Facilitating Trade:

Improving Customs Risk Management Systems

In the OIC Member States

14

2.2

Setting Up and Operating CRM

2.2.1

Management support for CRM

The first stage in setting up CRM system is ensuring that there is enough strategic management

support. The risk management process requires top-to-bottom and bottom-to-top

communication, collaboration and decision-making. Risk management needs to be applied to

the head customs office, the regional customs, at the BCPs, and everywhere the CA is present.

Furthermore, collaboration is needed to communicate and collaborate on a daily basis with

other customs units dealing with investigation, operations, etc.

To give a strategic context of the CRM and ensure support of the top-level management, the CA

can establish a

Strategic Risk Management Committee (SRMC)

. This committee is a

high-level

body within the customs and the CRM. It meets annually to plan for and oversee strategic risks

and provide strategic direction to risk management issues. The members of such an SRMC are

typically the Director General (Chairman), Director of Enforcement, and Head of Risk

Management Department.

The key roles of this committee are to:



Ensure that the customs and CRM Strategic Plan and associated yearly action/work

plans are aligned with this policy;



Ensure that this policy is applied and enforced throughout all customs and CRM

activities, including operational and administrative areas, procedures, business

practices and training courses;



Make strategic decisions on which the customs and CRM should prioritize risks; and



Ensure that customs and CRM resources are deployed to reflect the highest risks areas.

Risk management can be deployed at three levels –see

(Figure 2)

.

The

strategic level

relates to CA long-term strategy and responds to changes in the criminal

surrounding, threats to public security, peace, and order. It also takes into account

organizational and legal abilities to control and stop these kinds of activities. At these level

strategic decisions, such as Customs strategy, Law enforcement, and risk management strategy,

are formulated and adopted. Risks that occur at this level are strategic risks that result as a by-

product of planning or executing the strategy. They can arise from unexpected changes to

assumptions underlying strategic planning, inadequate assessment of strategic plans or

improper implementation of strategic plans. These risks should be taken into considerations in

the strategic decision-making process. Risk management at the strategic level is commonly a

manually driven process. The predictive analytics can be used at this level. At the

tactical level

,

Customs makes decisions to support the execution of the strategy. This includes the allocation

of resources, analysis of training needs and the tactical analysis. Also, the analysis of actual

trends and modus operandi related to the criminal activities - individuals and criminal groups,

what kind of illegal activity entities perform, whether the person works alone or not, whether

entities are linked with criminal groups, how they are connected, how are they organized, etc.

This level provides the details for the execution of the CRM strategy and leads risk evaluation

and monitoring and feedback.

The

operational level

is dealingwith the execution of the strategy based on the tactical analysis.

This includes detection and prevention of non-compliant activities of any type (including the

specific criminal relations of the individuals and groups, their modus operandi and their

abilities, vulnerability, the limitation and their aim) and the feedback on the irregularities to the

CRM.