Supply Chain Security:

U.S. Customs and Border Protection Has Enhanced Its Partnership with Import Trade Sectors, but Challenges Remain in Verifying Security Practices

GAO-08-240: Published: Apr 25, 2008. Publicly Released: May 27, 2008.

Additional Materials:

Contact:

Stephen L. Caldwell
(202) 512-9610
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

U.S. Customs and Border Protection (CBP) is responsible for ensuring the security of cargo containers shipped into the United States. To strike a balance between security and commerce, CBP oversees the Customs-Trade Partnership Against Terrorism, or C-TPAT program. As part of this program, CBP aims to secure the supply chain--the flow of goods from manufacturers to retailers--through partnerships with international trade companies. Member companies agree to allow CBP to validate their security practices and, in exchange, they are awarded benefits, such as reduced scrutiny of their cargo. In 2005, GAO reviewed the C-TPAT program and noted operational challenges. For this report, GAO was asked to assess the progress CBP has made since 2005 in (1) improving its benefit award policies for C-TPAT members, (2) addressing challenges in validating members' security practices, and (3) addressing management and staffing challenges. To perform this work, GAO analyzed a nonprobability sample of completed validations; reviewed annual, human capital, and strategic plans; and held discussions with CBP officials.

CBP has strengthened its policies for granting benefits to importers, C-TPAT's largest member sector, and is working to improve its policies for members in other trade sectors. For example, starting in March 2005, CBP began requiring members in 9 out of the 10 trade sectors to meet minimum security criteria and it plans to finalize criteria for the tenth trade sector by mid-2008. CBP has also introduced a process that awards benefits for C-TPAT importers on a three-tiered basis, depending on validation of their security practices. CBP officials told us that they interpret the benefit tiering provisions of the Security and Accountability for Every Port Act of 2006 to apply mainly to importers. Nevertheless, CBP considered implementing tiered benefits for these other trade sectors, but it has not been able to identify additional benefits to offer nonimporters in a tiered structure. CBP has taken steps to improve the security validation process, but still faces challenges in verifying that C-TPAT members' security practices meet minimum criteria. CBP has sought to strengthen the validation process by providing appropriate guidance and developing a portable, electronic instrument to help ensure that validation information is consistently collected, documented, and uniformly applied to decisions regarding the awarding of benefits to C-TPAT members. However, the usefulness of the instrument is limited due to its default "no" responses. Specifically, if a response is marked "no," it is unclear whether a security specialist, who has the discretion to answer or not answer individual questions, intentionally answered the question or if the response was an automatic default. This factor limits the ability of CBP to validate security practices at member companies. CBP has taken actions to address C-TPAT management and staffing challenges, such as implementing a human capital plan, a records management system, and performance measures. While these actions have addressed a number of challenges, others remain. In particular, CBP's records management system does not include interim processing dates--such as the date that security specialists send companies the 30-day validation notification letter--to enable management or others to determine CBP's compliance with program requirements. Further, although CBP has developed performance measures for facilitating the flow of commerce, it has not developed performance measures to assess the effectiveness of C-TPAT's efforts to improve supply chain security.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: U.S. Customs and Border Protection (CBP) reported that it responded to our recommendation by making programming changes to the system to automatically document time sensitive decisions mandated by the Security and Accountability For Every Port Act, specifically 90-day certification, validation within 1 year of a company being certified, and re-validation within 3 years of the initial validation. CBP provided screen shots of their system to demonstrate this change.

    Recommendation: To improve CBP's implementation of SAFE Port Act provisions and to strengthen C-TPAT program management, ensure adequate internal controls to manage the program, provide management with complete program data for decision making, and establish indicators of the program's impact on supply chain security, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to ensure that the C-TPAT Portal records management system completely documents key data elements needed to track compliance with SAFE Port Act and other CBP internal requirements.

    Agency Affected: Department of Homeland Security

  2. Status: Closed - Implemented

    Comments: U.S. Customs and Border Protection (CBP) reported that it responded to our recommendation by issuing policy guidance on June 13, 2008 which instructs field directors and supervisors to immediately require supply chain specialists to ensure required actions and recommendations are completed. CBP has also created an automated platform in its electronic data-gathering instrument to track and capture the content and communication between the specialists and Customs-Trade Partnership Against Terrorism members.

    Recommendation: To improve CBP's implementation of SAFE Port Act provisions and to strengthen C-TPAT program management, ensure adequate internal controls to manage the program, provide management with complete program data for decision making, and establish indicators of the program's impact on supply chain security, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to ensure that C-TPAT validation report recommendations are implemented by establishing a policy for security specialists to follow up with member companies when CBP requires them to make security enhancements to ensure that the necessary steps are taken.

    Agency Affected: Department of Homeland Security

  3. Status: Closed - Implemented

    Comments: U.S. Customs and Border Protection (CBP) reported in October 2009 that it responded to our recommendation by issuing policy guidance on May 30, 2008 that instructs field directors to require supervisory supply chain specialists to request this type of information from Customs-Trade Partnership Against Terrorism members as part of preparing for the validation visit. CBP has also included a question in its automated validation reports system that requires specialists to document whether an external audit was conducted on the importer's supply chain security program.

    Recommendation: To improve CBP's implementation of SAFE Port Act provisions and to strengthen C-TPAT program management, ensure adequate internal controls to manage the program, provide management with complete program data for decision making, and establish indicators of the program's impact on supply chain security, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to strengthen the evaluation of security during validations by requiring validations to include the review and assessment of any available results from audits, inspections, or other reviews of a member's supply chain security.

    Agency Affected: Department of Homeland Security

  4. Status: Closed - Implemented

    Comments: U.S. Customs and Border Protection reported in October 2009 that it has responded to our recommendation by eliminating the default "no" response and reprogramming the instrument to allow for response options of "yes," "no," "other," and "best practices."

    Recommendation: To improve CBP's implementation of SAFE Port Act provisions and to strengthen C-TPAT program management, ensure adequate internal controls to manage the program, provide management with complete program data for decision making, and establish indicators of the program's impact on supply chain security, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to continue to improve the consistency with which validations are conducted and documented by revising the electronic instrument used in validations to include appropriate response options and eliminate the use of default "no" responses.

    Agency Affected: Department of Homeland Security

  5. Status: Closed - Implemented

    Comments: U.S. Customs and Border Protection (CBP) reported that it responded to our recommendation by working to identify output measures to quantify actions required and to gauge Customs-Trade Partnership Against Terrorism's impact on supply chain security. CBP provided us with examples of analytical tools that are currently in development and may provide direction for developing performance measures. CBP officials explained how information from the automated validation reports system may provide the basis for trend analysis and developing performance measures.

    Recommendation: To improve CBP's implementation of SAFE Port Act provisions and to strengthen C-TPAT program management, ensure adequate internal controls to manage the program, provide management with complete program data for decision making, and establish indicators of the program's impact on supply chain security, the Secretary of Homeland Security should direct the Commissioner of U.S. Customs and Border Protection to identify and pursue opportunities in information collected during C-TPAT member processing activities that may provide direction for developing performance measures of enhanced supply chain security.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Sep 18, 2014

Sep 17, 2014

Sep 10, 2014

Sep 9, 2014

Sep 8, 2014

Jul 31, 2014

Jul 29, 2014

Looking for more? Browse all our products here