The New Reality of Maritime Security

Living With Security: Changing the Way We Do Business

(February, 2003)

We all wait expectantly to see what will befall us next. Will Iraq be engaged and disarmed, will Osama bin Laden be located and eliminated, will North Korea regain its sanity, or will some other event capture our absolute attention? Will we soon have the entire Islamic world, roughly one billion Muslims, enraged and working toward our destruction? One thing is clear – in the face of a world that asks a lot of questions, security has become a dominant issue.

It should be taken for granted that security has become a major focus for us all. This is generated by real concerns about protecting U.S. citizens and assets from terrorism, both from expected and unexpected sources. Vessel operators, port authorities, and maritime facilities remain in business by complying with legitimate governmental regulation on the part of various entities within the federal and state governments. That’s the way the system works in the U.S. The maritime industry is being driven into a wider variety of regulatory compliance issues than ever before by Congress, the USCG, and the International Maritime Organization (IMO).

Maritime security requirements are racing toward the industry. Many on the facility side of the industry are still in denial, unwilling to recognize that our government can and will make significant demands of them. On the other hand, vessel operators readily accept that major changes are on their way, but are waiting to see exactly what they are before rushing into action. Pushing those new regulations towards both sides is the Department of Homeland Security, with the IMO close at hand.

Mandates

Knowing the origins of the requirements is important because it oftentimes gives a good indication of how negotiable the regulation or edict may be. Those handed down by Congress are essentially absolute and inflexible, whereas those dictated by IMO are laced with fuzziness and depend upon interpretation by the USCG. Requirements in the current NVICs are guidelines, and are at least somewhat open to negotiation. Mandates that have been put into regulation are much less flexible than guidelines, but at the same time, are less rigid than those contained in federal law.

None of this is meant to cast a negative light on how our regulatory system works. It is very simply how life is in the U.S. today.

Congress

The Congress has enacted the Maritime Transportation Security Act (MTSA) of 2002, putting into law many foundation elements of increased Port Security, with a very aggressive timeline to bring these enhancements to fruition. To wit:

	Risk assessments are now required for all facilities, with the implicit expectation that they will be undertaken (if not completed) within six months to a year.
	The establishment of a National Maritime Transportation Security Plan, to be prepared by the USCG.
	All ports, facilities, and vessels must develop comprehensive security plans. These regulations are expected to be established by June ’03, with final rules being approved by November ’03.
	A uniform personnel identification system is going to be required. Though credentialing protocol has not yet been established, this can reasonably be expected to go live as early as 2005.
	Port Security Committees have been (or are in the process of being) established nationwide.
	A federal grant program for security enhancements for port authorities and facility operators has been initiated, and two rounds of grant proposals have been requested.
	A funding system to develop security training is being developed and put into practice.

IMO

The IMO has developed the Safety of Life At Sea (SOLAS) 1974 Convention amendments to SOLAS. The application of the SOLAS amendments is intended for the following vessels and port facilities that engage in international trade (including Great Lakes vessels):

	Passenger ships,
	Cargo vessels over 500 Gross Tons by International Tonnage Convention,
	Self-propelled Mobile Offshore Drilling Units (MODUs),
	Port Facilities serving such vessels, which may include anchorages.

The MTSA broadens application of these international requirements to those facilities and vessels that may be involved in a security incident located on or adjacent to waters subject to U.S. jurisdiction.

Some examples of IMO standards and their broadening by the MSTA include:

	SOLAS, Chapter V – Automated (vessel) Identification Systems (AIS) specification and carriage requirements. Mandatory carriage requirements go into affect in July, 2004. Mandatory carriage broadened by MTSA to apply to many domestic vessels (see below)
	Chapter XI-1 – Ship identification number and continuous synopsis record retained on board.
	The MTSA authorized broadening application to domestic vessels as appropriate.
	Chapter XI-2 – The International Ship and Port Facility (ISPS) Code – Parts A & B – Part A is mandatory internationally, part B is recommended.
	The MTSA authorizes making part B mandatory to all applicable vessels and port facilities,
	The MTSA authorized the application of the ISPS Code to certain domestic vessels and port facilities.

The domestic vessels to which there these broadened standards apply will include:

	All self-propelled commercial vessels over 65 feet overall in length,
	All vessels over 100 gross tons and inspected under 46 CFR Subchapter I
	Offshore Supply Vessels (OSVs) inspected under 46 CFR Subchapter L
	Tankships inspected under 46 CFR Subchapter D and O
	A passenger vessel carrying more than a specific number of passengers to be designated by the Coast Guard. This number will most probably be 149 passengers,
	Passenger vessels inspected under 46 CFR Subchapters H & K
	Towing vessels over 26 feet overall and 600 horsepower,
	Barges inspected under 46 CFR Subchapter D, I or O,
	MODUs inspected under 46 CFR Subchapter I-A.

Applicability to port facilities is also broadened by the MTSA to include:

	All facilities that service vessels that carry more than 149 passengers,
	All facilities that handle explosives, liquid natural gas (LNG) / liquefied pressurized gas (LPG)
	All facilities handling oil and/or hazardous material to or from a vessel with a capacity of 250 or more barrels

USCG

Certain guidelines have already been published in the form of Navigation & Vessel Inspection Circulars (NVICs). These include:

	Security for Passenger Vessels and Passenger Terminals (NVIC 4-02)
	Guidelines for Port Security Committees and Plans (NVIC 9-02)
	Security Guidelines for Vessels (NVIC 10-02)
	Recommended Security Guidelines for Facilities (NVIC 11-02)

These guidelines will be followed by regulations. It has been noted that that the NVIC 11-02 concerning facilities is rather proscriptive and onerous, much more so than the NVIC for vessels. The facility guidelines would basically require every facility to install security systems commensurate with those in place at Top Secret military installations. The Coast Guard indicates that they are developing a security regulatory system that will be risk based using standards that are performance based. On the other hand the Coast Guard is also saying that the regulations will be very much like the NVIC guidelines. This contradictory information indicates that we may be in for a rough ride.

The Coast Guard will promulgate Interim and Final Regulations concerning implementation of statutes and treaties, as well as promulgation of recommended guidelines contained in various NVICs. The regulations are expected out by June ’03. It is worth noting that the Congress has specifically waived the Administrative Procedures Act for these regulations.

It is worthy of note that the ISPS Code is principally organizational and does not contain the details of the extent and full makeup of the physical security system. In many respects, the details are left up to the flag state. Under the current guidelines the U.S. government would have us turn our port facilities into veritable fortresses. The approach to vessels seems to be much more reasonable.

The Coast Guard seems to understand the importance of the maritime transportation system. They are establishing and organizing the Port Security Committees (PSCs), which are specified by the MTSA. Various PSC subcommittees are being established over specific geographic areas to maximize stakeholder input.

The government intends that each PSC would have significant input over what requirements exist in their ports. The Coast Guard has indicated that it wants all of this to be nationally consistent. To be nationally consistent and regionally responsive seems to be an extremely difficult task. Will the USCG be staffed to properly balance all of these potentially contradictory demands? We certainly hope so.

Security Requirements

The USCG intent is fairly clear. They intend to establish a requirement system that is proportional to the threat identified. Required risk assessments will identify the extent of damage that may occur due to terrorism. The details of the physical security requirements will then be appropriate to protect against such an incident from occurring. The more extensive the potential consequences for damage to the surrounding community, the more severe the security regime.

Consequences

The consequences of a terrorist incident that may befall a facility or vessel will most probably dictate the level of security required at the vessel or facility. There are three different levels of potential consequences from a terrorist incident that relate to what is on the vessel or facility:

· The highest level of consequence is for Certain Dangerous Cargoes (CDCs) which include explosives, radioactive substances and other seriously toxic or dangerous items which generally require special handling permits.

· The second level of consequence involves one of these triggers:

	Carries or receives vessels that carry any dangerous cargoes (other than those requiring a permit), petroleum, and liquid hazardous materials (33 CFR Part 154).
	Carries or receives vessels that are authorized to carry more than 149 passengers.
	Engages in or receives vessels that engaged in international voyages.
	The lowest level of consequence includes all other passengers or cargoes on vessels and facilities

The higher the level of consequence, the higher the level of security required. Security is divided into two distinct spheres:

	Accessibility: Accessibility of the facility to attack, which is a function of the physical plant. This relates to the physical and geographic barriers that deter the threat without personnel deterrence.
	Organic Security: The ability of security personnel to deter the attack. It includes security plans, communication capabilities, guard force, intrusion detection systems, and timeliness of outside law enforcement to prevent the attack.

Very simply put, the higher the potential consequence, the higher the required security. Vessels must have security systems that will be adequate for the highest consequence cargo (or passengers) that may be carried. On the vessel side of the equation, it is only some of the dry bulk and dedicated trade vessels that may be allowed to have security plans and systems at less than the highest level. Temporary security measures can on occasion be used for facilities; however, it is not clear how such a thing can be done for vessels.

It seems probable that facilities handling CDCs will in the end probably look like military installations. One would hope that detailed security standards for other cargoes will be less severe and not like NVIC 11-02. Security for passengers is already fairly sophisticated and should not be too problematic.

We are all keenly interested in seeing the interim final regulations, which should be out by June ‘03.

U.S. vessels and facilities must have their plans approved by the USCG either in Washington or at the local Captain of the Port (COTP). It is not absolutely clear if foreign vessels will be able to have only flag state ISPS certificates for vessels entering U.S. ports. While both Part A and B of the ISPS are mandatory for entry into the U.S. at the present time (Part B is not mandatory internationally), it does not appear that the USCG intends to require specific USCG approvals for Security Plans of foreign flag vessels prior to entry. At least that is there current thinking. It seems probable that there will be significant controversy over this issue within the Department of Homeland Defense. The final outcome can not be predicted.

District Commanders will make rulings on equivalencies, although if the Coast Guard is successful in establishing and using performance standards, equivalencies should become relatively unnecessary.

Offshore Oil Industry

IMO has declared that both fixed and floating platforms are more like port facilities than they are like vessels. IMO had previously, doggedly declared that they were vessels. The ISPS will be applied under IMO to self-propelled MODUs (drill ships). It appears that the USCG currently intends to apply the ISPS domestically (under the MTSA) to all OSVs, all inspected MODUs, as well as inspected industrial vessels.

IMO has not developed any standards specifically designed for fixed and floating platforms but has highly recommended that host countries develop security standards for these offshore units.

The situation in the U.S. is still a bit confusing. The Coast Guard is undoubtedly feeling pressure to apply the MTSA to these offshore units and yet is struggling with reasonable methodology and a lack of resources. There is no question that the offshore oil industry is a tremendous resource and presents numerous targets for terrorist.

The Gulf Safety Committee (GSC) has been called together by the Coast Guard in the Eighth Coast Guard District in New Orleans. The GSC represents the offshore oil industry within the Gulf of Mexico. The Coast Guard is considering making this group into a Port Security Committee for the protection of the Maritime Transportation System, representing the Gulf of Mexico offshore oil industry as one port – for the purposes of security.

While this may seem at first blush to be an outlandish idea many within industry (and at least some within the Coast Guard) believe that this may be the only way to effectively manage security in the oil patch.

The way that this would work is that the GSC would establish a security systems similar to those required in ports or at least equivalent standards as authorized by the MTSA.

This is a highly complex process that has at least a fighting chance for success. It is not at all clear how this equivalent system would impact upon MODUs and OSVs which purportedly will necessarily be required to comply with the MTSA domestic application requirement of the ISPS Code.

The situation abounds with complexity and potential multiples of application scenarios within various elements of the offshore industry.

[Home] [Up] [Services] [News] [About] [Links]