On July 9, 2014, U.S. Customs and Border Protection (CBP) released the eligibility requirements and security criteria for its expanded Customs-Trade Partnership Against Terrorism (C-TPAT) program. CBP is expanding C-TPAT to exporters as part of its effort to create an authorized economic operator-type program similar to those maintained by customs authorities of some of our largest trading partners, including Europe and Japan.
CBP initially presented a draft of the criteria to the Trusted Trader Subcommittee of the Advisory Committee on Commercial Operations of CBP (COAC) in September 2013. The subcommittee responded to the draft with more than 125 substantive comments and observations. CBP incorporated nearly all of those comments into a final document that the subcommittee has agreed to support. During its May 22, 2014 meeting, COAC recommended CBP release the eligibility requirements and security criteria within 60 days, and CBP has just met that deadline.
On its website, CBP explains that entities that wish to participate in the C-TPAT Exporter program must meet the program’s definition of an “exporter” and other eligibility requirements. CBP defines an exporter as a “person or company who, as the principal party in interest in the export transaction, has the power and responsibility for determining and controlling the sending of the items out of the United States.” It is important to note that this is the definition of “exporter” from the Export Administration Regulations and is not the U.S. Principal Party in Interest (USPPI) as defined in the Foreign Trade Regulations, which may impact businesses that use routed export structures or otherwise structure their transactions to avoid acting as USPPI. This includes those that buy from U.S. based businesses but then require their supplier to drop ship and export the goods as well as requiring the supplier to act as USPPI.
In addition to meeting this definition of exporter, an entity must also:
- Be an active U.S. exporter out of the United States;
- Have a business office staffed in the United States;
- Have a documentable Employee Identification Number (EIN) or Dun & Bradstreet (DUNS) number;
- Have a documented export security program and a designated officer or manager who will act as the C-TPAT program main point of contact (with an alternate point of contact should the designated person be unavailable);
- Commit to maintaining the C-TPAT supply chain security criteria as outlined in the C-TPAT Exporter agreement;
- Create and provide CBP with a C-TPAT supply chain security profile that identifies how the exporter will meet, maintain, and enhance internal policy to meet the C-TPAT Exporter security criteria; and
- Have an acceptable level of compliance for export reporting for the latest 12-month period and be in good standing with U.S. regulatory bodies.
Additionally, CBP outlines the minimum security requirements entities must have in place in order to participate, beginning with a requirement that exporters conduct a comprehensive risk assessment of their international supply chain and work with any outsourced or contracted elements of the supply chain to ensure effective security measures are in place. The remaining security requirements address security procedures, point of origin concerns participation/certification in foreign customs administrations’ supply chain security programs, container security, inspections, and seals, conveyance tracking and monitoring procedures, physical access controls, export training, and personnel, procedural, physical, and information technology security.
One security requirement that would appear to be problematic in implementation is a requirement with respect to the selection and screening of business partners. The current draft states that “where applicable, these processes must include checks against the Department of Commerce/Bureau of Industry and Security (BIS), Department of State/Directorate of Defense Trade Controls (DDTC), and Department of Treasury/Office of Foreign Assets Control (OFAC) lists. Entities on prohibited lists should be reported to the SCSS [Supply Chain Security Specialist] and relevant authority within 24 hours prior to departure.” While denied party screening of business partners is certainly recommended, it is not currently required under law or regulation, and those businesses that do perform denied parties screening do not necessarily do so in connection with every transaction but may perform screens on a more periodic basis, such as monthly screening. Further, the restrictions applicable to various lists may differ. Therefore, the fact that a business partner may be identified on one denial list does not mean that that party is prohibited from engaging in any export transaction with a U.S. person.
CBP has not yet announced when the program will officially be open to exporters. It also remains to be seen if and how the program will be incorporated with CBP’s new Trusted Trader Pilot program. It appears, however, that this draft may be yet another step in increasing CBP enforcement of export regulations that the agency does not fully understand.
Although CBP has not announced an official comment period for this release, we understand that CBP is informally accepting comments.