Online AEO Compendium
- The applicant and designated persons have not committed any infringements or offences, over a period determined by the national AEO programme. - The applicant and designated persons have not committed any serious criminal offences related to their economic activity. - Ensure the difference between any serious, repeated or minor infringements.
- There is no overdue or unpaid taxes or Customs duties with Customs. - There is an appropriate channel or contact point to address any arrears in Customs duties/tax.
- Have an effective system to ensure quality assurance of Customs declarations.
- Have in place, a good set of records management policies and procedures. - The company maintains timely, accurate, complete and verifiable records relating to import and export.
- The company has satisfactory procedures in place for the archiving of its records and information, and for protection against the loss of information (i.e. maintenance of record-keeping systems). - Customs has access to the company accounting systems and, where applicable, to its commercial and transport records. - Records are kept for the purposes both of Customs and the company’s accounting system (whether it is integrated or not) and cross-check against the actual operations.
- There is an internal trail in the records capable of tracing all transactions in the applicant’s international supply chain that can be readily traced from the record or information.
The applicant has proven financial standing to meet their obligations and fulfil their commitments, by assessing records and information available for a specific period before applying.
To determine if the applicant is subject to bankruptcy proceedings.
The applicant has fulfilled (during a specific or assessment period) their financial obligations regarding payments of Customs duties and all other duties, taxes or charges relating to the importing or exporting of goods. Financial indicators may be utilized to identify the financial standing of the operator.
- Provide clearly identified and readily accessible local points of contact or a corporate contact that can arrange immediate access to a local contact for all matters identified as being of compliance and enforcement interest to Customs (cargo bookings, cargo tracking, employee information, etc.); - Individually or, as appropriate, via an industry association, engage in an open and continuing mutual exchange of information with Customs, exclusive of information that cannot be released due to law enforcement sensitivities, legal basis or other precedents;
- Notify an appropriate Customs official of any unusual or suspicious cargo documentation or abnormal requests for information on shipments; - Provide timely notification to Customs and any other relevant authorities when employees discover illegal, suspicious or unaccounted cargo. Such cargo should be secured, as appropriate.
- Based on the business model, educate personnel, and where appropriate trading partners, with regard to the risks associated with movements of goods in the international trade supply chain; - provide educational material, expert guidance and appropriate training on the identification of potentially suspected cargo to all relevant personnel involved in the supply chain, to the extent they are within the AEO’s control.
- make employees aware of the procedures the AEO has in place to identify and report suspicious incidents; - conduct specific training to assist employees in maintaining cargo integrity, recognizing potential internal threats to security and protecting access controls; - keep adequate records of educational methods, guidance provided and training efforts undertaken to document the delivery of such programmes;
- Business to have a documented internal training system for trade security; - Drivers and other personnel that conduct security inspection of empty conveyances and IIT to be trained to inspect their conveyances/IIT for security purpose; - As applicable, based on their functions and/or positions, employees to be trained on the company’s cybersecurity policies and procedures; - To include the need for employees to protect passwords/passphrases and computer access; - Training records to be maintained so that they may be verified by AEO auditors; - Employees operating and managing security technology systems to receive training on their operation and maintenance; - - - Prior experience with similar systems and self-training via operational manuals and other methods to be considered.
- To have a documented internal training material on Customs laws and regulations? - To offer internal training on Customs laws and regulations at all levels of the company (management and employees) to make sure knowledge is current.
- AEOs to have appropriate procedures in place to ensure that all information used in the clearing of merchandise/cargo is legible, complete and accurate and protected against the exchange, loss or introduction of erroneous information. - AEO carriers have procedures in place to ensure the information in the carrier’s cargo manifest accurately reflects the information provided to the carrier by the shipper or its agent, and is filed with Customs in a timely manner;
- Have a documented information security policy and procedures and/or security-related controls, such as firewalls, passwords, etc., in place to protect the AEO’s electronic systems from unauthorized access; - Have procedures and backup capabilities in place to protect against the loss of information.
- establish procedures to manage and control cargo within the cargo storage facility; - establish procedures to positively control all cargo being removed from the storage facility;
- establish procedures to manage, secure and control all cargo in its custody during transport and while loading into or unloading from a transport conveyance.
- Businesses to keep proper records to document how it controls and monitors the safe shipping of exported goods. - Businesses to take measures to ensure the secure and safe shipping of goods to be exported (such as shipping monitoring, spot checks, the verification of documents or check of photos, videos, etc.).
- Well documented procedures to be in place to ensure the integrity and security of the containers. - The inspection of all conveyances and empty Instruments of International Traffic to be recorded on a checklist.
- have procedures for inspecting the structure of the transport conveyance including the reliability of the access controls. - all empty IIT to undergo a security inspection prior to loading/stuffing to ensure their structures have not been modified to conceal contraband. - A 7-point inspection of all empty containers and unit load devices (ULDs), and an 8-point inspection of all empty refrigerated containers and ULDs, must be conducted prior to loading/stuffing.
- ensure to have written procedures in place to properly seal and maintain the integrity of the shipment or transport conveyance while in its custody; - ensure to use smart security devices or mechanical seals; - ensure that written procedures are developed and utilized that stipulate how seals are to be controlled and affixed to cargo and transport conveyances, to include procedures for recognizing and reporting compromised seals, cargo and/or transport conveyances to the Customs administration or the appropriate foreign authority; - for integrity purposes, ensure that only designated personnel distribute seals and safeguard their appropriate and legitimate use;
- store cargo and transport conveyances in its custody in secure areas and have procedures in place for reporting detected unauthorized entry to cargo and transport conveyance storage areas to appropriate law enforcement officials; - establish procedures to manage and control cargo within the cargo storage facility; - establish procedures to positively control all cargo being removed from the storage facility;
- verify the identity of the carrier collecting or delivering cargo and transport conveyances where existing business processes permit and, in the case of there being no such authority, take action to promptly achieve such mandate; - Businesses to have procedures to respond to significant route deviations and late arrivals at the loading dock/area, transfer points, or the final destination. - Businesses to have information on the conveyance and the identification of the driver in advance of the loading or receipt of goods.
- ensure, to the extent and scope of its authority and responsibility, that all transport conveyances used for the transportation of cargo within its supply chain are capable of being effectively secured; - secure transport conveyances within its supply chain, to the extent and scope of its ability and responsibility, when left unattended, and check for security breaches upon return; - ensure, to the extent and scope of its authority and responsibility, that all operators of conveyances used for the transportation of cargo are trained to maintain the security of the transport conveyance and the cargo at all times while in its custody; - notify Customs, or other relevant body, of any unusual, suspicious or actual breach of transport conveyance security.
- consider potential places of concealment of illegal goods on transport conveyances, ensure that these places are regularly inspected, and secure all internal and external compartments and panels, as appropriate. Records are to be made and maintained following such inspections, indicating the areas inspected; - Provide training for employees to understand the purpose of inspection and learn inspection techniques. - Company to have mechanisms for reporting the concealment of suspicious goods in the conveyance or suspicious alterations to the conveyance.
- To have a secure area for parking of conveyances to prevent unauthorized entry or other damage; - To have procedures to report unauthorized entry into storage areas or damage to the conveyance.
- To have administrative control measures concerning the transport units carrying exported goods and articles during the transport process after loading, en route to the point of export. - To have procedures in place to track the conveyance.
- There should be appropriate security systems, such as, theft alarm and/or access control systems. - Appropriate peripheral and perimeter barriers. - Restricted areas should be clearly identified. - as required or upon request, provide Customs with access to security monitoring systems that are utilized for premises security.
- Gates through which vehicles and/or personnel enter or exit must be manned, monitored or otherwise controlled. The AEO should assure that vehicles requiring access to restricted facilities are parked in approved and controlled areas, and that their license plate numbers are furnished to Customs upon request.
- Buildings must be constructed of materials that resist unlawful entry. - The integrity of structures must be maintained by periodic inspection and repair.
- Adequate lighting must be provided inside and outside the facility including the following areas: entrances and exits, cargo handling and storage areas, fence lines and parking areas.
- Company to install security technology, such as video monitoring equipment, to prevent unauthorized entry to the following areas: entrances and exits, loading, unloading and warehousing areas, surroundings of perimeter walls, and parking areas.
- All business structures (offices, warehouses, packing facilities, etc.) must have physical barriers and/or deterrents that prevent unauthorized access. Agricultural fields do not need to comply with these requirements but, based on risk, may want to adopt other security safeguards, such as security patrols. - Access to document or cargo storage areas is restricted and there are procedures to challenge unauthorized or unidentified persons.
- Based on risk, internal and external windows and doors should be equipped with locking devices. - Members need to have written procedures governing how access devices, such as keys, are granted, changed, and removed. Removal of access devices must take place when the employees separate from the company.
- Gates where vehicles and/or personnel enter or exit (as well as other points of egress) must be manned or monitored. - It is recommended that the number of gates be kept to the minimum necessary for proper access and safety. Other points of egress would be entrances to facilities that are not gated.
- Businesses to implement access controls for employees, such as checking employee ID (containing information such as name, department, photo, etc.); - To have restrictions on access by unauthorized employees to sensitive areas in the building? - To have employees’ vehicles parked in a designated area.
- Businesses to implement visitor registration processes, including verification of photo ID; - Visitors to wear temporary identification badges, and they are escorted by staff; - Visitors’ vehicles to be registered by the business and parked in designated areas.
- Procedures need to be in place to identify, challenge and address unauthorized/unidentified persons. It is very important for personnel to know the protocol for challenging an unknown/unauthorized person, how to respond to the situation, and to be familiar with the procedure for removing an unauthorized individual from the premises. - Only properly identified and authorized persons, vehicles and goods are permitted to access the facilities.
- Have written procedures to screen prospective employees and to perform checks on current employees. - To have application information, such as employment history and references, verified prior to employment, to the extent possible and allowed under the law.
- Have accurate and updated records of its employees, which list, among other things, the names of the employees/contractors; position titles; departments they work for; entry dates and, if applicable, departure date. - conduct periodic background checks on employees working in security-sensitive positions; - have employee identification procedures, and require that all employees carry proper company-issued identification that uniquely identifies the individual employee and organization.
- take reasonable precautions when recruiting new staff to verify that they are not previously convicted of security-related, Customs or other criminal offences, to the extent permitted by national legislation; - Prospective employees should be properly identified with some type of government-issued photo identification (driver’s licence, passport, national identification card, etc.). - AEO members and their business partners should factor in the results of background checks, as permitted by local statutes, in making hiring decisions.
- have procedures in place to expeditiously remove identification, premises and information systems access for employees whose employment has been terminated. - Written procedures should outline the company’s personnel suspension and termination processes, including the removal of access devices (keys, badges, uniforms etc.) when the employees separate from the company. - The use of exit checklists is recommended to ensure that all access devices have been returned and/or deactivated. - Personnel files on employees that have left the company must be kept for a reasonable time.
- To implement procedures for visitor registration, including visitor name, ID type, visit time, leaving time, etc., and have the business checked the visitor’s ID card (including photo) when registering? - All visitors to wear temporary identification badges; - Visitors to be accompanied by company staff while in the building.
- have procedures in place to identify, record and deal with unauthorized or unidentified persons, such as photo identification and sign-in registers for visitors and vendors at all points of entry; - Personnel must be trained on how to identify, challenge and respond to the situation, and be familiar with the procedure for removing an unauthorized individual from the premises. - Personnel must also be trained on how to report all security incidents (such as unauthorized entry and unauthorized persons).
- AEO companies need to have a written, risk-based process for screening new business partners and for monitoring current partners. - AEOs need to have procedures in place that outline how they can clearly identify their business partners, and to ensure (through implementation of appropriate contractual arrangements, security declarations or other appropriate measures in accordance with the AEO company’s business model) that those business partners also do their due diligence to secure the international supply chain.
- The business partner screening process can take into account whether a partner is a member of an approved Authorized Economic Operator (AEO) programme with a Mutual Recognition Agreement/Arrangement (MRA) with the member where AEO status was granted. - It can also take into account whether the business partner is certified by a recognized security organization that conducts supply chain security audits on its own members, and based on AEO standards. - Specific procedures should be in place for identifying regular business partners and unknown companies, including procedures to select subcontractors based on a risk-assessed list of regular and irregular subcontractors.
The business to encourage its business partners to optimize and improve their trade security processes, and document these in operating procedures or agreements.
- To have processes to regularly review business partners in the context of building a secure supply chain.
- To have written procedures in place that address crisis management, business continuity, security recovery plans, and business resumption. - Based on risk and where the member operates or sources from, contingency plans may include additional security notifications or support; and how to recover what was destroyed or stolen, in order to return to normal operating conditions. - Contingency plans need to be updated, based on risks and lessons learned. - include periodic training of employees and testing of emergency contingency plans.
To ensure that employees are following the company’s procedures. The company decides the scope of the audit/review and how in-depth it should be – based on its role in the supply chain, business model, level of risk, and variations between specific locations/sites. The internal audit/review activities are usually conducted by company employees.
- To conduct regular monitoring activities against AEO criteria and to keep records of monitoring activities.
- The role of internal audit is to provide independent assurance that a company’s risk management, governance and internal control processes are operating effectively. A review process of AEO requirements may be included in the context of internal control of the company.
- To have internal mechanisms in place to continuously improve import/export activities and address issues identified in audits/reviews; - To implement mechanisms for establishing accountability when the company’s activities do not conform to AEO requirements; - Corrective measures required by Customs to be carried out by the legal representative (person in charge) or senior managers in charge of Customs affairs.
