CUSTOMS RISK MANAGEMENT. CARIBBEAN
MODULE 3
METHODOLOGY FOR RISK MANAGEMENT IMPLEMENTATION
Customs Risk Management. 1st Edition
Module 3
Course author Inter-American Development Bank (IDB) (www.iadb.org), through its Integration and Trade Sector (INT). Course coordinator Inter-American Development Bank (IDB) (www.iadb.org), through its Integration and Trade Sector (INT), the Institute for the Integration of Latin America and the Caribbean (INTAL) (www.iadb.org/en/intal) and the Inter-American Institute for Economic and Social Development (INDES) (www.indes.org). Module author for the Latin-American region Inmaculada Martínez de Guereñu Gómez de Segura. Risk Management Expert. Module author for the Caribbean region Wagner Wilson de Castro. Risk Management Accredited Expert. The Secretariat of the Federal Revenue of Brazil. Pedagogical and editorial coordination The Inter-American Institute for Economic and Social Development (INDES) (www.indes.org) in collaboration with CEDDET Foundation (Economic and Technological Development Distance Learning Centre Foundation) (www.ceddet.org).
Copyright © 2017 Inter-American Development Bank. This work is licensed under a Creative Commons IGO 3.0 Attribution-NonCommercial-NoDerivatives (CC-IGO BY-NC-ND 3.0 IGO) license (http://creativecommons.org/licenses/by-nc-nd/3.0/igo/legalcode) and may be reproduced with attribution to the IDB and for any non-commercial purpose. No derivative work is allowed. Any dispute related to the use of the works of the IDB that cannot be settled amicably shall be submitted to arbitration pursuant to the UNCITRAL rules. The use of the IDB’s name for any purpose other than for attribution, and the use of IDB’s logo shall be subject to a separate written license agreement between the IDB and the user and is not authorized as part of this CC-IGO license. Note that link provided above includes additional terms and conditions of the license. The opinions expressed in this publication are those of the authors and do not necessarily reflect the views of the Inter-American Development Bank, its Board of Directors, or the countries they represent.
2
Customs Risk Management. 1st Edition
Module 3
Table of Contents List of Tables.................................................................................................................... 5 List of Figures .................................................................................................................. 5 Glossary ........................................................................................................................... 6 Module Introduction ....................................................................................................... 7 General Objectives of the Module.................................................................................. 7 Learning-Oriented Questions ......................................................................................... 8 UNIT I. IDENTIFICATION OF RISKS THAT THREATEN INSTITUTIONAL OBJECTIVES AND THE CREATION OF A “RISK REGISTER” .......................................... 9 Learning Objectives ........................................................................................................ 9 I.1. Customs Risk Management....................................................................................... 9 I.1.1. Establishing the Context............................................................................... 11 I.1.2. Risk Assessment ........................................................................................... 12 I.1.3. Risk Treatment ............................................................................................. 13 I.1.4. Monitoring and Review................................................................................ 13 I.1.5. Documentation, Communication and Consultation ...................................14 I.2. Risk Identification.....................................................................................................14 I.3. The “Risk Register” ................................................................................................. 15 I.4. Example ................................................................................................................... 16 SYNTHESIS OF THE UNIT ............................................................................................... 17 UNIT II. RISK ANALYSIS, EVALUATION AND PRIORITIZATION ...................................18 Learning Objectives ...................................................................................................... 18 II.1. Risk Analysis ............................................................................................................ 18 II.2. Determining Likelihood........................................................................................... 21
3
Customs Risk Management. 1st Edition
Module 3
II.3. Determining Consequences................................................................................... 23 II.4. Risk Evaluation and Prioritization ......................................................................... 24 II.5. Example .................................................................................................................. 26 SYNTHESIS OF THE UNIT .............................................................................................. 26 UNIT III. RISK TREATMENT ........................................................................................... 27 Learning Objectives ...................................................................................................... 27 III.1. Risk Owners ........................................................................................................... 27 III.2. Risk Treatment ...................................................................................................... 28 III.3. Phases of Customs Control................................................................................... 29 III.4. Types of Risk During the Phases of Customs Control ......................................... 30 III.4.1. The Pre-Arrival Phase ................................................................................ 30 III.4.2. The Clearance Phase .................................................................................. 31 III.4.3. The Post-Clearance Phase ........................................................................ 33 III.5. Risk Indicators in Each Stage of Customs Risk Management ............................. 34 III.5.1. The Pre-Arrival Phase ................................................................................ 34 III.5.2. The Clearance Phase ................................................................................. 35 III.5.3. The Post-Clearance Phase ........................................................................ 36 III.6. Developing a Risk Profile ...................................................................................... 38 SYNTHESIS OF THE UNIT ...............................................................................................41 UNIT IV. RISK MONITORING AND REVIEW .................................................................. 42 Learning Objectives ...................................................................................................... 42 IV.1. Monitoring the Environment ................................................................................ 42 IV.2. Measurements ...................................................................................................... 45 IV.3. Assessing Quantitative and Qualitative Results .................................................. 47
4
Customs Risk Management. 1st Edition
Module 3
IV.3.1. Quantitative Results .................................................................................. 47 IV.3.2. Qualitative Results .................................................................................... 48 IV.4. Assessing the Efficiency and Effectiveness of a Risk Profile .............................. 50 SYNTHESIS OF THE UNIT .............................................................................................. 53
Bibliography .................................................................................................................. 54
List of Tables Table 1. Establishing the context ................................................................................... 12 Table 2. The “Risk Register” begins to take shape ...................................................... 17 Table 3. Description and indicators for determining likelihood (3 x 3 likelihood scale) ................................................................................................... 21 Table 4. Description and indicators for determining likelihood (5 x 5 likelihood scale) .................................................................................................. 22 Table 5. Description and indicators for determining consequences (3 x 3 consequence scale) ............................................................................................ 23 Table 6. Description and indicators for determining consequences (5 x 5 consequence scale) ............................................................................................ 24 Table 7. Risk significance matrix (3x3) ........................................................................ 25 Table 8. Risk significance matrix (5x5) ........................................................................ 25 Table 9. “Risk Register” ................................................................................................ 26
List of Figures Figure 1. Customs risk management process............................................................... 10 Figure 2. Developing a risk profile ................................................................................ 40
5
Customs Risk Management. 1st Edition
Module 3
Glossary n AWB: Air Waybill. n BL: Bill of Lading. n CRM: Customs Risk Management. n IT: Information Technologies. n RKC: Revised Kyoto Convention. n UNODC: United Nations Office on Drugs and Crime. n WCO: World Customs Organization.
6
Customs Risk Management. 1st Edition
Module 3
Module Introduction This module presents the methodology used to implement a risk management model at customs. Risk management is a complex task that involves the entire organization, so this study is divided into two parts: (1) risk management from an organizational perspective and (2) operational management. The first part provides an overview of how customs risk management (CRM) operates and presents the different steps involved in the process. The second part examines each step in detail, with practical examples to allow students to apply the lessons learned in their organizations. Based on the strategic objectives set up at the institutional level, we will identify and analyze risks, establish priorities and assign the assessed risks to their respective “risk owners”. During each step of the process, results must be documented in a “risk register” that is vital for a successful risk management. In real life, the risk treatment plans are elaborated at the strategic level and applied by operational units. Therefore, in this module we will first identify and classify risks and then turn our attention to the operational level to see how CRM operates in practice. The procedures applied at this level are the result of the best practices, recognized and implemented by modern customs administrations and are consistent with the recommendations contained in the World Customs Organization (WCO) Risk Management Compendium.
General Objective of the Module Participants will begin by recognizing the main components of a risk management process. Then, through systematic explanations, they will learn how to implement a risk management model at customs, including the identification of risks that threaten
7
Customs Risk Management. 1st Edition
Module 3
institutional objectives, the development of a risk register—essential for risk management—and the implementation of the operational aspects required for a successful risk management.
Learning-Oriented Questions n What is customs risk management? n What are the steps of customs risk management? n What is a “risk register”? How is it developed? Why is it important? n How are priority risks defined? n How do strategic institutional objectives influence operational risk manage-
ment? n How to implement the operational risk management methodology at cus-
toms?
8
Customs Risk Management. 1st Edition
Module 3
UNIT I IDENTIFICATION OF RISKS THAT THREATEN INSTITUTIONAL OBJECTIVES AND THE CREATION OF A “RISK REGISTER”
Learning Objectives At the end of unit I, participants will be able to: n Understand and give a general description of the different stages of cus-
toms risk management. n Identify the risks that threaten strategic institutional objectives. n Understand the importance of the risk register as an essential document for
managing customs-related risks. n Create a “risk register” to record the results.
I.1. Customs Risk Management Before getting into the methodology used for operational risk management implementation, we must have an overall idea of the process to understand exactly what we are dealing with. 9
Customs Risk Management. 1st Edition
Module 3
The following representation of the CRM process will help put things in context.
n 1. Establishing the context
n 2. Risk assessment
n 2.1. Risk identification
n 2.2. Risk analysis
4. Monitoring and review
n 5. Documentation, communication and consultation
Figure 1. Risk management process
n 2.3. Risk evaluation & prioritization
n 3. Risk treatment
Source: WCO Customs Risk Management Compendium. Volume 1, p. 13
The customs risk management process consists of five interrelated steps: 1) establishing the context; 2) assessing risk; 3) treating risk; 4) monitoring and review; and 5) documentation, communication and consultation. Each step is explained in detail next.
10
Customs Risk Management. 1st Edition
Module 3
I.1.1. Establishing the Context Establishing the context may be simply defined as determining what needs to be managed. Establishing the context will help set the parameters needed to manage risk. The context may consist of the customs administration or any one function in particular. This means that the same techniques or methodologies applicable to the whole administration may be used in one specific process, project or location (customs office). It is important to remember that a risk management plan developed for an entire administration can and should be replicated in different divisions, units and projects. Once the operating environment for the risk management methodology has been established, we need to define the objectives, as well as the resources and capabilities available. The next step is to establish the criteria used to assess risks and to determine if any additional control is necessary. This will help define the scope and limits of the risk management. Another important point to have in mind is the expectations of shareholders. Customs decisions not only affect the organization, but also the government and the private sector. When establishing the context, customs must consider the expectations of all actors with which it will interact and will be affected. Finally, we should consider any other known details about the activity. The following table summarizes how the context is established:
11
Customs Risk Management. 1st Edition
Module 3
Table 1. Establishing the context Objectives Resources and capabilities available Operating environment Criteria used to assess risks Scope and limits of risk management Environment
Expectations of shareholders
Other
Details known about the activity
Source: Castro (2016) p. 10
The outcome of this phase is a detailed statement of the “environmental operating context”, which includes: n A clear indication of the objectives. n Risk areas. n The criteria and parameters for the risk assessment phase.
I.1.2. Risk Assessment This phase is composed by three sub-phases: risk identification, risk analysis, and risk evaluation and prioritization. In the risk identification phase, potential risks are identified and recorded through a systematic process that identifies which risks could arise, why and how, thus forming the basis for further analysis. The “risk register” is the outcome of the risk identification process. It ensures that the entire risk spectrum is considered.
12
Customs Risk Management. 1st Edition
Module 3
The risk analysis step consists of quantifying the likelihood of an event (risk), its consequences and magnitude. The combination of these elements results in an estimation of the level of risk. The third step is risk evaluation and prioritization. It entails comparing risks previously assessed and, depending on the risk level, prioritizing treatment.
I.1.3. Risk Treatment Treating risk means defining the strategy adopted to respond to it. In principle, there are four types of responses: treat (process), tolerate, transfer and terminate. n Treating or processing risk refers to the strategy and the actions to mitigate
it. n Tolerating risk is to keep it monitored or controlled. In general, risk is toler-
ated when there are no or few resources or capabilities available or when priority is low. n One way to mitigate risk is to transfer it to a third party, either internally or
externally. A customs administration may transfer a risk, but not the responsibility. n Terminating a risk means discontinuing or no longer pursuing an activity
that may cause a risk to occur. In general, customs do not terminate risks.
I.1.4. Monitoring and Review Managing risk is a dynamic process and therefore requires permanent monitoring and review. The customs environment changes with great speed and risks do not remain static. The objective of the monitoring and review phase is to ensure effective and efficient risk management, covering all processes.
13
Customs Risk Management. 1st Edition
Module 3
Monitoring and review requires a suitable structure that includes measures like: outlining the results and effects that result from the implementation of the chosen actions and criteria for comparing and interpreting pre and post treatment results.
I.1.5. Documentation, Communication and Consultation Documentation, communication and consultation should be ongoing during the risk management process. It is often necessary to establish communication with both internal and external stakeholders. Consultation with stakeholders may be conducted at each stage of the process and for the process as a whole. These activities should be planned and subject to an ongoing addressing of the process and of any issue that may arise. Documentation consists of recording and storing all the different stages of the process in a way that enables their retrieval, when necessary.
I.2. Risk Identification Today’s customs administrations rely on a strategic plan that contains policies and guidelines to achieve their objectives. Risk management provides the methodology for managing the potential risks that may be threatening those strategic objectives. Once the institutional strategic objectives have been defined, the next step is to identify and record all potential risks that can arise. Before identifying risks, the following tasks should be performed: n Identify the sources of risk. n Identify what risks can occur, why and how. n Recognize the controls already in place to prevent and detect risks. n Recognize the control and accountability mechanisms—internal and exter-
nal—already in place.
14
Customs Risk Management. 1st Edition
Module 3
n Determine the degree of reliability of the information available. n Identify the nature and quantity of research needed regarding specific risks.
Risk management must be part of an organizational culture. Even though there might be a unit or department formally responsible for its execution, risk identification activities must be applied throughout the organization. Once the administration has identified strategic risks and established its priorities, risks are handed down to deputy managers who further analyze risk situations in their respective areas of influence and propose any supplementary measures. The risk is thus refined at each stage of the process. For example, let us review the strategic objective of revenue collection. Senior management has identified fraud as a potential risk that may prevent the administration from achieving a goal. At the deputy manager level, the Antifraud Division identifies two types of fraud that may affect revenue collection. Once risks have been identified, the next step is to record them in a register as we will see in the following section.
I.3. The “Risk Register” The “risk register” is a document that ensures that all risks are identified and can be regularly managed and reviewed in order to keep them at an acceptable level. There are many different models of register, from very simple ones to highly complex models developed with the support of Information Technologies (IT). However, complexity is not always synonymous with efficiency. Specifically in the case of customs administrations that are beginning to use risk-targeting methodologies, using a simpler model will always be a wise choice. The “risk register” may be developed from the following steps: 1. Describe strategic institutional objectives.
15
Customs Risk Management. 1st Edition
Module 3
2. Identify the risks that threaten each strategic objective. 3. Analyze risks, assess their likelihood and consequences and rank them by degree of importance. 4. Define the treatment for each risk identified. 5. Assign the risks to their “risk owner”, i.e. the person, unit or department responsible for treating each risk. 6. Define review mechanisms. So far, we have covered steps one and two.
I.4. Example Let us start our “risk register” with a hypothetical situation. Our objective is to develop a model for use in practical cases. The customs administration of Country X has decided to adopt a risk management methodology to achieve its institutional objectives. The strategic plan contains three objectives: 1. Effective and efficient collection of revenue. 2. Legitimate trade facilitation. 3. Community protection and security. These strategic objectives will provide the base for developing the “risk register”. The next step is to identify risks. Imagine that, after reviewing the issue mentioned in 2, the director general has identified the following risks for each objective: n Objective 1. Fraud; integrity issues (corruption); lack of staff competence. n Objective 2. Lack of coordination with other border agencies; insufficient or
obsolete technological resources; ineffective procedures. n Objective 3. Narcotics; intellectual property; weapons of mass destruction
(WMD).
16
Customs Risk Management. 1st Edition
Module 3
Table 2. The “risk register” begins to take shape Number 1
Objective
Risk
1.1. Fraud Effective and efficient collection of 1.2. Integrity issues revenue; 1.3. Lack of staff competence 2.1. Lack of coordination with other agencies
2
Legitimate trade facilitation;
2.2. Insufficient IT resources 2.3. Ineffective procedures
3
Community protection and security
3.1. Narcotics 3.2. Intellectual property 3.3. Weapons of mass destruction
Source: (Castro, 2016, p. 14).
After completing this stage, deputy managers define the strategic initiatives for each risk area. For example, for risk “1.1. Fraud” a number of initiatives may be defined, such as: providing additional resources for the anti-fraud division; and establishing a communication link with the country where a significant number of fraud cases have been identified in order to obtain advance information regarding the consignments originated in that country. Work continues identifying risks at more specific levels. It is important to remember that, besides indicating institutional objectives, most strategic plans normally describe strategies (strategic initiatives). In this case, these strategic initiatives constitute the base for risk-targeting activities.
SYNTHESIS OF THE UNIT In this unit, we have provided an overview of the risk management process, including a graphic vision; learned how to identify risks based on the strategic objectives of a customs administration; briefly explained each step of the risk management process; explained what a “risk register” is and how to record risks; presented a practical example of a “risk register” that participants may apply in their work.
17
Customs Risk Management. 1st Edition
Module 3
UNIT II RISK ANALYSIS, EVALUATION AND PRIORITIZATION
Learning Objectives At the end of this unit, participants will be able to: n Understand the concepts of likelihood and consequence in assessing the
magnitude of threats to customs activities. n Assess and prioritize risks, based on practical models for identifying the best
strategy to address these threats.
II.1. Risk Analysis Let us look at figure 1, step 2.2 of the risk management process. Once the context has been established and risks identified, we are able to analyze the risks. Risk analysis consists of judging the likelihood of a risk event, its magnitude and potential consequences. The final product of the analysis is an estimation of the degree of risk. Risk analysis may be considered a scientific discipline because it is evidencebased, but this does not imply that it is an exact science. A big part of the analysis is
18
Customs Risk Management. 1st Edition
Module 3
made on a trial and error basis, so expert judgment, knowledge of the business environment and common sense are important elements to consider when analyzing risks. For example, let us consider objective 3 in table 2 “Community protection and security�. One of the risks identified is the introduction of weapons of mass destruction. To analyze risk, we must calculate the likelihood that WMD are introduced into the country and the impact such an event may entail. We may intuitively believe that the likelihood of such an event is very low and that its consequences would be disastrous. The combination of likelihood and potential consequences determines the degree of risk, or the priority for its treatment. It is important to keep in mind that the process needs to be regularly reviewed, as conditions may change. For example, if customs receives an intelligence report that a terrorist group has begun to operate in the country, the likelihood that WMD are brought into the country may increase exponentially. Sometimes, news published in a newspaper can be a warning to review our risk analysis procedures. Imagine you are responsible for risk analysis at your local customs and you come across the following article:
19
Customs Risk Management. 1st Edition
Module 3
Source: The Seattle Times (2017)
According to government sources, ISIS supporters in your country are very numerous. Given this context, do you still believe that the likelihood of chemical weapons introduced in your country remains low?
20
Customs Risk Management. 1st Edition
Module 3
II.2. Determining Likelihood When using the expression “determining likelihood� we tend to think about complicated statistics and highly sophisticated software. Fortunately, determining risk likelihood is much simpler and practical. Among many other methods, we have chosen two, which were taken from the WCO Customs Risk Management Compendium. They are represented in tables 3 and 4 following: Table 3. Description and indicators for determining likelihood (3 x 3 likelihood scale) Likelihood
High (Probable)
Description
Indicators
Likely to occur or more than a Has occurred in the last twelve 20% chance of occurring. months.
Has occurred between one year Medium (Possi- Could occur, but less than 20% and three years ago. Has ocble) chance of occurring. curred in another country within the last two years.
Low (Remote)
Not likely to occur and less than 5% chance of occurring.
Has not occurred in the last three years or more. Has not occurred in another member country in the last two years.
Source: WCO Customs Risk Management Compendium. Volume 1, p. 15
21
Customs Risk Management. 1st Edition
Module 3
Table 4. Description and indicators for determining likelihood (5 x 5 likelihood scale)
Example of Qualitative Measure
Almost certain
The event is expected to occur in most circumstances.
Once per week or more frequently.
10 chances a > 1 in 10 year
9 to 10 times out of 10 occurrences.
Likely
The event will probably occur in most circumstances.
On average once per month.
Once a year or more.
7 to 8 times out of 10 occurrences.
Possible
The event might occur at some time.
On average once per year.
One in ten 1 in 100 chances a 1000 year.
4 to 6 times out of 10 occurrences.
Unlikely
The event is not Typically expected to occur once every in most circumten years. stances.
One in 100 1 in 1000 chances a - 10000 year.
2 to 3 times out of 10 occurrences.
Rare
Typically The event may oconce every cur only in excephundred tional circumyears. stances.
One in 1 in 1000 10000 chances a 100000 year.
0 to 1 time out of 10 occurrences.
Examples of Quantitative Measures
1 in 10 100
Other Measures If these scales do not match your circumstance, then you should develop your own scale.
Likelihood
Source: WCO Customs Risk Management Compendium, Volume 1, p. 34
One of the two models presented may be used to determine likelihood. For those who prefer quantitative variables, likelihood may be expressed in numbers (1 to 3 for the model in table 3 and 1 to 5 for the model in table 4). The models presented are self-explanatory and do not need any further comments.
22
Customs Risk Management. 1st Edition
Module 3
II.3. Determining Consequences A consequence or impact is the damage produced by a materialized risk. Impact is made up of three factors: n Nature: refers to the type of problem it generally produces when the risk
materializes. n Magnitude: refers to the combination of severity and global distribution. n Duration: refers to the period measured from the moment the impact is felt
until the effects subside. The WCO Customs Risk Management Compendium recommends two ways to determine the significance of consequences. The models follow the same standards used for determining likelihood, i.e. a 3x3 matrix and a 5x5 matrix. The models are presented in tables 5 and 6 following: Table 5. Description and indicators for determining the significance of consequences (3 x 3 consequence scale) Consequence/ Impact
High (Serious)
Description
Indicators
If adverse risk occurs, then there can be a severe community, economic or political crisis.
Long-term ramifications for government or organization.
Damage of the ability to An adverse risk occurring meet organizational goals Medium (Manageable) would obstruct workflows and and commitments with govharm community or business. ernment, community and business. An adverse risk would cause Adverse risk event can be abLow (Treatment within exminor delays to service delivsorbed within existing standisting workflows) ery. ard operating procedures. Source: WCO Customs Risk Management Compendium, Volume 1, p. 16
23
Customs Risk Management. 1st Edition
Module 3
Table 6. Description and indicators for determining the significance of consequences (5 x 5 consequence scale)
Severity of risk
Severe
Major
Moderate
Description of consequences for passengers and cargo Passenger clearance delays are occurring, causing severe disruption to the client. Air and sea cargo delays are causing severe financial and community impact. Passenger clearance delays are occurring, causing major disruption to the client. Air and sea cargo delays are causing major financial and community impact. Passenger clearance delays are occurring, causing moderate disruption to the client. Air and sea cargo delays are causing moderate financial and community impact.
Minor
Passenger clearance targets sometimes not met. Air and sea cargo delays are causing minor financial and community impact.
Insignificant
Rare for passenger clearance targets not to be met. Very few clients are delayed.
Source: Adapted from WCO Customs Risk Management Compendium, Volume 1, p. 35
II.4. Risk Evaluation and Prioritization This step entails organizing the assessed risks against a significance criterion in order to determine which risks should be prioritized and therefore allocated more resources. Risk significance is measured in terms of likelihood and its consequences. The following table represents a 3x3 risk significance matrix.
24
Customs Risk Management. 1st Edition
Module 3
Table 7. Risk significance matrix (3x3).
Consequence Medium
High
Medium
High
High
Low
Medium
High
Low
Low
Medium
Medium
Low
Low
Likelihood
High
Source: WCO Customs Risk Management Compendium, Volume 1, p. 16
For those who prefer numbers, the following model contains a 5x5 risk matrix. Table 8. Risk significance matrix (5x5) Insignificant 1
Minor 2
5
Likely 4 Possible 3
LIKELIHOOD
Almost certain 5
Unlikely 2 Rare 1
CONSEQUENCE Moderate Major 3
4
Severe 5
10
15
20
25
4
8
12
16
20
3
6
9
12
15
2
4
6
8
10
1
2
3
4
5
Low: 1-4; Medium: 5-9; High: 10-19; Extreme: 20-25
Source: WCO Customs Risk Management Compendium. Volume 1 p. 36.
25
Customs Risk Management. 1st Edition
Module 3
II.5. Example Considering what we have learned in this unit, we can proceed with the “risk register” we started in 1.4. Based on its experience, the customs director general has added the last three columns (L – Likelihood; C – Consequence; Sig - Significance). The following is the updated register of risk. Table 9. “Risk register”
#
Objective
Effective and efficient col1 lection of revenue.
Legitimate trade facilita2 tion.
Community protection 3 and security.
Risk
L
C
Sig
1.1. Fraud
H
H
1.2. Integrity issues
M
M
High Mediu m
1.3. Lack of staff competence 2.1. Lack of coordination with other agencies
L
L
Low
H
H
2.2. Insufficient IT resources
L
H
2.3. Ineffective procedures
L
H
High Mediu m Mediu m
3.1. Narcotics
H
M
High
3.2. Intellectual property
M
L
Low
3.3. Weapons of mass destruction
L
M
Low
H – High; L – Low; M - Medium Source: Castro (2016) p. 22
SYNTHESIS OF THE UNIT In this unit, we covered a practical way to analyze risk using models that help determine the likelihood of a risk and the significance of its consequences or impact; learned how to assess and prioritize risk by using practical models to measure the significance of a risk, and continued completing the “risk register” by adding the variables learned in this unit. 26
Customs Risk Management. 1st Edition
Module 3
UNIT III RISK TREATMENT
Learning Objectives At the end of this unit, participants will be able to: n Identify the people responsible for treating risks (risk owners) and the pos-
sible types of treatment. n Recognize the types of risk found at each phase of customs control to en-
sure proper treatment. n Identify risk indicators at each phase of customs control in order to create
risk profiles that can be effectively managed.
III.1. Risk Owners As part of the risk-targeting strategy, each risk must be assigned to one responsible entity or owner. The risk owner will develop responses and become involved in the control and management of the risk for which it is responsible. In general, risk owners have the power to use the tools or define the actions needed to control or mitigate risk. Sometimes control over a certain action is shared between two or more possible owners. If this is the case, it will be necessary to determine the key task of the process to assign ownership. Besides, the owner must be a member 27
Customs Risk Management. 1st Edition
Module 3
of the organization, i.e. a customs employee (department, division, unit etc.). Assigning an organizational risk to someone outside the organization is senseless and ineffective. For example, let us imagine customs has identified the need to update the legislation to cover new situations as an emerging risk. The unit responsible for leading the process, promoting studies and proposing changes is the regulations division, while the director general approves the proposal and the legislative interaction division submits the proposal to the National Congress. In this example, responsibility is shared among the director general, the two divisions and an external entity. Quite obviously, the National Congress is alien to the customs administration and therefore cannot be assigned the risk. So, who should the owner of this risk be? Some may think that the director general, as the highest-ranking authority in the process, should be considered the risk owner. But this would also mean that most customs risks should fall under the responsibility of the director general, which is completely impractical. In our example, the owner of the risk must be the regulations director, as this is the division that takes the initiatives and leads the process. The regulations director is responsible for overseeing the work of the legislative interaction division to ensure all measures to treat the risk are taken and that the proposal is received at the National Congress.
III.2. Risk Treatment As mentioned in 1.4, there are four decisions or actions in response to an identified risk. They are known as the “four Ts�:
28
Customs Risk Management. 1st Edition
Module 3
n Tolerate: In many instances, tolerating risk can be acceptable. For example,
where resources are scarce, when the risk is well managed, or when the costs of treating risk are higher than its consequences. n Treat: Treating risks is often customs’ preferred option for managing the
risks faced in its operations. In general, this means putting in place control measures intended to reduce the likelihood or the consequences of risk and measures to modify the level of risk to fit the organizational tolerance. n Transfer: Transferring risk can be an efficient way to mitigate it. Imagine a
border customs officer needs to verify whether a certain vehicle crossing the border has completed all relevant formalities. This type of verification may well be conducted automatically by checking the vehicle’s license place. Risk has thus been transferred from Operations to IT. n Terminate: Terminating means avoiding a risk by discontinuing or no longer
pursuing a certain activity. In general, customs does not terminate risks, as the risks it faces are inherent to its activities which cannot be discontinued. Once risks have been identified, analyzed and prioritized, the different risk owners are responsible for creating more detailed treatment plans to mitigate them. At this point, we abandon the strategic institutional level and move into the operating level to see how things work in the practice. We will now discuss customs control, its phases, the risks involved in each phase, risk indicators and the definition of a risk profile.
III.3. Phases of Customs Control Customs often adopt control measures at different moments to ensure maximum efficiency and effectiveness. Today, Customs is charged with the responsibility of protecting the community and, at the same time, facilitating international trade. Control measures are expected to cause minimum impact on the international movement of goods, so Customs must decide the best moment to conduct certain types of control. 29
Customs Risk Management. 1st Edition
Module 3
When dealing with imported goods, Customs may intervene at three distinct moments to carry out its duties. The first moment or phase begins with the issuance of a document or information indicating that the goods will be subject to a customs operation. This occurs prior to the arrival of the goods in the country or before the import declaration is lodged. This is known as the pre-arrival or pre-entry phase. The second moment starts when the goods are made available to the customs authority and continues until they are released. This is the clearance phase of control. After the goods have been cleared, Customs still has the authority to order controls to be performed. In this phase, Customs verifies that the measures applied in accordance with the customs’ legislation have been actually and properly applied. This is called the post-clearance audit phase. As mentioned before, each one of these phases has its own types of interventions and risks, so the methods used to assess risk and define risk indicators and profiles are specific to each phase. Recognizing these characteristics is essential to assess risk properly and to prepare a strategy to apply during each phase of customs control.
III.4. Types of Risk During the Phases of Customs Control Each phase has its own set of risks we must familiarize ourselves with in order to ensure proper treatment.
III.4.1. The Pre-Arrival Phase In general, the pre-arrival phase addresses non-fiscal risks (security and protection risks), so the advance declarations required by customs typically contain information on:
30
Customs Risk Management. 1st Edition
Module 3
n The goods shipped. n The company that transports the goods or has the data required (the carrier
or its representative). n The data included in the shipping documents.
The documents used for international transport are: the Bill of Lading (BL) in the case of maritime transport; the Air Waybill (AWB) in the case of air transport; and the Waybill in the case of ground transport. All these documents follow international standards to ensure a minimum set of information. Knowing the shipping documents and the information therein is essential for understanding how pre-arrival risks are to be managed. Customs officers are expected to know these documents and the information they contain.
III.4.2. The Clearance Phase This phase prioritizes the treatment of tax and customs risks. It begins when customs has already received more detailed information on the individuals involved in the operations and the goods being imported or exported. One of the basic principles in this phase is that customs must intervene if there is a risk of “irreparable harm�. The information contained in advance declarations may be supplemented with that on the import (or export) declarations for deeper analysis. Although the risks found in this phase are extremely varied, they may be classified into two broad categories: Customs control risks This category includes risks related to health, public security, the environment, and intellectual property. In general, goods that may pose sanitary, public security or en-
31
Customs Risk Management. 1st Edition
Module 3
vironmental risks are controlled by specialized government agencies that require licenses as a prerequisite for authorizing their entry. In the case of hazardous items, the license must be issued prior to shipping the goods in the sending country. For customs administrations, difficulties arise when economic operators try to evade administrative controls by falsifying the data on the declaration so that the goods can bypass mandatory controls. This is the same procedure used to avoid inspections by control agencies and to import prohibited items. For example, when a sanitary barrier is applied to the goods produced in one country, prices tend to go down. Unscrupulous companies seize the opportunity and try to introduce those goods into the country using subterfuges. Identifying the risks of intellectual property infringement requires collecting enormous amounts of complex data. Fiscal risks There are three types or fiscal risks: undue reduction of the tax value, non-payment of quota entitlements, and undue tax refunds. Introducing goods into the customs’ territory without paying the corresponding duties harms the State, as it takes away some of its revenues. However, this is not the only risk or the most serious one. The importation of goods without paying the corresponding customs duties also undermines legal competition and the local industry. Moreover, legally established businesses are left with the feeling that evasion offers greater advantages. Therefore, enforcing duty collection is not only about protecting the state government; it is about protecting society as a whole and its values. During import operations, the most common fiscal risks found are the intentional or unintentional classification of the goods (misclassification) under a wrong tariff heading and the incorrect application of tariff preferences.
32
Customs Risk Management. 1st Edition
Module 3
However, when exporting goods, fiscal risks become blurrier and therefore tend to facilitate illegal operations. In many countries, exporters are entitled to a tax refund as compensation for some of the taxes paid over the raw materials used to produce the goods exported. Given that normally there is no taxation on exports, many exporters overstate the value of the goods exported or simulate exports in order to obtain such benefits. Sometimes, government authorities step in to defend the local industry by setting limits to the importation of certain goods or by charging anti-dumping or compensatory duties. To bypass customs controls or avoid paying these extra duties, some importers resort to ingenious subterfuges. Another threat is the use of international trade operations for terrorist financing, money laundering, capital flight or other transboundary crimes. In many countries, the legislation has empowered customs administrations to fight against these illicit activities. The application of risk management techniques can greatly help identify these crimes.
III.4.3. The Post-Clearance Phase First, it is important to mention that, for reasons inherent to the risk management strategy adopted, some of the risks occurring during the concurrent phase are dealt with after the goods have been cleared. For example, imagine that an industrial company is importing machinery for a new plant. In this case, controlling the goods at the site of importation would be very costly and complicated, as the equipment generally arrives partially assembled and packaged. Another example is a low-risk importer who brings in the same product repeatedly. Customs may decide to perform post-clearance controls in the form of audits to verify many operations. Typically, post-clearance audit risks include: 33
Customs Risk Management. 1st Edition
Module 3
1. Non-compliance with customs regimes. 2. Non-compliance with customs waiver conditions (e.g. duty waiver for a food packaging machine). 3. Customs value. 4. Rules of origin.
III.5. Risk Indicators in Each Stage of Customs Risk Management III.5.1. The Pre-Arrival Phase Given the nature of the risks inherent to this phase, likelihood of occurrence is high and consequences are serious. The potential for damage is high, so customs must require previous licenses and control by specialized government agencies. The work of customs authorities is more complex during the pre-arrival phase because it implies identifying goods that have not been declared yet. Concealment of goods Importers of prohibited goods (drugs, narcotics, explosives, contraband, piracy, etc.) try to emulate the logistics of legal operations, posing an additional difficulty for customs administrations. The risk management methodology for detecting concealed goods relies on indicators that are recognized in good customs practices. The most common way to conceal prohibited goods is to use legitimate goods consignments such as food (coffee, medicinal herbs, sardine cans, nuts, bell peppers, fruit, meat, etc.); clothing and textiles (blanket bales, pillows, bathrobes, cotton gloves, shoes, leather bags, etc.); machinery (automobiles and parts, tires, motor oil, nut toasters, etc.); furniture and household goods (TV sets, ceramic items, handicrafts, carved wood items, cookware, ceiling fans, brushes, etc.); chemicals and met-
34
Customs Risk Management. 1st Edition
Module 3
als (aluminum silicate bags, arsenic barrels, chlorine gas cylinders, fertilizers, fungicides, coal, bauxite, lead ingots, etc.); miscellaneous (rubber, toys, paper rolls, plastic containers, speakers, nylon bags, flowers, etc.). Criminals often resort to the technique known as “rip-off”, which uses corrupt employees at the port of dispatch or transit to place bags with forbidden items inside the container, without the consignor or consignee's knowledge. This presupposes that the criminal organization corrupts employees both at the port of origin and the port of arrival. In general, these organizations use the containers of reputed and trusted companies to introduce the forbidden goods, making customs detection efforts harder. Considering that about 90% of all trade is conducted via maritime containers, the United Nations Office on Drugs and Crime (UNODC) and the WCO have come together to elaborate the UNODC-WCO Container Control Program (CCP) so as to “minimize the exploitation of maritime containers for the illicit trafficking of drugs and other transnational organized crime activities.” (United Nations Office on Drugs and Crime, 2016). False declarations In their efforts to import or export prohibited goods that require a license from a government agency, fraudsters resort to a number of subterfuges to bypass controls. The most common frauds are false descriptions of the goods, so that they can easily be mistaken for similar-looking ones that will not raise suspicions when scanned with non-intrusive detection systems.
III.5.2. The Clearance Phase In this phase, the risks related to the concealment of goods or false declarations are assessed using the same methodology described in unit 2.3. Both situations should be considered as leading to “irreparable harm”.
35
Customs Risk Management. 1st Edition
Module 3
Having a clear idea of what irreparable harm means helps to decide whether an intervention is guaranteed during the clearance phase. Import fiscal risks during this phase arise from three types of (intentional or unintentional) errors: a) Undervaluation. b) Misdescription/Misclassification. c) Misdeclaration of origin. In export operations, risks relate mostly to: a) Exportation of prohibited goods: chemical precursors, dual use goods, fossils, etc. b) Overvaluation: declaring a value that exceeds the actual one. This is a common modus operandi used for money laundering or to obtain tax return.
III.5.3. The Post-Clearance Phase The methods used for managing risk in this phase are very similar to those used in the other phases, as some of the risks are found in all of them. In this phase, customs authorities have access to previously unavailable information such as purchase and sale contracts, e-mails regarding the negotiations, accounting records, etc. Based on the post-clearance work plan prepared by the administration, a ratio is calculated between the number of specific audits (those that consider a single aspect such as valuation) and full audits (those that analyze the entire company environment and the impact in terms of customs compliance). In this phase, risk management must focus on the administration’s objectives established in the post-clearance work plan, which include: 1. The recovery of unpaid duties. 2. The promotion of voluntary compliance by enforcing regular customs audits.
36
Customs Risk Management. 1st Edition
Module 3
Audits are thus planned for individual operations and also for groups of operations: n Wherever possible, recover a higher amount of duties (objective 1). n Reach a high number of economic operators (objective 2).
With regard to the objective of duty recovery, the main risk indicators are: n Goods in high tariff classifications. n Goods subject to the payment of trade defense duties.
In the first case (high tariffs), the elements affected may be tariff classification and valuation. Customs may set up a databank to compare the mean value of high-risk goods, to select the cases with significant differences. A very common form of evading audits related to tariff classification is by describing the goods in a generic or incomplete manner, i.e. the description does not contain any element permitting to identify the goods in detail. Consider the following hypothetical situation regarding linen fabrics (53.09): Heading code 53.09.11 53.09.21
Description Linen content equal to or higher than 85% in weight, unbleached or bleached Linen content lower than 85% in weight, unbleached or bleached
Tariff (%) 5% 10%
Source: Central American Economic Integration Secretariat
The heading code 53.09.11—with 5% tariff—presents risk, as many imports under heading 53.09.21—with 10% tariff—may be erroneously declared under the first heading. The heading 53.09.21 presents risk in terms of classification and value. Nevertheless, fraudsters do not care about the methods used, but the results obtained (to reduce the duties charged). When applying trade defense duties, the relevant products are always associated to their country of origin. The headings levied by such tariffs become risky and the need arises for confirming the country of origin. Another way to evade these duties is to declare the goods under a different heading code. 37
Customs Risk Management. 1st Edition
Module 3
When considering the objective of promoting voluntary compliance, the following situations should be viewed as risky: 1. Exemptions associated to compliance with certain conditions like utilization: these exemptions are granted to goods used in the development of activities considered of national interest. 2. Customs regimes (drawbacks, warehouses, temporary import, etc.): audits are generally brief and customs is likely to have access to the information to look for evidence (of non-compliance). 3. Occasional errors: the risks are the same as for duty recovery, but companies are not selected in terms of the duties to be paid but as a way to prove that customs audits are actually conducted.
III.6. Developing a Risk Profile The purpose of developing risk profiles is to detect risky shipments. This objective requires arduous multidisciplinary work in order to operate properly. Developing a risk profile implies following a number of steps: A – Collect data and information from internal and external sources. This issue is further discussed in module 4. B – Validate and organize data to ensure the information is useful to identify risk. Organize data with the help of algorithms or another mathematical or graphic tool. C – Analyze data in order to identify trends and common elements. D – Assess the expected impact in the different customs offices by means of profile simulations. Simulations are an essential step before activating the profile, as the impact on the different offices may need to be adjusted. Impact assessment seeks to align the profile with the number of operations or declarations selected for audit in order not to disrupt the normal workflow. 38
Customs Risk Management. 1st Edition
Module 3
E – Activate the profile by loading it into the automated system or using data mining tools. In this step, customs employees receive encoded instructions to confirm risk. After performing the actions, operating employees must feed the results obtained back into the system. F – Provide feedback based on the results obtained by operating officials. If this is not possible, feedback may be provided in the form of intelligence or oral reports. G – Update the profile by including the results obtained or simply deactivate the profile.
39
Customs Risk Management. 1st Edition
Module 3
Figure 2. Developing a risk profile
External sources
Collect data Internal
Validate and organize data
Analyze data
Assess impact
Activate profile
Provide feedback Source: (Castro, 2016, p. 33)
40
sources
Customs Risk Management. 1st Edition
Module 3
SYNTHESIS OF THE UNIT Viva In this unit, we have left the strategic level and analyzed risk management at the operational level. The risk treatment stages, where risktargeting strategies are defined, now focuses on the pre-arrival, clearance and post-clearance audit phases. For each customs control phase, we have identified the types of risk, the methodology to be used, and the main risk indicators. A guideline to develop a risk profile has been presented to prepare participants for module 5.
41
Customs Risk Management. 1st Edition
Module 3
UNIT IV RISK MONITORING AND REVIEW
Learning Objectives At the end of this unit, participants will be able to: n Understand and describe the procedure to monitor the environment and
foreign trade actors. n Understand the main assessments customs needs to conduct in order to
support the results obtained when implementing the CRM methodology. n Prepare the details of a survey to assess results. n Assess the efficiency and effectiveness of a risk profile.
The knowledge acquired will allow monitoring the changes in the customs environment, which is a crucial step for efficient and effective risk management.
IV.1. Monitoring the Environment In unit I, we described the stages of risk management. As this is a cyclic process that depends on feedback to ensure continuous improvement, risk management requires incorporating the changes in the customs environment. In other words, every time a
42
Customs Risk Management. 1st Edition
Module 3
new measure is adopted, attention must be paid to the behavior of the actors involved in foreign trade activities: importers, exporters, public servants, carriers, and other government agencies. Monitoring may rely on external sources such as the news, advertising, social media, etc. to provide confirmation of the measures implemented. Another important point that is sometimes neglected in monitoring activities is feedback from frontline employees. For highly significant situations, it is recommended to set up a hotline connecting the central level with operating units. Many important data are often excluded from the feedback system but may be obtained through informal conversation. Monitoring is the act of observing the environment to make sound and timely decisions, anticipate situations, obtain reliable information, etc. Even though monitoring may rely on a wide range of automated tasks, it requires special attention, as the possibilities that something goes wrong are countless. The resources available to customs are limited, so monitoring must be objective and consistent with the results sought. Whenever possible, the administration should obtain information from internal sources such as IT systems and the feedback given by operating officers. Decisions usually spread along the entire supply chain, so it is important to understand how changes operate after a new measure has been adopted. Monitoring the environment is a way to assess the efficiency and effectiveness of a risk management model. But, what exactly do we mean by monitoring the environment? And how? Let us begin with a simple example. After assessing compliance, customs has identified an economic sector with high levels of non-compliance, resulting in a considerable loss of revenue. Risk management personnel has decided to process all imports by companies from that sector through the red line because it is the easiest way to 43
Customs Risk Management. 1st Edition
Module 3
monitor this sector without interfering with other sectors whose compliance is satisfactory. During the first weeks, all imports are channeled through the red line for inspection. Once authorities begin to apply sanctions, many importers will change their behavior. Some will continue to lodge correct declarations and pay the corresponding duties but everybody will quickly understand that their operations will be processed through the red line. Still, those companies that commonly bypass the law will devise new subterfuges to avoid shipment inspections. One such trick is to operate through a related company (for example, of the same holding). If customs fails to monitor the behavior of international trade companies, they will become ineffective. Once the administration decides to apply a certain measure, it must adopt a monitoring strategy immediately. This means defining: 1. Who will be directly affected negatively? 2. How can those negatively affected react to avoid monitoring? 3. Who can be indirectly affected negatively? 4. Are those indirectly affected also targeted by the measures? If not, how can this be avoided? 5. Who will be affected positively? Once the affected parties are identified, the monitoring strategy will consist of: 1. Obtaining feedback from and assessing the behavior of those negatively affected; identifying the best tools, considering costs and time available; determining the frequency of assessments and the types of variables or indicators utilized. 2. Identifying situations where the affected parties may try to evade the measures adopted. 3. Obtaining feedback from those indirectly affected. 4. Getting support from those positively affected to obtain feedback on the behavior of those negatively affected.
44
Customs Risk Management. 1st Edition
Module 3
The monitoring team must rely on information that shows the degree of effectiveness of the risk-targeting measures adopted. This must lead to a new decision-making cycle aimed at a continually improving risk management.
IV.2. Measurements When a customs administration decides to adopt a certain risk management methodology, it must implement it gradually. As a general rule, it begins by executing a pilot project, assessing its results, introducing the necessary adjustments and then extending the scope of application. To assess results, the administration defines a number of variables correlated with the objectives sought (proper payment of customs duties, deter intellectual property infringement, etc.) and measures them at two different moments: prior to and following the application of the methodology. However, the administration does not always have a historical database to support its assessments. If there is no historical database or if data is not reliable, results may be measured directly by comparing the number of findings and the number of operations selected based on the risk profile. This is one possible way to determine the effectiveness of a risk profile. However, a risk-targeting methodology has broader objectives. Customs administrations use risk management techniques to achieve strategic objectives; therefore, they need supporting data to assess whether risk management actually contributes to such objectives. These strategic objectives may be concrete and subjective. Duty collection is an example of a concrete objective, while enhancing the customs public image is a subjective goal. Assessing subjective variables is more complex. One crucial task for risk management is the identification of foreign trade operators’ compliance. Many operators comply voluntarily with the regulations while others deliberately refuse to comply. Between these two extremes, there are those who try to 45
Customs Risk Management. 1st Edition
Module 3
comply but do not necessarily always succeed in their endeavors and those who avoid complying if they can. Classifying operators into these categories is a major challenge. Once they are classified, customs applies risk management techniques to direct all operators towards a low-risk category. How can customs assess whether the measures adopted have actually contributed to changing operator behavior? These questions will encourage critical thinking about the different types of assessments that seek to evaluate: n The efficiency and effectiveness of risk profiles. n The contribution of the risk management methodology to the achievement
of strategic objectives. n The behavior of foreign trade operators after the implementation of risk
management methodologies. Before discussing the evaluation of results, we must consider the assessment of compliance with the regulation. When establishing the context in the early stages of risk analysis, Customs usually assesses the degree of operator compliance with the regulations. Once the level of compliance has been identified, and with resort to the resources at its disposal (regulatory framework, technology, staffing, etc.), Customs can define the degree of tolerance it is willing to accept. Then the administration makes the decision to apply a risk management methodology to promote changes in the context. For Customs, the underlying goal behind all the strategic objectives declared is to have all foreign trade operators become fully compliant with the law. To that end, it is essential to assess the level of compliance at the time the risk management methodology is first implemented, by considering the context as a whole, and to use result assessment tools to determine the degree of progress obtained.
46
Customs Risk Management. 1st Edition
Module 3
Although this is not part of this module, we need to explain how the level of compliance is measured and the enormous reach of this activity for customs administrations. Assessing compliance with the law is a statistical process that involves estimating proportions. One way to go about it is for the customs administration to take the declarations lodged as a basis for its analysis and make conclusions about the rate of compliance. Here we stumble upon a major difficulty that consists of determining the number of declarations that need to be analyzed. Fortunately, statistics helps us to draw general conclusions from a sample of a small subset that is representative of the whole. An example of sampling techniques is the application of opinion polls based on questionnaires that seek to find out people’s opinions about a certain topic. During political campaigns, polling firms usually estimate the possible outcome based on a very small sample of voters. However, in countries with millions of inhabitants, polling companies manage to make very precise forecasts from the opinions of a few thousand people. Customs may estimate the rate of compliance by using statistical criteria, thus saving time and resources.
IV.3. Assessing Quantitative and Qualitative Results IV.3.1. Quantitative Results Quantitative results are those obtained from concrete evidence that can be mathematically measured, such as the value of the goods seized; the weight of the perishable goods destroyed; the number of declarations selected; the rate of successful inspections, etc.
47
Customs Risk Management. 1st Edition
Module 3
There is a widespread belief that quantitative results are highly reliable. For many years, conclusions based on numeric results have been considered definitive. However, it should be remembered that results expressed with mathematical precision may also be misleading. The sources from which the information is obtained are key to determine data quality and reliability. Risk management utilizes specific indicators to assess the results of a certain methodology, such as the effectiveness and efficiency of a risk profile. Indicators must be carefully selected to ensure that they will be consistent with the objectives sought. This is extremely important, as a wrong indicator may lead to erroneous conclusions which, in turn, may cause authorities to make the wrong decisions.
IV.3.2. Qualitative Results Assessing qualitative results is a very complicated task, so we will relate it to risk management without presenting overly complex methodologies that require big efforts from the administration. For our purposes, we will explore some solutions available through the Internet that can help us to resolve actual situations. As a rule, we will use the expression "qualitative measurements" to refer to assessments that do not use numerical data. In the field of risk management, we use these measurements to assess the effects of an individual decision or a set of decisions on the behavior of foreign trade operators. They may also be used to assess the perception of risk. Qualitative measurements utilize different methodologies such as observations, polls and case studies. For us, and given the peculiarities of what is being measured, surveys provide the greatest coverage. Elaborating a survey to measure results requires careful preparation in order to avoid any failures. The following is a guide for survey elaboration:
48
Customs Risk Management. 1st Edition
Module 3
1. Establish the objectives, sources and means: a. Objectives: define what needs to be measured in a very precise and objective way. A highly objective survey will have more chances of being responded. Preferably, a survey must measure something specific. b. Sources: identify the individuals or institutions that possess the information sought. Avoid intermediaries and go directly to the stakeholders or affected parties. c. Means: assess whether a statistical sample or a mass method should be used, considering the number of parties or stakeholders affected (web-based poll or written forms). Once the means is defined, establish the strategy to obtain results. 2. Prepare the survey: a. Objectiveness and time: remember that not everybody is willing to answer, so questions must be objective and answerable with a “yes/no� or similar reply. Indicating a realistic time for answering is the essence. b. Clarify concepts to avoid confusion: avoid technical terminology or, if that is not possible, explain its meaning. You may also divide a complex question into parts or include control questions, i.e. questions to verify if the respondent has actually understood what is being asked. Control questions may be a direct (by rewording the same question) of indirect (by asking the opposite) confirmation. This is of course an exceptional measure. Complex issues should be divided into simpler parts. c. Clearly state questions to avoid bias: a common mistake is to bias questions towards what the researcher wants to confirm, but doing so will compromise the whole work. 3. Define the strategy to obtain results: a. Establish a communication plan that is compatible with the means utilized: When choosing a statistical sample, it is preferable to communicate individually with each respondent, explaining the purpose, ethical principles (confidentiality, publication of aggregated results, etc.) and 49
Customs Risk Management. 1st Edition
Module 3
other important points. A web-based platform must provide respondents with assurance that the site is reliable. The Internet offers several free tools to conduct online surveys. Some of them can be adapted to the needs of the customs administration. The results may be posted on social media. b. Establish a deadline for answering the survey: Deadlines must not be too short or too long. A reasonable deadline is between fifteen and thirty days. c. Monitor the flow of replies: a way to increase the response rate is to send one or more reminders. 4. Analyze and interpret results: The analysis and interpretation of results depends directly on stage 1. In general, when using the web platform, the analysis is part of the process. Some websites allow importing results to be processed by some analysis tools. Once results have been analyzed and interpreted, publication commitments need to be honored. Results may be published in the Customs service web page or sent to participants via e-mail. The results of qualitative measures are an important input for future decisions to continue with business as usual or to introduce changes.
IV.4. Assessing the Efficiency and Effectiveness of a Risk Profile The quick evolution of foreign trade requires risk profiles to be constantly monitored. Profiles should be evaluated and reviewed every six months, or every three months in the case of major risks.
50
Customs Risk Management. 1st Edition
Module 3
The need to review a profile will depend on an assessment of its effectiveness. And in order to review a profile’s effectiveness, we need accurate and timely feedback. The effectiveness of risk profiles is assessed using the following indicator: A – Effectiveness of Selectivity (ES)
OF – Number of Operations where Findings were identified regarding the risk indicated. OS – Total number of Operations Selected based on the criterion or risk profile indicated. Indeed, the effectiveness of selectivity alone is not enough to address all the elements involved. Selecting a declaration for inspection implies costs for the customs administration and foreign trade operators alike. The following example presents other factors that need to be considered when assessing a risk profile. The data express the results of applying a risk profile over a period of three months:
Selection
Declarations (A)
Findings
Percentage
Percent-
C=(B/A)*100
age
Number (B)
Number (D) E=(D/B)*1 00
2600
260
10%
Source: Castro (2016) p. 41
51
13
5%
Customs Risk Management. 1st Edition
Module 3
For now, let us concentrate on the part of the table where findings are presented. Profile effectiveness is 5%, which results from dividing the number of findings (13) by the number of declarations selected (260), expressed as a percentage. After three months, Customs introduced a number of changes in the risk profile. The results were:
Selection Declarations (A)
Percentage Number (B)
2800
Findings
C=(B/A)*100
700
25%
Percentage Number (D) E=(D/B)*100 56
8%
Source: Castro (2016) p. 42
Selectivity effectiveness in this second period reached 8%, compared to 5% in the previous period. Have profile changes been positive? Why? Now, to systematize our analysis, let us construct a consolidated table for both situations.
Period
Selection
Declarations (A)
Findings
Percentage Number
C=(B/A)*100
(B)
Percentage Number (D)
E=(D/B)*10 0
1
2600
260
10%
13
5%
2
2800
700
25%
56
8%
Source: (Castro, 2016, p. 42).
52
Customs Risk Management. 1st Edition
Module 3
Note that during the second period the effectiveness of the selection was greater than in the first period and that the number of declarations selected was 2.5 times larger. The cost for the customs administration and foreign trade operators has been too high. This means that the effectiveness of a profile per se is not enough to evaluate it, as it does not measure the associated costs. We need an efficiency measure based on a comparison of effectiveness (Column E) and the percentage of declarations selected (Column C): Efficiency during period 1 – (5%) / (10%) = 0.50 Efficiency during period 2 – (8%) / (25%) = 0.32 It may be concluded that for the customs administration it is better to opt for a risk profile that selects 10% of the declarations with a rate of effectiveness (degree of successful selectivity) of 5% than a profile that selects 25% of the declarations with a rate of effectiveness of 8%.
SYNTHESIS OF THE UNIT In this unit, we have presented the notion of monitoring the environment and foreign trade operators and explained what needs to be monitored in order to secure continuous risk management improvement. We have identified internal and external data sources to conduct effective monitoring, as well as the main types of quantitative and qualitative measures used to assess the results of implementing a customs risk management methodology. We have described how to measure the efficiency and effectiveness of a risk profile so that any necessary corrections can be easily introduced.
53
Customs Risk Management. 1st Edition
Module 3
Bibliography n World Customs Organization (2008). Customs in the 21st Century. Brussels,
Belgium. n World Custom Organization. Revised Kyoto Convention – General Annex
Guidelines. Chapter 6. “Guidelines on Customs Control”. n World Customs Organization (2012). Guidelines for Post-Clearance Audit. Vol-
ume 1. Brussels, Belgium. n World Customs Organization (2015). Framework of Standards to Secure and
Facilitate Global Trade. Brussels, Belgium. n World Customs Organization. Customs Risk Management Compendium. Vol-
ume 1. Brussels, Belgium. n The Seattle Times (April, 19, 2017 online edition). Source: http://www.seat-
tletimes.com/nation-world/isis-has-chemical-weapons-and-uses-them-experts-say/ n United
Nations
Office
on
Drugs
and
Crime
Source:
http://www.unodc.org/ropan/en/BorderControl/container-control/ccp.html n Central
American
Economic
Integration
Secretariat.
Source:
http://www.sieca.int/PortalData/Documentos/C23FCAE2-DF1C-4096-AD27F5492570E3BE.pdf n Castro, W. Gestión de Riesgos en Aduanas, Edición 1, Módulo 3 – Metodología
para la implementación operativa de la gestión de riesgos. International Development Bank (2016).
54