The Government Accountability Office today released its assessment of the Customs-Trade Partnership Against Terrorism (C-TPAT), a program by the Department of Homeland Security intended to reduce security scrutiny of importers, port authorities, and air, sea and land cargo carriers if these parties commit to self-imposed security standards. GAO finds that C-TPAT has gaps that terrorists could exploit to smuggle weapons of mass destruction in cargo containers.
C-TPAT is the federal program established after 9/11 to discover or deter a potential terrorist attack on or use of commercial cargo passing through 326 of the nation’s airports, seaports, and land crossings.
GAO is also currently investigating the DHS programs focused on combating the threat of smuggled nuclear weapons, specifically those managed by the Domestic Nuclear Detection Office. They have expressed a specific interest in the strategy aspects of how the global nuclear detection architecture figures in. This line of inquiry quickly gets us to the topic of port security in light of the 9/11 Act and its corresponding mandate for 100% scanning of all cargo en route to U.S. ports and corresponding programs like C-TPAT.
The nearly 8000 commercial participants in the C-TPAT program are granted reduced scrutiny of their cargo in exchange for submitting a security plan meeting U.S. Customs and Border Protection’s standards and allowing CBP officials to verify (even at random) implementation of their measures.
According to AP reporting on the GAO findings, under C-TPAT:
• Companies are certified based on self-reported security information that Customs employees use to determine if minimum government criteria are met. But due partly to limited resources, the agency does not typically test the member company’s supply-chain security practices and thus is “challenged to know that members’ security measures are reliable, accurate and effective.”
• Customs employees are not required to utilize third-party or other audits of a company’s security measures as an alternative to the agency’s direct testing, even if such audits exist.
• Companies can get certified for reduced Customs inspections before they fully implement any additional security improvements requested by the U.S. government. Under the program, Customs also does not require its employees to systematically follow up to make sure the requested improvements were made and that security practices remained consistent with the minimum criteria.
I hope to give this GAO report a closer read today, but readers are encouraged to weigh in on the study if they’ve already culled through it in detail. In the meantime, keep an eye out for coverage of the House Homeland Security Committee hearings on resilience in Congressional Quarterly.