New Draft C-TPAT Standards

Feb. 22, 2005

On January 7, 2005, Customs issued a third draft of its C-TPAT Security Standards for Importers.  Although relatively minor, the changes may have some impact.  The substance of the draft as a whole, which has not changed much from the second draft, is not addressed here—only the relevant changes.  A discussion of the substance of the second draft, dated November 22, 2004, is provided on the Barnes, Richardson & Colburn website. 

Most prominently, language from the second draft, which could be interpreted as having a more nebulous or even permissive tone, was changed to reflect a need for increasing precision and tightening rules.  For instance, importers no longer must conduct an assessment of their supply chains based on “C-TPAT standards,” but based on “C-TPAT criteria.”  Non-C-TPAT participants are not simply required “to submit a written response to a security questionnaire regarding their current security procedures.”  Under Draft Three, importers must require their non-C-TPAT partners “to demonstrate that they are meeting C-TPAT security criteria via written/electronic confirmation (e.g., contractual obligations; via a letter from a senior business partner officer attesting to compliances; a written statement from the business partner demonstrating their participation in C-TPAT or an equivalent WCO accredited security program administrated by a foreign customs authority; or by providing a completed importer security questionnaire.)” 

Whereas, under Draft Two the importer merely was required to consult the business partner’s questionnaire response, under the third draft, after the business partner has provided the proper documentation, the importer is required to subject the business partner to a C-TPAT verification procedure.  Under Draft Three, importers are also required to ensure that business partners have developed security processes and procedures consistent with the C-TPAT “criteria”, not “standards.”

Customs more clearly refined the language with regard to container storage.  Under the new draft, “All containers, empty or full, must be stored in a secure area to prevent access and/or manipulation.”  (Underlined portion represents amended text).  Importers, in addition to having procedures in place for reporting unauthorized entry into container storage areas, must also have procedures in place to neutralize such intrusions.  This may require new and possibly significant expenditures.

Finally, under Draft Three, all vendors are now required to present proper vendor ID and/or photo identification for documentation purposes.  Additionally, procedures must be put into place to periodically screen incoming packages and mail.

On January 28, 2005, Customs issued Draft Four of the Security Standards for Importers.  Most of the changes therein are stylistic in nature.  A few changes are worth mentioning.  First, the requirement that importers “shall have a documented and verifiable process for determining  risk throughout their supply chains based on their business model” has been removed.  Second, the “point of production” is now referred to as the “point of origin” under Draft Four.  Finally, in Draft Four, Customs removed the Draft Three language cited above regarding container storage: the language, “all” and “empty or full” has been removed.