Supply Chain Security:

DHS Could Improve Cargo Security by Periodically Assessing Risks from Foreign Ports

GAO-13-764: Published: Sep 16, 2013. Publicly Released: Sep 27, 2013.

Additional Materials:

Contact:

Stephen L. Caldwell
(202) 512-9610
caldwells@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

Department of Homeland Security (DHS) components have developed models to assess the risks of foreign ports and cargo, but not all components have applied risk management principles to assess whether maritime security programs cover the riskiest ports. The U.S. Coast Guard uses its risk model to inform operational decisions for its International Port Security (IPS) program and annually updates its assessment. In contrast, U.S. Customs and Border Protection (CBP) has not regularly assessed ports for risks to cargo under its Container Security Initiative (CSI) program. CBP's selection of the initial 23 CSI ports was primarily based on the volume of U.S.-bound containers, but beginning in 2003, CBP considered more threat information when it expanded the number of CSI ports. CBP has not assessed the risk posed by foreign ports that ship cargo to the United States for its CSI program since 2005. In 2009, CBP developed a model that ranked 356 potential expansion ports for a related program on the basis of risk, but it was never implemented because of budget cuts. By applying CBP's risk model to fiscal year 2012 cargo shipment data, GAO found that CSI did not have a presence at about half of the ports CBP considered high risk, and about one fifth of the existing CSI ports were at lower risk locations. Since the CSI program depends on cooperation from sovereign host countries, there are challenges to implementing CSI in new foreign locations, and CBP's negotiations with other countries have not always succeeded. For example, CBP officials said it is difficult to close CSI ports and open new ports because removing CSI from a country might negatively affect U.S. relations with the host government. However, periodically assessing the risk level of cargo shipped from foreign ports and using the results to inform any future expansion of CSI to additional locations, as well as determine whether changes need to be made to existing CSI ports, would help ensure that CBP is allocating its resources to provide the greatest possible coverage of high-risk cargo to best mitigate the risk of importing weapons of mass destruction (WMD) or other terrorist contraband into the United States through the maritime supply chain.

DHS has taken steps to improve the efficiency and effectiveness of its maritime security programs, but faces host country political and legal constraints. The Coast Guard has implemented a risk-informed model that prioritizes the countries to visit and assist. Also, the Coast Guard and CBP have made arrangements with foreign government entities to mutually recognize inspections of each other's ports and maritime supply chains through the IPS and Customs-Trade Partnership Against Terrorism (C-TPAT) programs. CBP has also utilized technological improvements to target some U.S.-bound cargo shipments remotely from the United States to reduce CSI staff in foreign countries. However, CBP faces political and legal constraints in host countries. For example, according to CBP and government officials in one country, a national law precludes the transmission of electronic scanned images other than to host government Customs officials. As a result, CSI officials must be present at each CSI port in that country to view the scanned images. Further, in some ports, CBP has made efforts to expand the scope of its CSI targeting to include contraband other than WMD, but that is subject to approval by the host governments.

Why GAO Did This Study

Foreign ports and the cargo carried by vessels from these ports are critical to the U.S. economy, but can be exploited by terrorists. Within DHS, CBP and the Coast Guard are responsible for maritime security. Through CSI, CBP identifies and examines U.S.-bound cargo that may conceal WMD, and through C-TPAT, CBP partners with international trade community members to secure the flow of U.S.-bound goods. Under the IPS program, Coast Guard officials visit foreign ports to assess compliance with security standards. GAO was asked to review DHS's maritime security programs. This report addresses (1) the extent to which DHS has assessed the foreign ports that pose the greatest risk to the global supply chain and focused its maritime container security programs to address those risks, and (2) actions DHS has taken to help ensure the efficiency and effectiveness of its maritime security programs. GAO analyzed DHS risk models and maritime security program strategies, met with program officials, and visited six foreign countries selected on the basis of participation in CSI, varied cargo shipment risk levels, and other factors.

What GAO Recommends

GAO recommends that CBP periodically assess the supply chain security risks from foreign ports that ship cargo to the United States and use the results to inform any future expansion of CSI and determine whether changes need to be made to existing CSI ports. DHS concurred with GAO's recommendation.

For more information, contact Stephen Caldwell at (202) 512-9610 or caldwells@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: On September 8, 2015, GAO staff met with CBP officials. The CBP officials told us its Office of Field Operations (OFO) plans to utilize a World Risk Matrix, currently being developed by the CBP Office of Intelligence, for conducting periodic assessments of the supply chain security risks from all ports that ship cargo to the United States. The World Risk Matrix is mostly complete, and OFO is now working with the Office of Intelligence to create a supplemental matrix that incorporates additional information specific to the Container Security Initiative (CSI) program. CBP officials plan to use the supplemental risk matrix as a tool to help inform any future expansion of CSI to additional locations and to help determine if any changes need to be made to existing CSI ports. CBP plans to complete the assessment by the end of March 2016. We will continue to monitor CBP's progress in implementing this recommendation and check in with the CBP liaison again in the spring of 2016.

    Recommendation: To better ensure the effectiveness of the CSI program, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to periodically assess the supply chain security risks from all foreign ports that ship cargo to the United States and use the results of these risk assessments to inform any future expansion of CSI to additional locations.

    Agency Affected: Department of Homeland Security

  2. Status: Open

    Comments: On September 8, 2015, GAO staff met with CBP officials. The CBP officials told us its Office of Field Operations (OFO) plans to utilize a World Risk Matrix, currently being developed by the CBP Office of Intelligence, for conducting periodic assessments of the supply chain security risks from all ports that ship cargo to the United States. The World Risk Matrix is mostly complete, and OFO is now working with the Office of Intelligence to create a supplemental matrix that incorporates additional information specific to the Container Security Initiative (CSI) program. CBP officials plan to use the supplemental risk matrix as a tool to help inform any future expansion of CSI to additional locations and to help determine if any changes need to be made to existing CSI ports. CBP plans to complete the assessment by the end of March 2016. We will continue to monitor CBP's progress in implementing this recommendation and check in with the CBP liaison again in the spring of 2016.

    Recommendation: To better ensure the effectiveness of the CSI program, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to periodically assess the supply chain security risks from all foreign ports that ship cargo to the United States and use the results of these risk assessments to determine whether changes need to be made to existing CSI ports and make adjustments as appropriate and feasible.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Apr 25, 2016

Apr 19, 2016

Apr 15, 2016

Apr 14, 2016

Apr 12, 2016

Mar 31, 2016

Mar 16, 2016

Mar 11, 2016

Mar 10, 2016

Looking for more? Browse all our products here