Gaps found in federal port-security program

WASHINGTON — A Department of Homeland Security program to strengthen port security has gaps that terrorists could exploit to smuggle weapons of mass destruction in cargo containers, congressional investigators have found.

The report by the Government Accountability Office, being released today, assesses the Customs-Trade Partnership Against Terrorism (C-TPAT), a federal program established after the Sept. 11, 2001, attacks to deter a potential terrorist strike via cargo passing through 326 of the nation's airports, seaports and designated land borders.

Under the program, roughly 8,000 importers, port authorities and air, sea and land carriers are granted benefits such as reduced scrutiny of their cargo. In exchange, the companies submit a security plan that must meet U.S. Customs and Border Protection's minimum standards and allow officials to verify their measures are being followed.

A 2005 GAO report found many of the companies were receiving the reduced cargo scrutiny without the required full vetting by U.S. Customs, a division of Homeland Security. The agency has since made some improvements, but the new report found that Customs officials still couldn't provide guarantees that companies were in compliance.

Among the problems:

• A company is generally certified as safer based on its self-reported security information that Customs employees use to determine if minimum government criteria are met. But due partly to limited resources, the agency does not typically test the member company's supply-chain security practices and thus is "challenged to know that members' security measures are reliable, accurate and effective."

• Customs employees are not required to utilize third-party or other audits of a company's security measures as an alternative to the agency's direct testing, even if such audits exist.

• Companies can get certified for reduced Customs inspections before they fully implement any additional security improvements requested by the U.S. government. Under the program, Customs also does not require its employees to systematically follow up to make sure the requested improvements were made and that security practices remained consistent with the minimum criteria.

"Until Customs overcomes these collective challenges, Customs will be unable to assure Congress and others that C-TPAT member companies that have been granted reduced scrutiny of their U.S.-bound containerized shipments actually employ adequate security practices," investigators wrote. "It is vital that Customs maintain adequate internal controls to ensure that member companies deserve these benefits."

The GAO urged Customs and Border Protection to require consideration of third-party and other outside audits and take steps to make certain companies comply with any additional security improvements requested.

Responding in part, Customs officials in the report agreed they could do more to follow up on suggested security improvements but noted that employees often use their expert discretion in assessing the potential danger before certifying a company. The agency has also said the program overall has made the nation safer.