Skip to main content

Supply Chain Security: CBP Needs to Enforce Compliance and Assess the Effectiveness of the Importer Security Filing and Additional Carrier Requirements

GAO-17-650 Published: Jul 20, 2017. Publicly Released: Jul 20, 2017.
Jump To:
Skip to Highlights

Highlights

What GAO Found

Through the Importer Security Filing (ISF) and Additional Carrier Requirements (the ISF rule), U.S. Customs and Border Protection (CBP) requires importers to submit ISFs and vessel carriers to submit vessel stow plans and container status messages (CSM). Submission rates for ISF-10s—required for cargo destined for the United States—increased from about 95 percent in 2012 to 99 percent in 2015. Submission rates for ISF-5s—required for cargo transiting but not destined for the United States—ranged from about 68 to 80 percent. To increase ISF-5 submission rates, CBP published a Notice of Proposed Rulemaking in July 2016 to clarify the party responsible for submitting the ISF-5. GAO could not determine submission rates for vessel stow plans, which depict the position of each cargo container on a vessel, because CBP calculates stow plan submission rates on a daily basis, but not comprehensively over time. CBP officials noted, though, that compliance overall is likely nearly 100 percent because Advance Targeting Units (ATU), responsible for identifying high-risk shipments, contact carriers if they have not received stow plans. GAO also could not determine submission rates for CSMs, which report container movements and status changes, because CBP does not have access to carriers' private data systems to know the number of CSMs it should receive. CBP targeters noted that they may become aware that CSMs have not been sent based on other information sources they review.

CBP has taken actions to enforce ISF and stow plan submissions, but has not enforced CSM submissions or assessed the effects of its enforcement actions on compliance at the port level. ATUs enforce ISF and vessel stow plan compliance by using ISF holds, which prevent cargo from leaving ports, and issuing liquidated damages claims. CBP has not enforced CSM submissions because of the high volume it receives and lack of visibility into carriers' private data systems. However, when CBP targeters become aware that CSMs have not been received based on reviewing other information sources, taking enforcement actions could provide an incentive for carriers to submit all CSMs and help targeters better identify high-risk cargo. GAO's enforcement data analysis shows that ATUs used varying methods to enforce the ISF rule and that ports' ISF-10 submission rates varied. By assessing the effects of its enforcement strategies at the port level, CBP could better ensure it maximizes compliance with the rule.

CBP officials stated that ISF rule data have improved their ability to identify high-risk cargo shipments, but CBP could collect additional performance information to better evaluate program effectiveness. Evaluating the direct impact of ISF rule data in assessing shipment risk is difficult; however, GAO identified examples of how CBP could better assess the ISF program's effectiveness. For example, CBP could track the number of containers not listed on a manifest—which could pose a security risk—it identifies through reviewing vessel stow plans. Collecting this type of additional performance information could help CBP better assess whether the ISF program is improving its ability to identify high-risk shipments.

This is a public version of a sensitive report that GAO issued in May 2017. Information CBP deemed Law Enforcement Sensitive has been deleted.

Why GAO Did This Study

Cargo shipments can present security concerns as terrorists could use cargo containers to transport a weapon of mass destruction or other contraband into the United States. In January 2009, CBP, within the Department of Homeland Security (DHS), implemented the ISF rule. The rule requires importers and vessel carriers to submit information, such as country of origin, to CBP before cargo is loaded onto U.S.-bound vessels. The information is intended to improve CBP's ability to identify high-risk shipments.

GAO was asked to review the ISF program. This report addresses: (1) importers' and carriers' submission rates for ISF rule requirements, (2) CBP's actions to enforce the ISF rule and assess whether enforcement actions have increased compliance, and (3) the extent to which the ISF rule has improved CBP's ability to identify high-risk shipments. GAO, among other things, analyzed CBP's compliance and enforcement data for 2012 through 2015—the most recent data available at the time of GAO's review—and interviewed CBP officials and trade industry members.

Recommendations

GAO recommends that CBP (1) enforce the CSM requirement when targeters identify carriers' noncompliance; (2) evaluate the effect of enforcement strategies on compliance at the port level; and (3) collect additional performance information to better evaluate the effectiveness of the ISF program. DHS concurred with the recommendations.

Recommendations for Executive Action

Agency Affected Recommendation Status
United States Customs and Border Protection To enhance CBP's identification of high-risk cargo shipments and its enforcement of the ISF rule, the Commissioner of CBP should enforce the ISF rule requirement that carriers provide CSMs to CBP when targeters identify CSM noncompliance.
Closed – Implemented
On February 26, 2018, the CBP liaison informed GAO that ports have the authority to enforce CSMs and the plan is for the Office of Field Operations (OFO) to remind the ports to do so and to provide guidance. On June 13, 2018, the CBP liaison stated that on April 12, 2018, CBP published a final rule that broadened the definition of Importer Security Filing (ISF) to remove the ambiguity with regard to who is responsible for ISF-5 filings. In addition, CBP drafted an updated CSM enforcement memo to reiterate guidance that enforcement actions against carriers for CSM violations. In March 2019, the CBP liaison stated that the planned enforcement actions are expected to begin by the end of May 2019. Then, on January 13, 2020, a CBP liaison provided evidence that CBP has initiated enforcement actions for noncompliance with CSMs. With evidence of these enforcement actions, CBP has met the purpose of the recommendation and so the status of this recommendation has been changed to "Closed - Implemented."
United States Customs and Border Protection To enhance CBP's identification of high-risk cargo shipments and its enforcement of the ISF rule, the Commissioner of CBP should evaluate the ISF enforcement strategies used by ATUs to assess whether particular enforcement methods could be applied to ports with relatively low submission rates.
Closed – Implemented
On June 13, 2018, the CBP liaison informed GAO that CBP is discussing enforcement strategies during monthly conference calls held by the National Targeting Center-Cargo with all Advance Targeting Units (ATU) in order to identify the factors that are impacting ports with lower Importer Security Filing (ISF) compliance rates and to share best practices. CBP also updates ISF Frequently Asked Questions on its CBP.GOV website to facilitate information exchange. On September 17, 2018, the CBP liaison provided information to show that ISF enforcement strategies are discussed in the monthly ATU calls with the ports of entry so that best practices may be shared and further developed across the ATUs on a regular basis. This action addresses the emphasis of the GAO recommendation and is considered Closed-Implemented.
United States Customs and Border Protection The Commissioner of CBP should identify and collect additional performance information on the impact of the ISF rule data, such as the identification of shipments containing contraband, to better evaluate the effectiveness of the ISF program.
Closed – Implemented
In March 2018, the CBP liaison informed GAO that offices within CBP are collaborating on a plan to assess additional performance metrics to evaluate the effectiveness of the ISF program. On June 13, 2018, the CBP liaison stated that CBP staff continue to work on additional performance metrics to evaluate the effectiveness of the ISF program and noted, in particular, are analyzing data to: (1) identify the number of unmanifested containers and determine how/if they were mitigated before arrival; (2) determine the number of times C-TPAT companies were identified and given targeting benefits, but did not receive the same treatment based on manifest information; and (3) identify the number of times potential terrorism matches were made against an ISF entities vs. the number of times not matched using the same manifest data. In late February 2020, CBP liaison staff informed GAO that they were continuing to work on this recommendation and they anticipated completion by the end of March 2020. On December 11, 2020, the CBP liaison informed GAO that the estimated completion date for this recommendation changed to June 30, 2021 to allow CBP more time for reviews and implementation. On May 20, 2021, CBP staff informed GAO that the Office of Field Operations (OFO) asked to push back the estimated completion date for addressing this recommendation to December 31, 2021. On August 16, 2021, CBP staff informed GAO that the National Targeting Center and Cargo and Conveyance Security are going to seek assistance from the Office of Information and Technology, Targeting Analysis Systems Program Directorate and the Office of Trade to make one last effort to find a way to quantify the impact of this program by fall 2021. In March 2022, CBP officials provided documentary evidence to GAO that it (CBP) has (1) implemented capabilities to identify and capture unmanifested containers, (2) identified the number of times an ISF entity is also a CTPAT entity, and (3) developed system capabilities to actively display an indicator of a CTPAT entity in targeting systems for targeting personnel to recognize the lower risk of those entities. The officials noted that CBP also attempted to develop other performance measures to quantify the impact of the ISF program, but was not able to do so. GAO believes that the actions CBP has taken are in line with the intent of the GAO recommendation, as well as CBP's original corrective action plan. These actions should allow CBP to better evaluate whether the ISF program is meeting its intended goal of improving the identification of high-risk cargo shipments. Based on these actions, GAO considers this recommendation to be "Closed-Implemented."

Full Report

Office of Public Affairs

Topics

Cargo screeningCargo securityCargo container inspectionsData collectionImport regulationImport restrictionImportsRegulatory noncomplianceNoncomplianceProgram evaluationRegulatory agenciesReporting requirementsRisk managementSupply chain managementSupply chain security