"What's in a name? That which we call a rose by any other word would smell as sweet."
With apologies to Mr. Shakespeare…
That, which we call “Focused Assessment” smells as sweet as an audit …and indeed it is.
If your company has opted to participate in importing into the USA then it has also volunteered to participate in the Customs and Border Protection (CBP) regulatory audit lottery. This is one lottery you may not wish to win, however.
While CBP has overhauled its audit procedures making them less invasive than in the past, the process can distract your company from the business at hand and put demands on your limited resources.
Like it or not, your company’s name is in the pool of potential audit candidates.
What Is a Focused Assessment?
The Focused Assessment (FA) is a risk-based approach to auditing. In the past, customs would audit an importer for all compliance areas even if the importer was at low risk of a violation. This was a cumbersome process for customs and the importer. It was not overly effective at increasing regulatory compliance nor did it result in significant revenue recovery for the government.
Today CBP focuses only on those regulatory programs with which the importer has the highest risk of noncompliance. Instead of immediately sampling the importer’s entry records, CBP reviews the importer’s internal control processes to determine if the importer is at risk of significant violations.
While CBP assesses all regulations, it puts an emphasis on compliance with strategic trade initiatives and revenue recovery.
What Is the Focused Assessment Process?
Customs has published audit process guidelines on its website. The auditors are given latitude to change the process but, generally, an audit should roll out as follows:
CBP initiates a FA by making a phone call to the importer. At that time the regulatory audit division staff of the CBP Office of Strategic Trade will ask the importer for simple information about their program. Usually the questions are limited to contact information and questions about related companies.
Following the phone call, the importer will receive a questionnaire from CBP. The audit team may choose to modify this questionnaire and customize it for the specific importer. CBP provides a copy of the questionnaire in the audit process guidelines mentioned above.
Along with the questionnaire, the importer may be asked to provide business records in hard or soft copy, such as:
- Import policy and procedure manual.
- Company organization chart.
- Copy of the general ledger or other accounting records.
- Specific customs entries.
Once CBP receives the response to the questionnaire they will analyze it and make an initial risk assessment of the importer.
Should the audit team decide to proceed, they will hold an introductory conference with the importer explaining the process. The conference will be followed by interviews with key import staff. At any time during the audit, CBP may ask to see a representative sample of customs entries to test compliance with a specific focus area.
An importer can expect to be asked to pull two samples for testing—one for valuation and one for classification. Should the audit uncover revenue issues, CBP may request a statistical sample to determine the extent of any revenues owed to the government.
Should the audit disclose any patterns of noncompliance within an importer’s program, the auditor and the importer will agree upon a Compliance Improvement Plan (CIP). The CIP is essentially a time and action plan the importer will follow to improve compliance controls.
If any revenue issues were found during the audit, the importer would have to pay any unpaid duties, fees or taxes along with interest. Depending on the extent of the non-compliance, the audit could result in additional assessment of penalties.
Why Was My Company Selected for a Focused Assessment?
While your company may have been selected at random it may also have been selected because it met a higher risk profile than other importers. Remember, CBP focuses on strategic trade initiatives and revenue issues.
Any of the following higher risk import behaviors might trigger an audit:
- Use of free trade agreements or duty preference programs such as NAFTA or GSP.
- Your commodity (for example, textiles) is subject to trade restrictions or scrutiny.
- The origin country may be prone to misstatement of country or origin or transshipment.
- Your company has had a history of compliance related issues.
- Your company’s importing has grown rapidly.
- Your company does business in an industry such as retail, textiles, automotive or steel that has complex import issues and has been subject to strategic trade initiatives.
- Your product is subject to antidumping or countervailing duties.
- Your vendors have had a history of trade compliance issues.
- Your company utilizes headings 9801 and 9802—U.S. goods returned provisions.
Remember, the FA isn’t personal. It merely means that CBP believes your company is at higher risk of noncompliance than other importers.
Should We Engage an Attorney?
If it were my company, I would have a customs attorney participate on the very first phone call from CBP. It is common to have the attorney assist you with completion of the questionnaire, to be present at all interviews, and to review all documents prior to submission to CBP.
Yes, they can be expensive, but not having an attorney can be even more costly.
What Should We Do to Prepare for a Focused Assessment?
If you haven’t done so, subject your company to a self-assessment. You can use internal resources or hire a third-party auditor to review your import program.
Should you discover any reportable issues during the self-assessment, you should be able to disclose them to customs. As part of the voluntary disclosure, your company should only have to pay any duties, fees, taxes and interest owed. Prior to making a voluntary disclosure, you should obtain professional advice from your broker or your attorney.
How Can We Avoid a Focused Assessment?
Believe it or not, you can avoid the FA process if you choose to participate in the CBP program known as Importer Self Assessment (ISA). ISA involves partnering with CBP in what might be seen to be a continuous audit process. To determine if your company would benefit from ISA, refer to the guidelines at the CBP website. If your company has already been notified it will be subject to a FA, you may be prevented from participating in ISA until the FA is completed.
How Can We Mitigate the Impact of a Focused Assessment?
Strategic preparation is key. There are a number of tactical things a company can do to prepare for a FA. Remember, however, CBP will evaluate your company’s risk of regulatory noncompliance. To mitigate risk an importer must focus not simply on the tactical but also on internal control strategies.
What Is CBP Looking for within a Focused Assessment?
The purpose of an audit is to ensure your company has paid all duties, taxes and fees it owes and to ensure it is compliant with other non-revenue rules of importing. Briefly stated, CBP is checking to ensure your company has exercised reasonable care in classifying your products, valuing your shipments, and accurately tendering duties. They do this partly by reviewing your historical records.
Customs is also concerned about enforcing strategic trade initiatives. These initiatives generally have to do with the following issues:
- Quantitative restrictions on shipments or quotas;
- Increases in duty rates due to antidumping, countervailing or safeguard duties;
- Reductions in duty resulting from trade agreements such as NAFTA or CAFTA; and
- Prohibitions on imports of non-conforming products such as intellectual property right infractions, goods from embargoed countries, or goods not complying with regulatory standards of other agencies.
In researching these issues, CBP again concentrates on valuation and classification but also scrutinizes the country of origin and country of export of the shipment. Inaccurate reporting of this information could lead to revenue recovery for the government.
If Our Records Are Complete Will We Pass the Audit?
Well, yes and no.
Remember, CBP does not begin an audit by looking at historical records. They start by scrutinizing your company’s internal business controls to assess if they are robust enough to ensure compliance. Then they check the records. Of course if the records demonstrate compliance, the audit results should be favorable.
What Does CBP Mean by Internal Controls?
Customs reviews five components of your company’s internal controls:
- The Control Environment.
- Risk Assessment.
- Internal Control Activities.
- Information and Communication.
Weakness in any of these components can be an indication the company will not be fully compliant. Lets take a look at each of these components of internal control from CBP’s perspective.
1. The Control Environment
The Control Environment refers to the organizational culture and the tone set by management. CBP sees this as the foundation for effective internal controls. A good control environment places a priority on business controls and ethics. It values competence and makes a commitment to hire, train and retain qualified staff.
2. Risk Assessment
Risk Assessment looks to a company’s strategies for reviewing and responding to challenges within its import program and greater business environment.
How does the company respond to change within its import program? Does the company address growth, new services, or complex import programs proactively? How does the company respond to personnel turnover? Is the company overly dependent on its third party provider? Has the company changed its business behavior as a result of previous compliance issues?
3. Internal Control Activities
Internal Control Activities are the tactical things a company does to ensure regulatory compliance. Has the company identified and documented specific control activities? Control activities can be proactive and preventive, or they could be reactive and investigative.
4. Information and Communication
Information and Communication describes how a company shares information internally within the organization and externally with vendors and service providers. Customs is checking to see that communication is reliable and ongoing.
Monitoring is a macro, strategic process wherein a company reviews the control environment for effectiveness and makes changes if necessary. Internal or external resources could perform the monitoring process.
Internal Control Best Practices
Here are examples of activities companies have implemented to strengthen their internal control environments in each of the five areas described above:
1. The Control Environment
- Develop a corporate customs compliance policy issued by executive management and signed by all management and staff involved in the importing process.
- Develop a customs department with responsibility for the importing process.
- Structure the company so that the customs department reports at a high and visible level within the organization. Having the import office report to the legal department or tax department would give it visibility to management and authority to act.
- Develop a document formally delegating authority to the customs department to monitor and control the company’s importing activities.
- Designate and empower a senior manager as compliance officer for the organization.
- Make executives aware of key importing metrics such as value of imports, duties paid, and duties avoided due to participation in free trade agreements.
2. Risk Assessment
- Establish quantitative compliance and cost metrics. As an example, monitor a broker’s entry activity such as number of entries, timeliness of entries, numbers of late or rejected entries, and reasons for late or rejected entries. Analyze the cause of any entry shortcomings and take action if indicated.
- Cross train staff to ensure continuity during peak times and develop succession plans to allow for advancement and turnover within the department.
- Develop implementation plans when initiating new business with vendors or service providers.
- Review import data in order to track and assess participation in higher risk importing programs and compliance with goals and objectives. If internal data is not available, join the Automated Commercial Environment (ACE) or obtain ITRAC data.
- Develop policies and procedures for higher risk import programs such as use of free trade agreements.
3. Internal Control Activities
- Develop a formal policy and procedure manual that assigns responsibility to specific individuals or job functions.
- Incorporate import control responsibilities within an individual’s job description.
- Perform pre- and or post-entry audits focusing on Harmonized Tariff Schedule (HTS) classification, valuation, duty payments, and record keeping.
- Compare landed cost estimates with actual landed costs. A compliance issue might be the cause of any variances.
- Develop a vendor import compliance and procedure manual.
- Document procedures for forwarders and brokers including a detailed item classification list.
- Establish a record-keeping program.
4. Information and Communication
- Create a cross-functional compliance team to communicate regulatory requirements and collaboratively resolve compliance issues.
- Develop a compliance training and awareness program targeted at all members of the organization involved in importing. Focus skills-based training on key import staff members.
- Communicate progress with achieving compliance goals and objectives with the company.
- Share compliance related information via a company intranet site.
- Monitor the customs website and participate in CBP sponsored events to ensure information shared within the company is accurate and current.
- Periodically perform an internal audit to ensure that control activities defined within the procedure manual are followed and that they are effective.
- Hire an external auditor to review the import program.
- Adapt the audit to reflect changes in the import program.
The above is intended to be neither a prescriptive nor a comprehensive list of activities your company must undertake to develop effective internal controls. If I were to survey the importing community, I suspect we could add additional creative ideas to the list.
Incorporating any of these suggestions, however, should enhance your company’s ability to withstand an audit. More importantly, it will help you fulfill your legal reasonable care obligations.