures have been taken by entities. These include conducting supply chain security audits to ensure compliance of non-C-TPAT business partners; carrying out security audits of a foreign manufacturer; making security self-assessments, conducting onsite inspections to ensure freight security; shipping cargo only through accredited ports and steamship lines; monitoring compliance of manufacturing facilities; screening procurements to identify ineligible status of suppliers, and performing audits of business partners.

Conveyance/Container/Trailer Security: Examples of such security practices are: integrating special security features in the GPS (global positioning system); using laser beams to protect trailers; using colour codes for matching consignments; installing infrared sensors in docks to prevent unauthorized access; using special codes to identify correct shipments; documenting all seal changes for shipments in transit; ensuring delivery by authorized Company drivers; sealing containers; operating through C-TPAT carriers; using only “seaworthy” containers; installing in-transit temperature data sensors to ensure product quality; enclosing container storage area; conducting non-intrusive inspection prior to loading a vessel; establishing specific inspection points; using multiple security devices on each container; using automated container yards; instructing foreign suppliers to provide inspection checklists; using dock locking arms for container storage; installing motion sensors in a trailer; operating through contracted highway carriers and security services; documenting a seal destruction policy, and so forth.

Physical Access Controls: Some practices by Importers include establishing multiple security stations within the building; using metal detectors for employees; installing an electronic swipe card/ lock box systems for access control for sensitive documents; conducting electronic scanning of visitors’ drivers licenses; utilizing a third-party software system to manage key inventory; and providing panic buttons for company employees.

Physical Security: Several innovative solutions have been designed to ensure physical security, such as electronically closing gates and activating tire puncturing devices to prevent vehicle exits; using an electronic security information reporting system, installing invisible electronic fences; installing laser sensors; setting up optical light beams to detect intruders; fitting double locks on doors; Installing infrared sensors on fences; using body alarm functions for emergencies; appointing patrolling guards, using multiple glass meeting rooms; using multiple interior infrared security alarm beams to detect unauthorized access; and installing security guard view towers.

Personnel Security: An Importer requires business partners to provide a monthly master list of employees and immediately notify when their employees are hired or terminated, in order to ensure that only authorized business partner’s employees enter the manufacturing facilities.

Security Training/Threat Awareness/Outreach: Business entities have invested in a wide range of training programs. One such initiative is the four-tier C-TPAT training targeted for management and supervisors, shipping and receiving personnel, internal personnel dealing with contractors and hourly staff. Other businesses use different approaches, like establishing an online training portal;; offering general security training and of site-specific training for security guards; issuing security advisories; making regular security awareness assessments; establishing a situation matrix chart to address possible incidents; establishing a direct communication channel between the president of the company and employees; putting in place a toll free hotline for company personnel; conducting security drills and exercises; establishing a web-based security awareness training; documenting security incidents in a central database; and establishing a global communication system to contact all employees and contractors remotely.

Procedural Security: Instances of this type of security measures include a bio-thermal intrusion alarm system; a global SAP network to generate all written orders for import and export; automatic screening procedures of purchase orders for restricted parties; lock boxes for sensitive documentation; an automated loading module called the Automatic Truck Loading System (ATLS); a container seal number as the shipment tracking (invoice/bill of lading) number, and so forth.

Information Technology (IT) Security: Such security practices include a biometric fingerprint door lock; a remote data backup center; a retina scanning system for access to the computer system; requiring supervisory approval to copy data; use of electronic password protected purchase orders; establishing a daily “e-test” for employees to access computers, and so forth.

CORE1031

[/s2If]

CEN Supply Chain Security — Good Practice Guide for Small and Medium Sized Operators, 2012 (CORE1030)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This is a guidance document for small and medium sized enterprises, SMEs. on how to apply a supply chain security approach to their operations in order to mitigate the risk of criminal activities. It gives an overview of the main crime types occurring in the supply chain along with some countermeasures, as well as the supply chain security initiatives, and the compliance requirements thereof. The document is available for purchase e.g. at:   http://shop.bsigroup.com/ProductDetail/?pid=000000000030258778  (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The recommended supply chain strategy rests on a six-step approach. The first step is to define a context for the supply chain, crime prevention and security management activities taking into consideration the security sensitiveness, the geography and transport modes, and the main stakeholders involved in the supply chain operation. The second step is to make a threat and vulnerability analysis with regard to terrorist and other criminal threats in the supply chain. The main criteria included are the gaps existing in enhanced security, the high-risk crime types, and the potential consequences of crime occurrences. The third step covers the regulatory framework, the major aspects being the regulations and programs required for successful business operations, expectations of customers and suppliers, requirements laid down by insurance providers, and relevant government authorities. The fourth step refers to an overall security plan, taking into account the physical security, data security, human resources security (including selection, training, and exit procedures), business partner security (including selection, and auditing), and process control and monitoring of deviations. The fifth step involves implementing into practice concrete security measures, investment in technologies, procurement of services, in-house solutions and so forth. The final step is to monitor and measure the security performance and take appropriate corrective actions.

Five supply chain crime types have been elucidated in this guide. These include:  Property theft (cargo theft, intellectual property breaches); targeted damage (terrorism, sabotage); cross-border duty and tax fraud; illegitimate transporting, exporting and/or importing (smuggling of prohibited and restricted goods, people smuggling); and crime facilitation (document forgery, bogus companies, cybercrime). For each crime type, the main focus should be on the issue (main features and typical sectors/products involved), scope of the problem and actions to mitigate risks.

This guidebook has chosen eight security initiatives for illustration purposes. It explains the context of each initiative, whom it is meant for, and some basic requirements and the implications. These are as follows:

  • Import Control System (ICS) in the EU (a systems tool meant for the lodging and processing of Entry Summary Declarations, and for the exchange of messages across national customs agencies, economic operators and the European Commission).
  • Export Control System (ECS) in the EU (introduces EU procedures to computerize and control indirect exports and to implement the EU safety and security regulations);
  • Maritime Security Legislation, International Ship and Port Facility Security (ISPS) Code in the EU (International regulations to ensure the security of maritime transportation are being issued by the International Maritime Organization, IMO, in the International Ship and Port Facility Security Code);
  • Aviation Security Legislation, Air Cargo Supply Chains in the EU (three categories of aviation security legislation exist in the EU- Framework regulation, supplementing regulations, and implementing regulations-all targeted towards civil aviation security).
  • European Union Authorized Economic Operator, EU AEO (operators involved in international trade of goods certified as complying with WCO or equivalent supply chain security standards);
  • Regulated agent, Known consignor and Account consignor in the EU (Specific “trusted trader” status existing in the European air cargo supply chains);
  • ISO 28000 Series of Standards on Supply Chain Security Management Systems (address potential security issues at all stages of the supply process, e.g. terrorism, fraud and piracy);
  • Transported Asset Protection Association (TAPA) in Europe (fighting cargo crime using real-time intelligence and the latest preventative measures).

CORE1030

[/s2If]

Professor Guido Palazzo on illicit waste supply chains

/0 Comments/in , , , , , , , , , , , , , , /by

Today we interview Professor Guido Palazzo on illicit waste supply chains.

Hi Guido, and thanks for joining a CBRA Interview – can you first tell a bit who are you and what you do?

I am a Professor of Business Ethics at the University of Lausanne since 2003. In my research I focus on the dark side of the force. I examine human rights problems in global supply chains, the driving forces of unethical decision making in organizations and the interface of business and organized crime. In the early 2000s, when I started with my research, business ethics was largely marginalized and perceived as rather irrelevant for both business schools and companies. This has changed dramatically in recent years. Ethical questions have moved center stage.

One of your research project focuses on illicit waste supply chains, particularly in Italy. How bad is the situation there?

Since 25 years, organized crime, in particular Camorra and Ndrangheta are involved in the business of toxic waste recycling. This business is ideal from the perspective of a Mafia organization: Legal risks are negligible and profits are huge. Operating with straw firms they offer their services across Europe up to 90% below the prices of their legal competitors. Obviously, they do not really recycle the waste but simply dump it in South Italy mainly in Campania province, but also in Africa and Eastern Europe. We are talking here about slag and chemicals and tire and other forms of waste from hospitals, garment industry, chemical industry, nuclear industry and so on. The waste includes toxins like cyanide, dioxin, asbestos, chlorines and includes also nuclear waste. Since 25 years, millions of cubic meters of such waste have been dumped in a region which the Romans once called Campania Felix for its fruitful soil. Billions of Euros of profit have been made and laundered by banks in Zurich, London and New York. And the most amazing think is that until recently, this destruction of one of the most beautiful regions of Italy occurred in complete silence. Now, toxins have arrived at the ground water and cancer rates of people living around the waste dumps explode.

Sad and interesting – at the same time – to hear about this… If I recall correctly, I gave you couple of months ago a copy of the FP7-CWIT project´s final report – with recommendations and a tangible roadmap to better mitigate risks of illegal activities in electronic waste… Do you foresee opportunities for similar research projects in the field of toxic waste trade, supply chains and logistics?

We do indeed need a similar research project in order to better understand the journey of illegal waste through Europe and the critical points in the supply chain of toxic waste recycling where organized crime interferes. We need public awareness for the urgency of the problem, develop a better regulatory governance around waste recycling and impose a compliance system on companies so that the existing silent collusion can be stopped.

Thanks Guido for this enlightening interview; and let´s start working together – as UNIL, CBRA and other partners – towards future research funding & project, on this crucial environmental and human health protection topic!

SUPPLY CHAIN SECURITY – Examinations of High- Risk Cargo at Foreign Seaports Have Increased, but Improved Data Collection and Performance Measures Are Needed, GAO, January 2008 (CORE1010)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This report reviews the progress that the US Customs and Border Protection (CBP) has made with the Container Security Initiative (CSI) – a program for screening US-bound high-risk shipping containers in foreign ports with X-ray and radiation detection solutions – since the latest 2005 GAO review. The report discusses how the CBP’s CSI efforts have (1) contributed to the long-term, strategic planning on the US supply chain security, (2) strengthened CSI activities worldwide and (3) established means to evaluate performance of the CSI activities. The report recommends CBP to develop its data collection practices that are related to the CSI team performance and the host government’s inspections of the US-bound containers. This report provides relevant information for CORE demonstrations that deal with US-bound maritime logistics and commerce. Also the risk cluster might benefit from the descriptions of the US risk-based supply chain security scheme – Automated Targeting System (AST), 24-hour rule and the importer security filing 10+2 – that the report elaborates in detail. The report is available at http://www.gao.gov/new.items/d08187.pdf.

[s2If is_user_logged_in()]

Full review: This GAO report elaborates the status and challenges of the US Container Security Initiative, but it also provides a comprehensive outlook on the US maritime supply chain security. This information is likely to be relevant for the CORE’s demonstrations (WP9 and WP14) that deal with US-bound container traffic. The report is a good reference document for those CORE work packages that seek to describe the state-of-the-art of the global supply chain and that are producing relevant training material on supply chain security. The CORE’s risk and IT clusters benefit from the information the report offers on risk-based security solutions that use advance cargo information to calculate risk scores for US-bound shipments by the aid of automatic risk assessment algorithms.

Cross-references:

  • Preventing Nuclear Smuggling: DOE Has Made Limited Progress in Installing Radiation Detection Equipment at Highest Priority Foreign Seaports. GAO-05-375. Washington, D.C.: March 31, 2005.
  • Homeland Security: Process for Reporting Lessons Learned from Seaport Exercises Needs Further Attention. GAO-05-170. Washington, D.C.: January 14, 2005.
  • Port Security: Better Planning Needed to Develop and Operate Maritime Worker Identification Card Program. GAO-05-106. Washington, D.C.: December 10, 2004.
  • Maritime Security: Substantial Work Remains to Translate New Planning Requirements into Effective Port Security. GAO-04-838. Washington, D.C.: June 30, 2004.
  • Homeland Security: Summary of Challenges Faced in Targeting Oceangoing Cargo Containers for Inspection. GAO-04-557T. Washington, D.C.: March 31, 2004.
  • Container Security: Expansion of Key Customs Programs Will Require Greater Attention to Critical Success Factors. GAO-03-770. Washington, D.C.: July 25, 2003.

Additional keywords: Container Security Initiative (CSI), counter-terrorism, homeland security, maritime supply chain security

CORE1010

[/s2If]

MARITIME SECURITY – DHS Could Benefit from Tracking Progress in Implementing the Small Vessel Security Strategy, GAO, October 2013 (CORE1016)

/0 Comments/in , , , , , , , , , , , , , , , , , , /by

Summary: This GAO report reviews current activities the Department of Homeland Security, its component agencies and its stakeholders are doing to protect the US-centric seaborne trade and logistics from threats arising from small vessels. The report argues that the small vessels pose two “great threats” to the US maritime system: (1) explosive-laden small vessels can be used to ram into maritime structures or (2) the small vessels can be used as vehicles for transporting tools, weapons and tools for terrorism into the US. The GAO report highlights that DHS has its Small Vessel Security Strategy (SVSS), but the organization is not monitoring the progress its component agencies are doing in meeting its objectives. This report focuses mainly on security initiatives that affect navigation of small vessels at the US territorial waters and ports and operations of the US coastal guards and customs. Although US-based maritime logistics operations benefit from the increased security the small vessel security initiatives likely bring, they can continue their business as usual. Therefore, the CORE’s early work packages can use this report’s information to define the context of the global supply chain security, the CORE demonstrations do not need much attention to the small vessel security initiatives or this GAO report. The report is available at: http://gao.gov/assets/660/658703.pdf

[s2If is_user_logged_in()]

Full review: This report provides interesting background information about the US government’s efforts to secure their domestic maritime logistics and transportation from the threat of small vessels that navigate largely anonymously and unregulated. The document might be useful for the CORE early work packages that describe the context of the global supply chain security. It is however unlikely that the demonstrators would need to pay much attention to the US small vessel security initiatives because the legal requirements of the initiatives do not affect the operations of large commercial vessels, which carry most of the world’s seaborne cargo. Of course the small vessel security initiatives also affect the way the component agencies of DHS operate, but because CORE does not involve these agencies directly, in CORE, there is no need to put much effort on understanding technicalities of the small vessel security initiatives. Finally, the CORE’s clusters on education and training as well as risk management might anyhow consider the information of this GAO report relevant.

Cross-references:

  • Critical Infrastructure Protection: An Implementation Strategy Could Advance DHS’s Coordination of Resilience Efforts across Ports and Other Infrastructure. GAO-13-11. Washington, D.C.: October 25, 2012.
  • Supply Chain Security: CBP Needs to Conduct Regular Assessments of Its Cargo Targeting System. GAO-13-9. Washington, D.C.: October 25, 2012.
  • Maritime Security: Progress Made but Further Actions Needed to Secure the Maritime Energy Supply. GAO-11-883T. Washington, D.C.: August 24, 2011.
  • Supply Chain Security: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers. GAO-10-12. Washington, D.C.: October 30, 2009.

CORE1016

Additional keywords: Maritime security, small vessel security, terrorism, smuggling

[/s2If]