2011 CTPAT Conference

U.S. Customs & Border Protection recently held its annual Customs Trade Partnership Against Terrorism Conference in San Diego, and once again this sold out gathering featured top caliber speakers.

In keeping with the theme, “A Decade of Supply Chain Security & Innovation”, Bradd Skinner, Director of the CTPAT program, reflected upon the progress made in the last 10 years. Conceived in 2001 with only a handful of U.S. importers, CTPAT now has over 10,000 business entities that have received CTPAT certification. Globally, the CTPAT program has become recognized as the standard for supply chain security excellence.

Director Skinner also provided insight into a number of important issues, including future direction for this historic program.

One of the points he made was the emphasis that CTPAT will now place on “evidence of implementation“ during validations. Being actively involved with validations domestically and internationally, I’ve experienced this new focus firsthand. Whereas, the Supply Chain Security Specialist teams used to accept documents that simply formalized supply chain security policies and procedures, companies being validated are now required to prove that they are in fact being diligently followed.

When I was a speaker at the 2010 CTPAT conference, I made the statement that most security programs look much better on paper than they actually work in reality. Danbee Investigations has performed supply chain security investigations and audits for over 25 years, ranging from inventory theft, sabotage, product tampering, and counterfeiting, to workplace substance abuse/distribution and smuggling.

We’ve repeatedly found the most major security breaches were the result of companies believing that their safeguards were far more effective than they ultimately proved to be. Company executives wrongly assumed that their asset protection safeguards incorporated best industry practices and were being diligently followed on a day-to-day basis. The reality for these companies was that many vulnerabilities existed, and were subsequently exploited.

By CTPAT requiring companies to show proof of implementation, they will expose those companies not fully committed to implementing and consistently maintaining meaningful safeguards throughout their supply chain. Essentially, it is the “trust but verify” concept at work.

The February 2011 Global Awareness Bulletin published by the U.S. Department of State warns that American companies doing business in foreign countries may be targeted more aggressively by terrorist organizations like al-Qa’ida. Terrorists measure success not just in the number of victims but by the financial damage and long term costs associated with additional regulations governments are forced to enact to deter future terrorist incidents. Consequently, because of dramatically reduced inspection rates, CTPAT certified companies automatically become high value targets.

If a CTPAT member has superficial supply chain security controls in place they are at significatly higher risk of unknowingly transporting a conventional, biological, chemical or nuclear weapon into the United States. Obviously, safety is the number one concern. However, the ensuing panic, the widespread economic ramifications both domestically and abroad, as well as the financial and legal consequences for the company that imported the weapon of mass destruction would be catastrophic.

CBP’s mission is a daunting one. Unlike baseball, a .500 or .600 batting average will equate to failure rather than Hall of Fame status. While import volume to the U.S. may make perfection an unrealistic objective, striving for anything less creates an unacceptable level of risk. That’s why I not only understand CBP requiring evidence of implementation, I fully support this initiative.