MSC, Trusted Trader, and Best Practices Framework. August 29-31, 2017

Size: px

Start display at page:

Download "MSC, Trusted Trader, and Best Practices Framework. August 29-31, 2017"

Marvin Owens
6 years ago
Views:

1 MSC, Trusted Trader, and Best Practices Framework August 29-31, 2017

2 Minimum Security Criteria Carlos E. Ochoa

3 Carlos Bernice E. Conley Ochoa Best Minimum Practices Security Framework Criteria Why Update the MSC? Increasing Threats Threats against the US and its partners have increased and evolved since program started. Case for Change Since CTPAT s inception over 15 years ago, the MSC has not been updated nor reviewed, which presents an opportunity to leverage vast program experience. MSC Legal Mandates SAFE Port Act 2006: Section 211 (b) mandates that the MSC be reviewed at least once every year to update requirements as necessary in partnership with the trade community. Section 101 of TFTEA also calls for CBP to consult with the trade. Increase in Trade Trade has increased dramatically in the last 15 years and how trade is conducted has changed as well. Strengthen Border Environment Highway carriers face the most challenges in the supply chain particularly along the Southern border. Better Reflect CBP s Mission Part of CBP s mission is to both protect and enforce USDA laws/regulations. Agricultural security issues must be addressed. 3

4 Carlos Bernice E. Conley Ochoa Best Minimum Practices Security Framework Criteria What is a Standard? A. Quality Standards represent the highest level of quality or attainments. C. Voluntary Standards are designed for voluntary use but still represent an effective method to communicate the requirements and/or goals of an organization. Per ISO, a standard is a document that provides requirements specifications, guidelines, or characteristics that can be used consistently to ensure that materials, products, processes and services are fit for their purpose. B. Knowledge Standards represent knowledge from distilled wisdom of people with expertise in the subject matter who know the needs of the organization they represent. 4

Representatives 10 CBP HQ and Field Personnel Tool Development Internal tools were created to facilitate further review Dashboard Registry Follow-up Discussions Multiple

5 Carlos Bernice E. Conley Ochoa Best Minimum Practices Security Framework Criteria How is it Being Updated? COAC Working Group Six teams conducted formal indepth reviews of the MSC 10 COAC members 30 Private Sector Representatives 11 Supply Chain Security Experts and Association Representatives 10 CBP HQ and Field Personnel Tool Development Internal tools were created to facilitate further review Dashboard Registry Follow-up Discussions Multiple iterations were conducted to facilitate review Numerous conference calls/ s (60-70 calls) focused on attaining consensus Two working group meetings in Washington DC to go over teams products. 7 webinars over 14+ hours focused on detailed edits 5

6 Carlos Bernice E. Conley Ochoa Best Minimum Practices Security Framework Criteria MSC: At a Glance New Focus Areas Focus areas regarding Cybersecurity and Terrorism Financing will be incorporated to reflect the changing supply chain security environment. The continued targeting of the global supply chain underscores the need for members to secure their supply chain. Strengthens Highway Carrier Security Recognizes highway carriers face the most challenges in the supply chain and adds new requirements to mitigate risks. These requirements address identified vulnerabilities. Re-Defines an Industry Standard Increases CTPAT precision to face current threats. In addition to strict requirements ( must s ), the MSC encourages additional requirements ( should s ) to promote supply chain security across industry. MSC Categories Description Criteria Corporate Security Transportation Security People & Physical Security Corporate plans, policies, and processes to mitigate supply chain risks Secure movement and packaging of goods for all modes of transport (e.g., road, sea, rail, air) Secure management of structural perimeters and personnel including, but not limited, employees and contractors Security Vision & Responsibility (New), Risk Assessment, Business Partner Requirements, Cybersecurity Cargo & Container Security, Conveyance Security, Seal Security, Procedural Security, Agricultural Security (New) Physical Controls, Personnel Security, Physical Security, Security Training 6

7 Carlos Bernice E. Conley Ochoa Best Minimum Practices Security Framework Criteria Next Steps Evaluate Jan April 2017 Review and strengthen the MSC by engaging COAC working group, teams, CTPAT personnel, and others in the Trade community. Refine & Validate Prioritize & Engage Implement April Aug 2017 Aug Sept 2018 Oct 2018 (Begin phased roll-out) Synthesize proposed MSC, evaluate impact, and continue to refine in coordination with private sector counterparts. Further refine MSC, develop priority implementation plan, and engage with the Trade community for wider input. Implement new MSC with a phased approach for new and existing C-TPAT members. Key Takeaways MSC is not currently finalized and is still being validated Implementation will be phased over time to prioritize feasibility MSC will build on what is already currently implemented 7

8 Trusted Trader Strategy Lori Mennitt & Carmen Perez

9 Lori Bernice Mennitt Conley & Carmen Best Perez Practices Trusted Framework Trader Trusted Trader Strategy Integrates the C-TPAT and ISA programs into a consolidated program that includes both supply chain security and trade compliance AEO standard Increasing benefits for CBP and traders Global Reach Partnership CTPAT, Trade Compliance, PGAs and MRA and AEOs Trusted traders receive facilitated benefits globally CTPAT, Trade Compliance and PGAs Trusted traders receive benefits at partner government agencies Supports a scalable program, integrated with PGAs and aligned with leading AEO programs Moves toward whole of government approach to supply chain security via PGA engagement Compliance Security CTPAT, Trade Compliance Traders are ISA compliant and meet CTPAT security requirements CTPAT Traders are members of CBP s voluntary supply chain security program Non-participant in CTPAT But consistently low risk importers and exporters 9

10 Lori Bernice Mennitt Conley & Carmen Best Perez Practices Trusted Framework Trader Trusted Trader Pilot Phase I: FY 2014 FY 2016 Selected 9 pilot participants from 56 applicants Validated pilot incentives for inclusion in initial offering Phase II: FY 2016 FY 2018 Created a roadmap of the future vision for the Trusted Trader strategy Working closely with 7 pilot participants to develop and test benefits Developing a unified database to catalog and evaluate pilot benefits Phased Rollout: Begin FY 2019 Prioritize and evaluate impact of benefits with pilot participants Establish trade compliance standard of operation and implement new benefits Operationalize program and transition ISA members to Trade Compliance Engage international partners and MRA-AEOs 10

Lori Bernice Mennitt Conley & Carmen Best Perez Practices Trusted Framework Trader Trusted Trader Matrix Building the Catalog Created a tool to categorize program benefits status, applicable

11 Lori Bernice Mennitt Conley & Carmen Best Perez Practices Trusted Framework Trader Trusted Trader Matrix Building the Catalog Created a tool to categorize program benefits status, applicable entities, and perceived return on investment (ROI) Catalog Snapshot Partnered with pilot participants to review and refine the catalog Prepared to use catalog to explain benefits to PGAs and external stakeholders Catalog Benefits Jul 2017 Aug 2017 Provide a consolidated resource categorizing all existing and proposed benefits Track Engagement Sep 2017 Nov 2017 Develop a Participant Engagement Tracker to manage issues and participant get-backs Measure Success Sep 2017 Dec 2017 Create a Benefits Metrics Dashboard with key success metrics to analyze and report on benefits 11

12 Best Practices Framework Bernice Conley

13 Bernice Conley Best Practices Framework Framework Senior Management Support Innovative Business Process/Technology Documented Process System of Checks, Balances, and Accountability Evidence of Implementation 13

Bernice Conley Best Practices Framework Innovation Inspiration Merriam Webster s definitions Inspiration: the action or power of moving the

14 Bernice Conley Best Practices Framework Innovation Inspiration Merriam Webster s definitions Inspiration: the action or power of moving the intellect or emotions the act of influencing or suggesting opinions Innovation: the introduction of something new a new idea, method, or device 14

15 Bernice Conley Best Practices Framework Best Practice - Defined CTPAT Best Practice: A security measure which has senior management support to promote and sustain it. The measure is innovative for the Partner s business model/size, verifiable through documented/observable evidence of implementation, and is tested/audited for its effectiveness. 15

16 Bernice Conley Best Practices Framework Senior Management Support. Organizational culture and management philosophy which: Inspires/encourages innovation and continuous improvement Provides resources to implement and maintain a robust security measure/program such as: Financial support/resources are available (staffing, training, technology, equipment, etc.) Incentives / recognition (not necessarily monetary!) Integrates security measures into existing business processes Leverages key business partners to achieve high levels of security 16

Bernice Conley Best Practices Framework Innovative Technology/Processes/ Procedures Adaptable Commensurate to business entity / size / model the security measure incorporates:

17 Bernice Conley Best Practices Framework Innovative Technology/Processes/ Procedures Adaptable Commensurate to business entity / size / model the security measure incorporates: Automation to improve its effectiveness Technology to improve process, checks, balances, and accountability Streamlined process to increase transparency in order to quickly detect anomalies 17

Bernice Conley Best Practices Framework Documented Process To ensure consistency and continuity, the process to carry out the security measure must be

18 Bernice Conley Best Practices Framework Documented Process To ensure consistency and continuity, the process to carry out the security measure must be documented (written), to include one or more of the following, as appropriate to business model/size: Policy Procedures Work Instructions Check Lists 18

Bernice Conley Best Practices Framework Checks, Balances, Accountability, and Testing To ensure reliability of the security measure, a regular and recurring system of documented checks, balances, and

19 Bernice Conley Best Practices Framework Checks, Balances, Accountability, and Testing To ensure reliability of the security measure, a regular and recurring system of documented checks, balances, and accountability which incorporates one or more of the following measures: Tests Corrective Action Plan/follow-up based on results Audits (Internal/External) Corrective Action Plan/follow-up based on results 19

Bernice Conley Best Practices Framework Evidence of Implementation Minimum security criterion has been met and evidence has been verified

20 Bernice Conley Best Practices Framework Evidence of Implementation Minimum security criterion has been met and evidence has been verified by the Supply Chain Security Specialist that the Innovative Business Process/Technology has been implemented via. Observation Documentation 20

21 Bernice Conley Best Practices Framework A System Approach Senior Management Support Inspires innovation and continuous improvement, provides adequate resources Evidence of Implementation Verifies security via SCSS observation and documentation Innovative Business, Process, & Technology Increases automation, adaptability, and efficiency Documented Process Ensures consistency and continuity via written policies System of Checks, Balances, and Accountability Supports reliability via regular and recurring tests and internal/external audits Best Practices Framework 21

22 Bernice Conley Best Practices Framework Next Steps Finalize guidance/training documents/self-assessment tools Train C-TPAT Staff Train C-TPAT Partners SCSSs and Partners use Framework assessment tool during validation process Collect and catalog Best Practices Develop mechanism to share Best Practices Future: Searchable database / automated tool for sharing 22

Trade Transformation. CBP Initiatives for 21 st Century Trade. September 2012

Trade Transformation. CBP Initiatives for 21 st Century Trade. September 2012 Trade Transformation CBP Initiatives for 21 st Century Trade September 2012 1 Evolving our Mission 2 A Day at the U.S. Border CBP protects more than: 5,000 miles of border with Canada 1,900 miles of border