CTPAT Forced Labor Requirements Get More Stringent

New forced labor requirements for Customs Trade Partnership Against Terrorism (CTPAT) members may change the calculus for determining whether participation is worth it, said Sidley Austin lawyer Ted Murphy, in an Aug. 22 note. He reminded companies that if the shifting requirements become more costly than participation is worth, they can leave the program.

"Companies can be invested in supply chain security, and forced labor prevention, and not participate in this voluntary program," Murphy said. "The question is whether the benefits offered by the program outweigh the costs associated with complying with the requirements. This is a calculus that we recommend all members do periodically, particularly since the program requirements keep evolving."

The supply chain mapping is one of six new requirements on forced labor, which all took effect Aug. 1, but participants have until Aug. 1, 2023, to demonstrate compliance. The other requirements are:

• Providing evidence of implementation, such as "internal training programs for employees on identifying signs of forced labor, and mechanisms taken to show the supply chain is completely free of the use of forced labor."
• Telling their suppliers about their compliance requirements, including training "that identifies the specific risks and helps identify and prevent forced labor in the supply chain. Proof of this training must be available to CBP, upon request." The suppliers must be told specifically that the company "will not partner with any business that uses forced labor."
• Writing a code of conduct prohibiting purchasing goods made with forced labor, which will be publicly posted on the CTPAT page. The CTPAT members must have procedures that make that code more than a statement, "as well as evidence of the implementation of those policies."
• Creating a remediation plan if forced labor is discovered in a supply chain, including how they would disclose that information to CBP.
• Share best practices with other members.

Murphy also noted that the new minimum security criteria for CTPAT members says companies must have a documented social compliance program "that, at a minimum, addresses how the company ensures goods imported into the United States were not mined, produced or manufactured, wholly or in part, with prohibited forms of labor, i.e., forced, imprisoned, indentured, or indentured child labor." In the past, this was something that was said that CTPAT members "should have," but starting Jan. 1, it is something they "must" have.

"Probably not a huge deal for most companies, as they likely have a documented [corporate social responsibility] CSR program that addresses this issue, but worth noting," Murphy wrote.

Previously, the Commercial Customs Operations Advisory Committee expressed concerns that one of the changes, a requirement to "conduct a risk-based mapping of their business with suppliers that outlines their supply chains in their entirety," as CBP says, may not really mean risk-based, and is a comprehensive mapping requirement (see 2206300063). The CBP language says: "Importers are required to determine within their organization what imports are considered high risk to their particular business model but should take into consideration information that CBP provides publicly on CBP.gov." But it also says that CBP can ask for unredacted supply chain mapping for any supply chain.