Today the GAO released a report assessing the effectiveness of the Customs-Trade Partnership Against Terrorism (C-TPAT) program that was implemented after 9/11 to help improve port security. C-TPAT is a key element of the Department’s layered strategic security model, combining partnerships with the private sector to gather critical information about cargo coming into the country and allowing DHS to implement intelligence-driven risk analysis of high-risk containers.

So when you hear certain segments of the political establishment decrying that DHS inspects only “five percent” of cargo coming into the United States, know that these folks are not being completely straightforward. By making such claims, they are either unaware of this critical risk-analysis program or, worse, purposefully leaving it out when they discuss supply chain security measures implemented by the United States.

Under C-TPAT, fully 100 percent of all cargo entering the United States is screened. By taking this risk-based approach, DHS can focus its resources on scanning and additional security measures precipitated by high-risk cargo rather than trying to treat all cargo – no matter how small the risk – the same and spreading limited resources past the breaking point.

Additionally, C-TPAT offers benefits for private sector partners, including ensuring that costly commerce is not unreasonably delayed during the shipping process. Importers that meet certain government-established vetting standards can reduce the level of cargo scrutiny their shipments undergo at over 300 of the nation’s air and sea ports. Since DHS was first stood up, experts across the political spectrum have highlighted the fact that homeland security cannot be successful without the engagement and involvement of the public and private sectors. C-TPAT is a model of such partnering.

As the GAO report shows, the system is not perfect. As with so many areas of homeland security, there are still a number of challenges that must be addressed and improved. Most critical among them is the lack of systematic follow-up by Customs and Border Protection officials to ensure that full implementation of their security requirements are met before granting benefits.

Additionally, I agree with the recommendation that CBP should make use of credible and independent third-party validators who can supplement the work of government inspectors and security personnel to ensure that participants are meeting government standards.

Anyone who reads this report, however, will be struck by the degree of improvement C-TPAT has undergone since it was formally adopted, as well as the sophistication of DHS’s overarching risk-based approach to security. It is the very opposite of the model called for by some critics, who want to replace this model with the so-called 100 Percent model. (I have critiqued this model in previous Security Debrief posts.)

  • As the GAO makes abundantly clear, any successful approach to security the supply chain must acknowledge the international nature of commerce today. Yet the mandate requiring foreign ports to physically scan 100 percent of all cargo is a go-it-alone approach that has already alienated some of our allies and could result in negative reactions – this at a time when foreign governments, including key allies, are beginning to adopt some of the processes that are the basis of C-TPAT. Consider the following conclusion asserted by the GAO report:

“In recent years, CBP’s international efforts have made C-TPAT a focus of other countries interested in developing similar customs-to-business partnership programs or considering arrangements with other countries to mutually accept the results of programs similar to C-TPAT. Foreign officials within the European Union and elsewhere have closely observed the C-TPAT program as one potential model for enhancing supply chain security. As we have previously reported and CBP has recognized, in security matters the United States is no longer self-contained, either in its problems or its solutions. The growing interpendence of nations requires policymakers to recognized the need to work in partnerships across boundaries to achieve vital national goals.”

Congress’s response? Not only to pass a flawed security model that attempts to physically scan every single one of the 12 million or so cargo containers that enter the United States, but one that also alienates potential allies in the war on terror. The vocal opposition to a 100% scanning regime by other governments suggests that collaboration may be significantly undermined if Congress does not take care to consider how its actions – no matter how politically attractive on the campaign trail – impacts our relationships around the globe.

Ironically, Congress inserted the 100-percent scanning mandate in the so-called 9/11 Commission bill, implying that 100-percent scanning was a recommendation of the 9/11 Commission. It wasn’t. In fact, the Commission advocated for the type of layered approach the C-TPAT entails.

The GAO’s findings support the C-TPAT approach. The study offers valuable recommendations for improving the system, but at no point does it support the arguments by some in Congress to abandon risk-based security for the flawed and costly “100 percent” model.