EU logistics security – an interesting decade

I had a great pleasure to work intensively on the European surface transport security standardization efforts, some years ago – this CBRA Blog aims to summarize the main work done, and the key objectives achieved.

 

Couple of years after the US 9/11, 2001 terrorist attacks, the European Commission Directorate General of Transport and Energy, EC DG TREN, started to prepare a proposal for a regulation of the European Parliament and of the Council on enhancing cargo surface transport security. In the meanwhile, 9/11 was already triggering an avalanche of new customs, aviation and maritime supply chain security regulations, programs and standards, in the US, Europe and across the globe. But when it came specifically to surface transport security for road and rail cargo (and inland waterways, to that matter) in Europe, nothing was cooking before the DG TREN initiative “Secure Operator”, first announced in 2004. By 2006, the main goal of the EC proposal for a regulation on enhancing supply chain security (SCS) in the EU was shaped as to achieve greater protection of the European freight transport system against possible terrorist attacks. The specific objectives of the draft regulation were defined as: (i) to increase the level of security along the supply chain without impeding the free flow of trade; (ii) to establish a common framework for a systematic European approach without jeopardizing the common transport market and existing security measures; and (iii) to avoid unnecessary administrative procedures and burdens at European and national levels. In addition, the draft regulation related to the need to prevent a patchwork of various supply chain security standards and solutions across EU.

blog2105162However, it quickly became clear that there was no common sense of urgency in supply chain security regulations across EU Member States, particularly in the context of threat of terrorism to surface (cargo) transport. One was lacking a commitment towards an integrated approach, which would urge everybody to look at the holistic supply chain picture. The countries and especially stakeholder (or, lobby) organizations clearly focused on their specific interests on a part of the supply chain, thus appearing uncomfortable when trying to identify the “big picture”. Ultimately, the draft regulation was blocked in the European legislative process and finally officially withdrawn by the Commission, in 2010.

 

 

In the meanwhile, already in 2005, an expert group in supply chain security was formed under the umbrella of European Committee for Standardization (CEN) – and that’s when Cross-border Research Association started to play a role in the “EU land transport security regulations and standards play”, first as the rapporteur for the expert group, and later as the research party for the technical committee in supply chain security. The expert group was formed technically under the CEN working group “Protection and Security of the Citizen” (CEN/BT/WG161), and the (pre)standardization work was partly based on the Logistics Action Plan of the EC that indicated the need for standardization in the transport security domain for the whole logistic chain.

blog2105163Following the conclusions and recommendations by the expert group, the CEN Technical Committee in Supply Chain Security (CEN/TC 379) was established in 2008, producing ultimately three tangible outputs: Supply Chain Security Feasibility Study (in 2010); CEN Technical Report “Supply Chain Security — Good Practice Guide for Small and Medium Sized Operators” (in 2012, CEN/TR 16412:2012); and, a European Standard: Logistics – Specifications for reporting crime incidents (in 2013, EN 16352:2013-06). The first of the outcomes is available for free (ask by email:  cbra@cross-border.org ), and the latter two you can purchase e.g. from your national standardization institute web shop. All in all, great project experience behind us, couple of good publications, and many new contacts and even few friends for lifetime – thus, no regrets, and if asked, would become rapporteur and lead researcher on these important topics, again and again!

 

 

 

 

And finally, when it comes to the future of SCS regulation and standardization work in Europe – in particular in the land transport security sector (e.g. the LANDSEC expert group, Commission Decision 2012/286/EU): do not be shy in exploiting the tangible outcomes of a decade of our joint work, in particular the Euronorm EN 16352:2013-06, “Logistics: specifications for reporting crime incidents” – no reason to reinvent the wheel!

 

CBRA Blog by Dr. Juha Hintsa on 21.5.2016

 

Summarizing the main milestones of the surface transport security 2004-2014 regulatory and standardization process tracks:

A) Regulatory process -track was largely driven by the European Commission Directorate General for Transport and Energy (EC DG TREN), comprising of the following five sequential steps:
A1. Preparation of the Secure Operator legislation at EC DG TREN (2004-2006)
A2. Publication of the legislative proposal (EC, 2006a)
A3. Publication of an impact assessment study (EC, 2006b)
A4. Announcements and debates at European Parliament and Council (2006-2009)
A5. Withdrawal of the proposal by the Commission, (18.9.2010)

B) Standardization process -track – for which the European Committee for Standardization (CEN) was responsible – consisting of the following seven, chronologically ordered steps:
B1. Establishment of an Expert group in supply chain security, under CEN/BT/WG161, “Protection and Security of the Citizen” (2005)
B2. Publication of the final report of the Expert group, approved by CEN/BT/WG161 (14.11.2006)
B3. Establishment of the CEN Technical Committee in Supply Chain Security, CEN/TC 379 (2008)
B4. Publication of Supply Chain Security Feasibility Study (15.1.2010)
B5. Publication of the CEN Technical Report, CEN/TR 16412:2012 “Supply Chain Security — Good Practice Guide for Small and Medium Sized Operators” (2012)
B6. Publication of a European Standard: Logistics – Specifications for reporting crime incidents, EN 16352:2013-06 (2013)
B7. Closure of the CEN Technical Committee in Supply Chain Security, CEN/TC 379 (2014).

 

blog2105164

Main references / bibliography:

  • CEN (2013), “Logistics: specifications for reporting crime incidents”, EN 16352:2013-06
  • CEN (2012), “Supply chain security (SCS): Good practice guide for small and medium sized operators”, CEN/TR 16412:2012
  • CEN (2006), “Expert group: Supply chain security”, approved by CEN/BT/WG161, 14.1.2006
  • EC (2012), “Commission Staff Working Document on Transport Security”, SWD(2012), 143 final.
  • EC (2006a), COM(2006)79 final, 2006/0025(COD), COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on enhancing supply chain security Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on enhancing supply chain security, (SEC(2006)251)
  • EC (2006b), SEC(2006)251 COMMISSION STAFF WORKING DOCUMENT. Annex to the COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on enhancing supply chain security and Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on enhancing supply chain security – IMPACT ASSESSMENT – {COM(2006)79 final}
  • Hintsa, J., Ahokas, J., Männistö, T. and Sahlstedt, J. (2010), “CEN supply chain security (SCS) feasibility study”, CEN/TC 379 Supply Chain Security, Final report, 15.12010

 

 

CEN Supply Chain Security — Good Practice Guide for Small and Medium Sized Operators, 2012 (CORE1030)

Summary: This is a guidance document for small and medium sized enterprises, SMEs. on how to apply a supply chain security approach to their operations in order to mitigate the risk of criminal activities. It gives an overview of the main crime types occurring in the supply chain along with some countermeasures, as well as the supply chain security initiatives, and the compliance requirements thereof. The document is available for purchase e.g. at:   http://shop.bsigroup.com/ProductDetail/?pid=000000000030258778  (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The recommended supply chain strategy rests on a six-step approach. The first step is to define a context for the supply chain, crime prevention and security management activities taking into consideration the security sensitiveness, the geography and transport modes, and the main stakeholders involved in the supply chain operation. The second step is to make a threat and vulnerability analysis with regard to terrorist and other criminal threats in the supply chain. The main criteria included are the gaps existing in enhanced security, the high-risk crime types, and the potential consequences of crime occurrences. The third step covers the regulatory framework, the major aspects being the regulations and programs required for successful business operations, expectations of customers and suppliers, requirements laid down by insurance providers, and relevant government authorities. The fourth step refers to an overall security plan, taking into account the physical security, data security, human resources security (including selection, training, and exit procedures), business partner security (including selection, and auditing), and process control and monitoring of deviations. The fifth step involves implementing into practice concrete security measures, investment in technologies, procurement of services, in-house solutions and so forth. The final step is to monitor and measure the security performance and take appropriate corrective actions.

Five supply chain crime types have been elucidated in this guide. These include:  Property theft (cargo theft, intellectual property breaches); targeted damage (terrorism, sabotage); cross-border duty and tax fraud; illegitimate transporting, exporting and/or importing (smuggling of prohibited and restricted goods, people smuggling); and crime facilitation (document forgery, bogus companies, cybercrime). For each crime type, the main focus should be on the issue (main features and typical sectors/products involved), scope of the problem and actions to mitigate risks.

This guidebook has chosen eight security initiatives for illustration purposes. It explains the context of each initiative, whom it is meant for, and some basic requirements and the implications. These are as follows:

  • Import Control System (ICS) in the EU (a systems tool meant for the lodging and processing of Entry Summary Declarations, and for the exchange of messages across national customs agencies, economic operators and the European Commission).
  • Export Control System (ECS) in the EU (introduces EU procedures to computerize and control indirect exports and to implement the EU safety and security regulations);
  • Maritime Security Legislation, International Ship and Port Facility Security (ISPS) Code in the EU (International regulations to ensure the security of maritime transportation are being issued by the International Maritime Organization, IMO, in the International Ship and Port Facility Security Code);
  • Aviation Security Legislation, Air Cargo Supply Chains in the EU (three categories of aviation security legislation exist in the EU- Framework regulation, supplementing regulations, and implementing regulations-all targeted towards civil aviation security).
  • European Union Authorized Economic Operator, EU AEO (operators involved in international trade of goods certified as complying with WCO or equivalent supply chain security standards);
  • Regulated agent, Known consignor and Account consignor in the EU (Specific “trusted trader” status existing in the European air cargo supply chains);
  • ISO 28000 Series of Standards on Supply Chain Security Management Systems (address potential security issues at all stages of the supply process, e.g. terrorism, fraud and piracy);
  • Transported Asset Protection Association (TAPA) in Europe (fighting cargo crime using real-time intelligence and the latest preventative measures).

CORE1030

[/s2If]