Embed Size (px)
Citation preview
1
Session 14:Risk and Security in Physical Distribution
MTT045 - InternationalPhysical Distribution
Overall Framework
2
Exporter,Shipper
Terminalat home
Importer,Consignee
Terminalabroad
Carrier on Pre-Carriage
Bank ofExporter
Bank ofImporter
Customs at home
Customsabroad
FreightForwarderat home
FreightForwarder
abroadTrans-
portationBroker
or Agent
Carrier on On-ward-Carriage
Carrier onMain Haul
Sou
rce:
Sch
ram
m (2
012)
2
Agenda
1. Risk Management2. Security and Compliance Management
2.1. Definition of Safety and Security2.2. Current Security Initiatives and Standards
Recommended Readings:
Coyle, J, Novak, R, Gibson, B and Bardi, E. (2010) ‘TransportationRisk Management’. In Coyle et al.: Transportation: A Supply ChainPerspective, pp. 290-314.
Donner, M. and C. Kruk (2009) Supply Chain Security Guide,The International Bank for Reconstruction and Development/ The World Bank [Editor], Washington, (esp. pp. 8-40 and 73-79)see: http://www.vpa.org.vn/english/isps/SCS_Guide_Final.pdf
Risk Management
4
Additional complexities and uncertainties which arise on a global scale.
Source: Ghoshal(1987), Miller(1992), Delfmann and Albers(2000)
Managing risk is one of the primary objectives offirms operating internationally.
The use of terms vary in the international management literature.-> Lack of a generally accepted definition of risk
RISKUnpredictability in corporate outcomevariables (e.g. revenues, costs, profit,market share). Used in finance,economics, strategic management….
Unpredictability of environmental ororganizational variables that impactcorporate performance or the inadequacyof information about these variables. Usedin strategic management, organizationtheory. Uncertainty reduces predictabilityof corporate performance (increases risk).
UNCERTAINTY
! !
3
Risk ManagementProcess Steps
5
Process Step
Risiko-identifikation
Risiko-bewertung
potenzieller Bedrohungen
-Rangfolge
Maßnahmen zur Steuerung der RisikenRisiko-
steuerung
zwischen gewollter und tatsächlicher RisikolageRisiko-
überwachung
RiskIdentification
Risk Analysis/Assessment
Activities
Identification of all potential risks andlatent chances in a selected area.
Evaluation of risks to their potential severity ofloss and to the probability of occurrence. Riskranking.
-
Maßnahmen zur Steuerung der RisikenRisiko-
steuerung
Development, evaluation and selection ofmeasures for treatment of risk (avoidance,reduction, mitigation, transfer, retention).
Risk Mngmt./Treatment
Review and evaluation of the risk manage-ment process; update of the risk management.
Risk Review/Monitoring
Ris
kM
anag
emen
t A
udi
t
Risk Strategy
Risks Identification:Six Common Risk Categories
Product loss:e.g. Pilferage, Jettison, Piracy/Hijacking of cargo.Product damage:caused by equipment accidents, poor freight handling,improper equipment loading, etc.Product contamination:caused by climate control failure, product tampering,exposure to contaminants.Delivery delay:due to congestion, poor weather, equpment malfunction etc.Supply Chain Interruption:Carrier bankruptcy, labor disruptions, capacity shortagesSecurity breach:Common pointas of exposure are lax security processes, unprotectedtransfer facilities, shipment control failures.
Sou
rce:
Coy
le e
t.al.
(201
0)
4
Risk Management /Treatment:Risk Response Measures
7
Sou
rce:
Sud
y (2
008)
, Sud
y an
d S
chra
mm
(201
0)
Application Spectrumof Risk Response Measures
T r a n s p o r t L o g is t ic sT r a n s p o r tc h a i n s
S u p p ly C h a i nM a n a g e m e n t
o p e r a t i v e s t r a t e g icN a t u r e o f a r r a n g e m e n tp o s s ib i l i t i e s
r e d u c in g , t r a n s f e r -r in g o r c o v e r i n g r i s k s
a v o id i n g , s h a r in go r a c c e p t in g r i s k s
R is k r e s p o n s e m e a s u r e s
Source: Sudy and Schramm (2010)
5
Risk Response Measureson Transport Level
Choice of appropriate meansof transportTransport routing and timingSplitting up a single consign-ment in several shipmentsAppropriate cargo packagingand proper loading*Application of informationand communication systemsPostponement: Delayingcommitment of resources*
Late place of transfer of riskand/or title for purchaserEarly place of transfer of riskand/or title for sellerOutsourcing to transport orlogistics service providersGet insurance coverage
Forwarder‘s liability insuranceCargo insurance policy
Financial hedging againstpossible losses
Measures for reduc-tion of loss or damage
Measuresof risk transfer
Source: Sudy and Schramm (2010), Coyle et al. (2010)
Risk Response Measureson Transport Chain Level
Using intermodal transportunitsAppropriate cargo packagingand proper loading*Information about status andplace of cargo (auto-identifi-cation, tracking and tracing).
Risk transfer in transportchains according to transportcontracts:
Break-bulk approach withseparate transport contractsUnform transport contract
Cargo insurance
Measures for reduc-tion of loss or damage
Measuresof risk transfer
Source: Sudy and Schramm (2010), Coyle et al. (2010)
6
Risk Response Measureson Logistics Level
Choice of locationand type of warehouseAppropriate packagingand proper handling*Information and communi-cation systems to couplematerial and informationflowsReduction the amount ofstock keeping unitsDistributing stocks toseveral warehouses
Determine exactly placeof transfer of perilsUse standard terms andconditions dedicated tologistics operationsUniform coverage of risksvia logistics service insurance
Measures for reduc-tion of loss or damage
Measuresof risk transfer
Source: Sudy and Schramm (2010), Coyle et al. (2010)
Risk Response Measureson Supply Chain Level
Reducing spatial distanceof supply chain partnersEstablishment of in-housepartnershipsCooperation and collaborationin buyer-seller relationshipsImproved product designSpreading risk i.e. byoperational hedging:
Operational flexibilityCreation of real options
Is it really possible ?!?
Measures for reduc-tion of loss or damage
Measuresof risk transfer
Source: Sudy and Schramm (2010)
7
A Definitionof Safety and Security
13
Natural Disaster
= force majeur (originating fromnature or natural forces)
(hardly influenceable andpreventable)
e.g. geophysical (earthquake,volcanic eruption),meteorolgical/atmospherical(tropical cyclone/hurricane,storm, tornadoes), other events(fire, flood)
Man Made
= no force majeur (originatingfrom human activities or forces)
Unintentional Intentional
e.g. terrorist attacks,theft, vandalism,robbery, kidnapping,piracy, sabotage,contraband
Hazards and Perils
Human failure
Technological failure
Security-Management
Safety-Management
Sou
rce:
Sud
y (2
008)
Definition of Transportand Supply Chain Security
14
The total of preventive measures (including human andmaterial resources)…
…intended to protect transport infrastructure, vehicles,systems, passengers, cargo and workers…
…against unlawful acts.
Sou
rce:
DN
V: R
epor
t for
Eur
opea
n C
omm
issi
on D
G T
RE
N, 2
005.
=> Risk ofinterferencein InternationalSupply Chains
8
15
Advanced Customs Declaration
Mandatory Legislation
CSI: Container Security Initiative (US)AEO: Authorised Economic Operator (EU)C-TPAT: Customs Trade Partnershipagainst Terrorism (USA)PIP: Partner in Protection (Canada)FAST: Free and Secure Trade (NAFTA)
Easing of customsprocedures /
Supply Chain-Security
Voluntary Initiatives
Black Lists (EU and US)
Combating terrorism on financial level
Air Transport: Screening of Baggage (EU)Maritime Transport: Ensuring the security of shipsand port facilities (EU and SOLAS/ISPS)Transport of Dangerous Goods: Creation of asecurity plan (ADR/RID/ADN 2005 Chapter 1.10)
Mode of transport and Product relatedSecurity Measures
Air Transport (EU):Regulated Agent, Known Consignor
Mode of transport and Product relatedSecurity Measures
TAPA: Transported Asset ProtectionAssociation (America, EMEA, Asia, Brasil)IRU: International Road Transport Union –Security GuidelinesISO Supply Chain Security Management SystemStandardsSupply Chain Security Programs of globalcompanies, e.g. Philips, IBM, Microsoft, Exxon,DHL, Maersk
Revised Community Customs Code (EU)24 Hour Advanced Manifest Rule (AMR),ISF: Importer Security filing (USA)ACI: Advance Commercial Information(Canada)AMF: Advanced Manifest Filling (Mexico)
Gov
ernm
enta
lGov
ern-
men
tal
Non
-gov
ernm
enta
l
Mode of transport and Product relatedSecurity Measures
Gov
ern-
men
tal
Gov
ernm
enta
l
Gov
ern-
men
tal
SAFE: Framework of Standards to secureand facilitate global trade (WCO)
Source: Sudy (2008), revised
Current Transport ChainSecurity Measures
16
(C-PAT and PIP)(C-PAT and PIP)
(CSI)
Source: Donner and Kruk (2009) with extensions
9
Transport Chain PartiesConcerned Therein
17
(C-PAT and PIP)(C-PAT and PIP)
Source: Donner and Kruk (2009) with extensions
Current Security Initiativesand Standards (1/2)
18
• New regulations which are being developed to improve security of the SupplyChain shall connect, where possible seamlessly, with existing initiatives orinitiatives in progress to prevent duplication of efforts and cost escalatingeffects for trade and industry.
• Traditionally, security management of the supply chain only addressed theprevention of theft and damage of cargo (e.g. certification program that has beendeveloped by TAPA). However, the attack on the WTC on 9/11, however, hasincreased the focus on supply chain security which has resulted in a numberof national and international supply chain security initiatives.
• Many of supply chain security initiatives have been (or are being) developedand implemented by customs organizations because these are historicallyresponsible for supervising the international flow of goods for compliance toimport duty and health and safety regulations.
• This so far has resulted in a number of different supply chain securityrequirements.
Source: DNV: Report for European Commission DG TREN, 2005.
10
Current Security Initiativesand Standards (2/2)
19
• Apart from requirements to the management of supply chain security thesecustoms driven regulations have one common requirement. Customs want tohave advanced information on the character of cargo that is entering thecountry in order to decide which cargo they will target with intensifiedinspections, based on a risk assessment.
• The World Customs Organization is attempting to establish an umbrellawhich should harmonize these customs regulations on security managementand advanced cargo information to facilitate international trade.
• In response to the lack of a consistent set of standards for supply chainsecurity the industry has taken matters in its own hands. Individualcompanies started to develop their own systems, and so setting theirown standard in the market.
• ISO has taken the initiative to start developing a set of ISO documentswhich should fulfill the needs of industry and so establish a better regulatedand harmonized set of requirements to supply chain security.
Source: DNV: Report for European Commission DG TREN, 2005.
ISPS (International Ship andPort Facility Security) Code
20
• ISPS Code for international shipping entered into force in July 2004.
• Implementation of the ISPS-code had a global impact on internationaltrade.
• ISPS Code formulates requirements to security management ininternational shipping and at port facilities to strengthen maritime securityand prevent and suppress acts of terrorism against shipping.
• ISPS code is anchored in the SOLAS (Safety of Life at Sea) convention(after the Titanic disaster in 1912), nowadays still the most important treatyaddressing maritime safety.
• SOLAS is administered by the IMO (International Maritime Organization),a specialized agency of the United Nations. IMO ensures globalenforcement of the code by all flag- and port states.
Source: DNV: Report for European Commission DG TREN,2005; International Maritime Organization http://www.imo.org.
11
21
• CSI was developed shortly after the terror attacks of New Yorkand Washington and it got implemented in January 2002.
• Objective: prevent maritime containers being misused by terrorists to deliver aweapon to the U.S.
• Curtail the threat to U.S. border security by ensuring that before placingcontainers on vessels destined for the United States, potential risky containersare identified, pre-screened and inspected in the foreign port.
GOAL:
IDEA:• Push the U.S. border outwards creating an extended security zone.
• This gives the United States more time to react to suspicious shipments ratherthan dealing with them when they are already on U.S. ground.
Source: U.S. CBP, http://www.cbp.gov
CSI(Container Security Initiative)
CSI(Container Security Initiative)
22
• U.S. officers both from the CBP and Immigration and Customs Enfor-cement (ICE) are stationed in foreign ports all over the world and co-operate with the host foreign governments identifying security criteriafor targeting high-risk containers.
• CSI uses technology (X-ray, gamma ray machines, radiation detectiondevices and other non-intrusive inspection technology) to pre-screenthe container.
• CSI is not compulsory and goods can still be shipped into the U.S. fromnon-CSI ports, but enormous delays due to more stringent examinationsof the cargo as soon as it enters the United States must be expected.
• When a country joins the CSI, a Declaration of Principles must be signedThis is an agreement between the U.S. and host nation´s Customs ser-vices. The host nation must permit the deployment of CBP personnel intoits seaports.
Sou
rce:
U.S
. CBP
, http
://w
ww
.cbp
.gov
12
23
Sou
rce:
CB
P, h
ttp://
ww
w.c
bp.g
ov
CSI(Container Security Initiative)
AMR (24 Hour AdvanceVessel Manifest Rule)
24
• In force since February 2003.• Carriers and/or NVOCC carriers are required to send a cargo declaration to CBP
24 hours before cargo is laden aboard a vessel in a foreign port.• The detailed information about the content of the sea containers is then being
used by CBP to identify potential high-risk containers that could be a threat toU.S. national security long before they actually enter American grounds.
• The following 14 data elements must be sent to CBP:(1) Foreign port of departure, (2) Carrier’s Standard Carrier Alpha Code (SCAC), (3) Voy-age number, (4) Date of scheduled arrival, (5) Numbers and quantities from the carrier’sbills of lading, (6) First port of receipt of goods, (7) Precise description of the goods and/orHarmonized Tariff Schedule of the United States (HTSUS) code, (8) Shipper’s completename and address or identity number, (9) Consignee’s name and address or identity num-ber, (10) Vessel name, national flag and vessel number (11) Foreign port where the cargowas laden on board, (12) Hazardous material indicator, if applicable, (13) Container number,(14) Seal number affixed to the container.
Sou
rce:
U.S
. CBP
, http
://w
ww
.cbp
.gov
13
ISF (Importer Security Filing andAdditional Carrier Requirements)
25
• Intensifies the already existing 24-Hour-AMR• Goal: Improvement of the U.S. customs authority’s ability to identify
high risk containers.• The rule took effect end of January 2009, but there is a 12-months
period where CBP shows restraint from enforcing it in caseimporters and shippers try to comply, but face difficulties inachieving it.
• The importer security filing includes information about:(1) seller, (2) buyer, (3) importer of record number/foreign trade zone applicantidentification number, (4) consignee number(s), (5) manufacturer/supplier, (6)ship to party, (7) country of origin, (8) commodity HTSUS code, (9) containerstuffing location and (10) consolidator (stuffer)
• The carrier is required to provide:(1) vessel stow plan and (2) container status messages (CSM)
… hence its name “10+2 rule” Source: U.S. CBP, http://www.cbp.gov
Security Amendment to theEU Community Customs Code
26
• The changes to the EU Community Customs Code are the most important sinceit was adopted in 1992.
• One of the keystones of the changes to the Customs Code is the greater role forcustoms in managing security at the EU’s external borders:
• Declaration has to be presented before the goods arrive at the EU border(pre-notification system by means of pre-arrival declarations (ICS).
• This allows an adequate pre-screening of shipments and risk analysis.
• Goods destined to leave the Customs territory of the EU will have to becovered by pre-departure declarations (ECS).
• Traders have to comply with these requirements.
• This should lead, together with a harmonized risk assessment system ofcustoms, to a tightened security around goods crossing the EU borders whilenot blocking the physical flow of goods because of faster and better targetedchecks by Customs.More about? See: http://ec.europa.eu/ecip/model_transactions/index_en.htm
14
eCustoms Implementationfor a EU Member State
27Source: IBM (2008)
Authorized EconomicOperator (AEO)
28
• One of the main elements of the security amendment of the RevisedCommunity Customs Code is the introduction of the ‘Authorized EconomicOperator (AEO)’ status with three types:(1) AEOC - Customs simplifications, (2) AEOS - Security and safetyor (3) AEOF - Customs simplifications/Security and safety
• Advantage of the AEO: relaxed customs controls and application forauthorizations (customs warehousing, NCTS etc.).
• The status of AEO will be recognized by the customs authorities in allMember States. Further mutual recognition of AEO status in Japan,Norway, Switzerland, USA is in preparation.
• The criteria for recognition as AEO are (1) financial solvency,(2) appropriate record of compliance with customs requirementsand (3) appropriate security and safety standards.
• At the moment, there are 587 French companies with an AEO status, see:http://ec.europa.eu/taxation_customs/dds2/eos/aeo_home.jsp?Lang=en
15
C-TPAT (Customs TradePartnership Against Terrorism)
29
• The program requires companies• to ensure the integrity of their security practices and• to communicate security guidelines to their business partners at each
segment of that supply chain (production, transportation, importation,distribution).
• Joint cooperation between all parties involved (importers, brokers,manufacturers, warehouse operators, air-carriers, ocean-carriers, and land-carriers) is crucial.
• Each company within the SC must qualify under C-TPAT´s regulations.• In case of one partner being considered risky, the C-TPAT certification is put to
a hold and the questioned business partner undergoes a detailed inspection.• If the company in question does not increase its security standards, the C-
TPAT certified company is required to look for a more compliant partner.
Source: U.S. CBP, http://www.cbp.gov
PIP(Partnership in Protection)
30
• Designed by Canadian customs (CBSA Canada Border Services Agency),
• equivalent to C-TPAT,
• to promote the co-operation between CBSA and private industry.
• Objective: enhance border security, combat organized crime and terrorism,increase awareness of customs compliance issues, and help detect andprevent contraband smuggling.
• Already developed in 1995, but importance dramatically increased after theterror attacks in New York in 2001 and its focus shifted FROM compliancewith customs regulations TO improvement of physical, infrastructure andprocedural security to ensure trade chain security.
• PIP membership is a must for participation in the FAST program.
Source: http://www.cbsa-asfc.gc.ca
16
Free and Secure Trade(FAST) Program
31
• Facilitation of cross-border commercial shipments (fewer delays, whileenhancing security) through harmonized process for shipments for approvedimporters, transported by approved carriers using registered drivers
• Shipments will be cleared into either country (U.S., Canada, Mexico) with greaterspeed and certainty, at a reduced cost of compliance.
There are two distinct FAST programs:• U.S./Canada FAST program (started in December 2002)• U.S./Mexico FAST program (started in September 2003)
Source: U.S. CBP, www.cbp.gov
Objective
• FAST members enter designated FAST lanes at the border.• Immediate identification of vehicles, shipments and drivers takes place.• Company has to send the electronic information before the truck arrives at the
border.
Procedure
ISO Supply Chain SecurityManagement System Standards
32
Development ofstandards for security
management of thesupply chain which
should fulfill the needs ofindustry and establish a
better regulated andharmonized set of
requirements
Sou
rce:
DN
V: R
epor
t for
Eur
opea
n C
omm
issi
on D
G T
RE
N, 2
005.
See: http://www.iso.org/iso/iso_catalogue/catalogue_ics/catalogue_detail_ics.htm?csnumber=44641
ISO/PAS 28000: 2007:A Plan-Do-Check-Act-Management Systembased on ISO 9000and ISO14000
