The Process Does Not End Here
When the CTPAT (Customs Trade Partnership Against Terrorism) applicant submits its company profile and security profile to the CTPAT Security Link Portal, U.S. Customs and Border Protection, (CBP) has up to 90 days to respond with an account status of “Certified” or “Rejected.”
After submission of the company profile is completed, the applicant will be assigned a username and a password. During this phase, your account status is listed as “Pre-Applicant.” If the applicant does not submit its security profile within 30 days of submitting the Company profile, its password will expire. Therefore, the applicant will have to resubmit the company profile under a different user name and password. Thus, we recommend that the company profile be submitted simultaneously with the security profile. Once this is complete, CBP will assign the applicant a Supply Chain Security Specialist (SCSS) who will review the application. In order to review C-TPAT status, for certification or maintenance (after being certified), the applicant must log into the following site: https:ctpat.cbp.dhs.gov/login.aspx.
The review process by the SCSS consists of two components: i) approval of the security profile (account status is listed as “Approved”) and ii) the vetting process. This is when CBP conducts its investigation of the applicant’s different companies.
These two components are not always approved simultaneously. After the security profile has been approved and before the vetting process has been approved, the applicant’s account status is listed as “Approved”. The SCSS has up to 90 days from assignment of applicant’s account to complete the vetting process. Upon approval of both the security profile and the vetting process, the account status is listed as “certified”. The applicant becomes an actual CTPAT member when the account status is designated as “certified.” The applicant is then eligible to generate a Status Verification Interface (“SVI”) number. This number is supplied by CTPAT members to importers or service providers, who are CTPAT members themselves and are interested in knowing your company’s CTPAT status.
In order to access your SVI number, login at the CTPAT site, locate the word “partner” at the top bar. Put your cursor on the word “partner” and a drop–down list will appear. Go to the “Status Verification” section. You will find 4 separate sections as follows:
- Section 5.2 – This will generate an SVI number.
- Section 5.3 – If any CTPAT partner wants to verify your CTPAT status, please insert their email address into the box and click on email SVI. As a rule you do not want to give out your SVI number to anyone who is not a CTPAT member.
- Section 5.4 – Email history – CBP will generate this list.
- Section 5.5 – Monitoring other partner’s status. When a business partner indicates that they are a CTPAT member, you need to verify their CTPAT status and confirm the company’s corporate name. This section will continue to monitor their status. If their CTPAT status changes, you will be notified in this section. Place all the SVI numbers that you have accumulated from the time you submitted your Security profile up to present in this section. If a business partner’s CTPAT status changes, contact them if you are presently or planning to do business with them. A CTPAT status may change if the business partner elects to change their SVI number and they did not notify you or if CBP has removed them from the CTPAT program.
The next section that all certified CTPAT members must view is the drop – down list under “Documents.” This consists of two sections.
A) CTPAT Public Document Library. This is the area where CTPAT program personnel post documents for all participants to view/download.
B) CTPAT Partner Document Exchange (private). This is the section where you find a copy of your certification letter in a PDF format. This has been uploaded to you by your SCSS. Please print a copy of this letter and place with your important documents. This is the only letter that states that you are a CTPAT certified member. If CBP has a problem with their computer system or likewise with your own, this is your only proof. CBP no longer sends certificates to CTPAT members. This section is also the location where you can upload your member-specific policies, procedures, forms, etc. related to CTPAT. Additionally, the SCSS will send you documents that relate to your validation and other important information in this section.
CBP wants CTPAT certified members to access the CTPAT Security Link Portal once every 45 days. If a member does not access their portal site at least once every 90 days, the account will be deactivated and they will have to change their password. In addition, if you fail to access the Security Link Portal, you may miss important documents which CBP has sent. Some of these documents have specific response dates, such as the Validation Report. If you do not respond to these documents in the timeframe indicated, you may be removed from the CTPAT program.
Since your CTPAT portal site account is defined as a confidential relationship between your company contacts and CBP/SCSS, the SCSS will monitor your activity to make sure that you are updating the sections that are required, such as business partners SVI members.
As CBP continues to strictly enforce the CTPAT requirements, it is imperative that the CTPAT certified member monitor and update its CTPAT portal account.