New York — January 8, 2008 — The United States' Customs-Trade Partnership Against Terrorism (C-TPAT) security program will soon enter its fifth year. Introduced by the Customs Border & Protection Agency (CBP) in 2002 as a result of 9/11, the program is a voluntary trade security initiative that partners the import community with CBP in an effort to secure the global supply chain. Its main objective is to encourage supply chain security practices among U.S. importers thereby resulting in a more secure U.S. border. C-TPAT is the largest partnership ever introduced between industry and government.
The program continues to grow and add "teeth" to its mission. In 2005, minimum requirements were established by CBP based on practices that appeared to be prevalent throughout the trading community of companies who submitted their applications pre-2005. In 2006, the SAFE Port Act codified the C-TPAT program.
In addition, C-TPAT is going to become even more important with the strategic framework for Import Safety that was recently released by The President. The Import Safety model will include a voluntary (in most instances) security certification process that will probably be integrated into the C-TPAT certification program. As this program becomes formalized, all types and sizes of importers are asking themselves — is C-TPAT necessary for my business's viability? The quick answer — probably yes.
Global Supply Chains are Vulnerable
C-TPAT's high-level objective is to identify and correct vulnerabilities within the global supply chain that could be leveraged for terrorist purposes, such as the compromise of containers, railcars, trucks and trailers inbound to the United States. Obvious vulnerabilities include the use of these transportation methods to smuggle weapons and drugs to finance terrorism, support undocumented entry (i.e. human trafficking) and transport chemical, nuclear, biologic or radiological weapons. Less obvious vulnerabilities include the illegal movement of money to provide financial support for military operations. Regardless of the method, general sabotage will disrupt goods flowing into and out of the United States, thereby negatively impacting the U.S. economy and the economies of major trading partners.
Supply chain security has truly become a global issue. C-TPAT is no longer a lone wolf. The European Union has launched its Authorized Economic Operator initiative that aims to secure inbound physical and financial supply chains. In addition, there are various country-specific initiatives being launched in Asia to monitor the security of how goods are being transported into various nations.
As C-TPAT adds new policies and procedures it becomes less "voluntary" and more "necessary."
Voluntary Morphs into Necessary
C-TPAT has been purposely established as a voluntary program. The general reason is CBP's acknowledgement that one security program will not suit all businesses — one glove does not fit all hands. Each company is different based on its product and industry. In addition, it has been the opinion of CBP that a customer has greater power than promulgated regulation to enforce security standards in its supply chain, namely service providers and vendors, making it more effective overall. The intent of the program is to push the C-TPAT security guidelines down throughout the supply chain. This includes, but is not limited to, customs brokers, freight forwarders, carriers (all modes) and suppliers.
Initial supporters of the program were large-scale importers, typically in the retail space. They viewed the program as a way to help speed their goods through customs — critical for a supply chain with seasonal spikes or just-in-time inventory strategies. These organizations have weighed the pros and cons of the program and decided that the benefits outweighed the costs to join C-TPAT. Unfortunately, the buck doesn't stop there.
Small and mid-market enterprises are being drawn into C-TPAT regulation due to their relationships with C-TPAT participants. A major criterion of the C-TPAT program is that the participant must have procedures in place requiring their business partners to demonstrate how they are meeting the C-TPAT security requirement either through contractual obligations, a written statement, a security survey or participation in an equivalent World Customs Organization accredited security program. Therefore, customs brokers, freight forwarders, carriers and suppliers must detail how their own operations support their customers' (the "Big Guy") C-TPAT requirements. So, how is C-TPAT voluntary? These "Little Guys" rely on their supplier relationships with the "Big Guy." If they can't support C-TPAT requirements, the "Little Guy" is at risk of losing business.
C-TPAT and the "Little Guy"
As a supplier to large-scale importers, smaller firms are finding that C-TPAT participation is becoming critical to their business's viability. It is becoming a common occurrence that, as part of a vendor/supplier selection process, C-TPAT participants are requiring that their suppliers become C-TPAT certified or have an equivalent security program in place. Remember, C-TPAT certification is not mandatory. However, the C-TPAT participant must assess its own risk exposure by continuing to do business with a vendor lacking security measures. The obligation remains with the C-TPAT participant to ensure that the supplier poses minimal risk to its global supply chain. As a result, many smaller companies are creating their own security criteria above and beyond the C-TPAT requirement in a bid to maintain or win additional business with large-scale importers. This is exactly what CBP wanted, as a customer's relationship with its supplier is much more powerful than government regulation.
What Should You Do?
Is C-TPAT really a voluntary program? In the eyes of CBP, yes, it is, and chances are that it will remain a voluntary program. However, as a supplier, you may not have a choice if you wish to continue your existing business relationships with C-TPAT participants. In addition, you may be forced to join C-TPAT if your business happens to be one of those companies that will be affected by the Import Safety Plan, which requires a safety program be put in place to address global supply chain security.
Becoming a C-TPAT registrant may not be as cumbersome as you think. For that reason, it is suggested that all businesses perform a C-TPAT security assessment to understand the pros and cons of joining the program. A typical assessment should identify the security gaps that need to be addressed and will provide insight into how to develop, validate and maintain a security program utilizing existing operational processes.
About the Author: Karin Muller is a U.S. and Canadian Certified Customs Specialist within the Trade Management Consulting practice at JPMorgan. She has more than 30 years of extensive experience in import and export trade-related issues with various industry and service sectors. She has assisted many importers in their analysis and subsequent preparation for global trade security program certifications and validations including C-TPAT, PIP and more recently AEO. www.jpmorganchase.com/trade.