US Customs and Border Protection has announced new minimum security criteria related to forced labour that members of the Customs Trade Partnership Against Terrorism (CTPAT) will be required to comply with.
Now in its 21st year, CTPAT has more than 11,000 members, including importers, exporters, customs brokers, carriers, 3PLs, foreign manufacturers, and others.
The programme includes CTPAT Security, in which partners take steps to ensure supply chain security, and CTPAT Trade Compliance, which allows importers to assume responsibility for monitoring their own compliance with trade laws and regulations, according to international trade law firm Sandler, Travis & Rosenberg (ST&R).
To be approved, companies must meet minimum security criteria across 12 categories, including risk assessment, business partners, procedural and physical security, and cyber security. In return, participants receive benefits that can reduce regulatory burdens and mitigate enforcement actions.
The new forced labour requirements for CTPAT Trade Compliance partners are as follows, according to ST&R:
Risk-based mapping. Partners must conduct risk-based mapping of their business with suppliers that outlines the supply chains in their entirety and includes regions, suppliers, etc. that the importer feels pose the most risk for forced labour. Importers must determine within their organization what imports are considered high-risk to their particular business model but should take into consideration information that CBP provides publicly on its web site. CBP may request unredacted proof of supply chain mapping regarding a particular supply chain at any time. A commitment to business mapping should be included in the code of conduct.
Code of conduct. Partners must create a code of conduct statement that represents their position against the use of forced labour within any part of their supply chain. This statement must be uploaded to the CTPAT online portal and published publicly. Partners must have policies and procedures in place that operationalize the code of conduct as well as evidence of those policies’ implementation. The statement must be included in the company’s social compliance program that focuses on forced labour.
Evidence of implementation. Partners must provide CBP with evidence of implementation of their social compliance program. As part of that program partners must be able to identify the parts of their supply chains most at risk and provide CBP with this information if requested. Examples of evidence include unredacted audits of high-risk supply chains related to forced labour, internal training programs for employees on identifying signs of forced labour, and mechanisms used to show the supply chain is completely free of forced labour.
Due diligence and training. Partners must provide to their suppliers training about their social compliance program requirements that identifies the specific risks and helps identify and prevent forced labour in the supply chain. The training should exemplify the company’s position against forced labour as stated in its code of conduct. Proof of this training must be available to CBP upon request. Training requirements are determined by the partner but must ensure that the supplier’s business model and code of conduct represent that they will not partner with businesses that use forced labour.
Remediation. Partners must maintain remediation plans for their organisation in the event forced labour is identified in their supply chains and must provide this information to CBP upon request. Plans must include the process for disclosing to CBP and outline the necessary steps for the organization’s employees and suppliers to correct the issue.
Shared best practices. Partners will share best practices with the CTPAT Trade Compliance program, as appropriate, to help mitigate the risk of forced labour.
As of 1 August, CBP is again accepting new members for CTPAT Trade Compliance, and companies must meet the new forced labour requirements to be accepted. All current CTPAT Trade Compliance members must implement these requirements by 1 August, 2023.