CBC Customhouse Brokers, Inc.

C-TPAT  (Customs-Trade Partnership Against Terrorism) provides strict rules for international shippers.  C-TPAT is a partnership between U.S. Customs and Border Protection and the International Trade community.  This is a voluntary program. CBC has been a validated member of C-TPAT since 2002.

Below are 29 questions that all importers should have the answers to.  If you have any difficulty answering these questions your international supply chain is at risk.  CBC Customhouse Brokers has been encouraging our customers to join C-TPAT and is knowledgeable in getting these answers.  Please contact CBC for professional assistance with C-TPAT regulations

1. Business Partner Requirements

   Importers must have written and verifiable processes for the selection of business partners including manufacturers, product suppliers and vendors. For those business partners eligible for C-TPAT certification (carriers, ports, terminals, brokers, consolidators, etc.) the importer must have documentation (e.g., C-TPAT certificate, SVI number, etc.) indicating whether these business partners are or are not C-TPAT certified. For those business partners not eligible for C-TPAT certification, importers must require their business partners to demonstrate that they are meeting C-TPAT security criteria via written/electronic confirmation (e.g., contractual obligations; via a letter from a senior business partner officer attesting to compliance; a written statement from the business partner demonstrating their compliance with C-TPAT security criteria or an equivalent WCO accredited security program administered by a foreign customs authority; or, by providing a completed importer security questionnaire).Based upon a documented risk assessment process, non-C-TPAT eligible business partners must be subject to verification of compliance with C-TPAT security criteria by the importer.
   What are your written and verifiable criteria for selecting overseas and domestic business partners?

2. Security Procedure, Point of Origin

   Importers must ensure business partners develop security processes and procedures consistent with the C-TPAT security criteria to enhance the integrity of the shipment at point of origin. Periodic reviews of business partners’ processes and facilities should be conducted based on risk, and should maintain the security standards required by the importer.
   What processes / procedures do you follow to ensure that your overseas suppliers maintain security standards consistent with C-TPAT criteria?

3. Security Procedure, Participation / Certification in Foreign Customs Administrations Supply Chain Security Programs

   Current or prospective business partners who have obtained a certification in a supply chain security program being administered by foreign Customs Administration should be required to indicate their status of participation to the importer.
   Do any of your overseas business partners currently participate in a foreign Customs Administration security program?

4. Security Procedure, Other internal criteria for selection

   The importer as needed, should address internal requirements, such as financial soundness, capability of meeting contractual security requirements, and the ability to identify and correct security deficiencies. Internal requirements should be assessed against a risk-based process as determined by an internal management team.
   What additional Internal requirements does your company apply when selecting a business partner?

5. Container Security, General

   Container integrity must be maintained to protect against the introduction of unauthorized material and/or persons. At point of stuffing, procedures must be in place to properly seal and maintain the integrity of the shipping containers. A high security seal must be affixed to all loaded containers bound for the U.S. All seals must meet or exceed the current PAS ISO 17712 standards for high security seals.
   What type of Security Seals do your suppliers issue? Do you supply the seals to your overseas suppliers?

6. Container Security, Container Inspection

   Procedures must be in place to verify the physical integrity of the container structure prior to stuffing, to include the reliability of the locking mechanisms of the doors. A seven-point inspection process is recommended for all containers: Front wall, Left side, Right side, Floor,Ceiling/Roof, Inside/outside doors, Outside/Undercarriage
   What  procedures do your suppliers apply to insure the physical integrity of the containers loaded?

7. Container Security, Container Seals

   Written procedures must stipulate how seals are to be controlled and affixed to loaded containers - to include procedures for recognizing and reporting compromised seals and/or containers to US Customs and Border Protection or the appropriate foreign authority. Only designated employees should distribute container seals for integrity purposes.
   Please state what your procedures are for issuing seals.

8. Container Security, Container Storage

   Containers must be stored in a secure area to prevent unauthorized access and/or manipulation. Procedures must be in place for reporting and neutralizing unauthorized entry into containers or container storage areas.
   What are your current security measures for container storage?

9. Physical Access Controls, Employees

   An employee identification system must be in place for positive identification and access control purposes. Employees should only be given access to those secure areas needed for the performance of their duties. Company management or security personnel must adequately control the issuance and removal of employee, visitor and vendor identification badges. Procedures for the issuance, removal and changing of access devices (e.g. keys, key cards, etc.) must be documented.
   What procedures do you currently have in place to address employee identification?

10. Physical Access Controls, Visitor Controls

    Visitors must present photo identification for documentation purposes upon arrival. All visitors should be escorted and visibly display temporary identification.
    What are your current visitor controls?

11. Physical Access Controls, Deliveries (including mail)

    Proper vendor ID and/or photo identification must be presented for documentation purposes upon arrival by all vendors. Arriving packages and mail should be periodically screened before being disseminated.
    What are your current procedures for delivery of mail, Packages, and freight?

12. Physical Access Controls, Challenging and
    Removing Unauthorized Persons

    Procedures must be in place to identify, challenge and address unauthorized/unidentified persons.
    What are your current written and verifiable procedures for dealing with unauthorized persons?

13. Personnel Security, Pre-Employment Verification

    Application information, such as employment history and references must be verified prior to employment.
    What are your current pre-employment verification procedures?

14. Personnel Security, Background Checks / Investigations

    Consistent with foreign, federal, state, and local regulations, background checks and investigations should be conducted for prospective employees. Once employed, periodic checks and reinvestigations should be performed based on cause, and/or the sensitivity of the employee’s position.
    How often do you perform background checks on prospective and current employees?

15. Personnel Security, Personnel Termination Procedures

    Companies must have procedures in place to remove identification, facility, and system access for terminated employees.
    What are your written and verifiable procedures for termination of employees?

16. Procedural Security, Documentation Processing
    
    Procedures must be in place to ensure that all information used in the clearing of merchandise/cargo, is legible, complete, accurate, and protected against the exchange, loss or introduction of erroneous information. Documentation control must include safeguarding computer access and information.
    What are your written and verifiable procedures for processing commercial documentation for international transactions?
    
    

17. Procedural Security, Manifesting Procedures

    To help ensure the integrity of cargo received from abroad, procedures must be in place to ensure that information received from business partners is reported accurately and timely.
    What are your written and verifiable procedures for transmitting information concerning commercial transactions from an overseas supplier?

18. Procedural Security, Shipping & Receiving

    Arriving cargo should be reconciled against information on the cargo manifest. The cargo should be accurately described, and the weights, labels, marks and piece count indicated and verified. Departing cargo should be verified against purchase or delivery orders. Drivers delivering or receiving cargo must be positively identified before cargo is received or released.
    What are your shipping and receiving procedures for incoming freight and out going freight? Please note that there should be two sets of procedures.

19. Procedural Security, Cargo Discrepancies

    All shortages, overages, and other significant discrepancies or anomalies must be resolved and/or investigated appropriately. Customs and/or other appropriate law enforcement agencies must be notified if illegal or suspicious activities are detected - as appropriate.
    What are your written and verifiable procedures for reporting shortages, overages, and all other significant discrepancies? Do you have all reporting parties contact information available for shipping and receiving staff?

20. Security Training and Threat Awareness

    A threat awareness program should be established and maintained by security personnel to recognize and foster awareness of the threat posed by terrorists at each point in the supply chain. Employees must be made aware of the procedures the company has in place to address a situation and how to report it. Additional training should be provided to employees in the shipping and receiving areas, as well as those receiving and opening mail. Additionally, specific training should be offered to assist employees in maintaining cargo integrity, recognizing internal conspiracies, and protecting access controls. These programs should offer incentives for active employee participation.
    How often do you provide threat awareness programs by security staff for your employees? Who provides this program if it is an outside company?

21. Physical Security, Fencing

    Perimeter fencing should enclose the areas around cargo handling and storage facilities. Interior fencing within a cargo handling structure should be used to segregate domestic, international, high value, and hazardous cargo. All fencing must be regularly inspected for integrity and damage.
    Do you segregate freight? If so, what are your written and verifiable procedures for this task?

22. Physical Security, Gates and Gate Houses

    Gates through which vehicles and/or personnel enter or exit must be manned and/or monitored. The number of gates should be kept to the minimum necessary for proper access and safety.
    What are your current exterior security measures in place?

23. Physical Security, Parking

    Private passenger vehicles should be prohibited from parking in or adjacent to cargo handling and storage areas.
    How is your parking lot situated in relation to your shipping and receiving areas?

24. Physical Security, Building Structure

    Buildings must be constructed of materials that resist unlawful entry. The integrity of structures must be maintained by periodic inspection and repair.
    Please describe your current building structure.

25. Physical Security, Locking Devices and Key Controls

    All external and internal windows, gates and fences must be secured with locking devices. Management or security personnel must control the issuance of all locks and keys.
    What type of locks and security measures do you currently employ?

26. Physical Security, Lighting

    Adequate lighting must be provided inside and outside the facility including the following areas: entrances and exits, cargo handling and storage areas, fence lines and parking areas.
    Do you have exterior lighting? If so where is it currently in relation to your building?

27. Physical Security, Alarms Systems & Video Surveillance Cameras

    Alarm systems and video surveillance cameras should be utilized to monitor premises and prevent unauthorized access to cargo handling and storage areas.
    What are your current systems in place?

28. Information Technology Security - Password Protection

    Automated systems must use individually assigned accounts that require a periodic change of password. IT security policies, procedures and standards must be in place and provided to employees in the form of training.

29. Information Technology Security – Accountability

    A system must be in place to identify the abuse of IT including improper access, tampering or the altering of business data. All system violators must be subject to appropriate disciplinary actions for abuse.

Click the links below to view government published C-PAT documents:

• Guide to Program Benefits
• C-TPAT Strategic Plan
• C-TPAT Best Practices guide