CHEMICAL SECURITY

The Chemical Facility Anti-Terrorism Standards (CFATS) is an unprecedented regulation aimed at enhancing the security of the nation’s highest risk chemical facilities. Unlike prescriptive regulations, CFATS utilizes risk-based performance standards and requires regulated chemical facilities to complete a Security Vulnerability Assessment (SVA) and a Site Security Plan (SSP), among other things. CFATS took effect on June 8, 2007, and “Appendix A” – which helps determine whether (and to what extent) a chemical facility may be regulated – was published in late 2007. 

Facilities that continue to be classified as “high risk” following DHS review of their SVAs receive a final tier letter assigning them to one of four risk tiers that require increasingly stringent levels of security.  Each of these facilities must submit a SSP to DHS that addresses the vulnerabilities identified in its SVA.  As of July 2010, approximately 4,110 facilities have received a final tier notification letter and began the SSP process, with approximately 887 additional facilities still awaiting final tier notification.  Nearly 5,000 facilities have been preliminarily classified as “high-risk” and submitted a SVA to DHS for review. 

While Congress ordered the Department of Homeland Security (DHS) to develop and enforce implementing regulations, it left significant areas of law and policy unresolved. In particular, the authority of DHS to regulate chemical facilities beyond October 2010 remains an open question, though all sides agree that CFATS is here to stay.

TRANSPORTATION SECURITY:

The Transportation Security Administration (TSA) and the Pipeline and Hazardous Materials Safety Administration (PHMSA) have each published their own rail security regulations. These regulations give special attention to the transportation, storage, and custody of some hazardous materials (including toxic inhalation hazards). Because chemical manufacturing and transportation require an integrated approach to security across the entire supply chain, CFATS must be considered in light of TSA and PHMSA regulations, and vice versa. Furthermore, Congress included additional surface transportation security requirements as part of the law implementing the recommendations of the 9/11 Commission in August 2007.

IDENTIFICATION & CREDENTIALING:

The Transportation Worker Identification Credential (TWIC) is a tamper-resistant, biometric identification card required for all individuals who require unescorted access to secure areas of Maritime Transportation Security Act (MTSA)-regulated facilities and vessels. To obtain a TWIC, an individual must successfully pass a security threat assessment and provide biometric information to TSA. As of August 2010, TSA has issued over 1.5 million TWICs.

COMPLIANCE & ENFORCEMENT ACTIONS:

Homeland security regulations create enhanced compliance demands for the regulated community. Ensuring compliance requires a comprehensive knowledge of the law and the implementing regulations. Critical infrastructure owners and operators can no longer rely on their Washington federal affairs offices or industry trade organizations to provide the detailed information and insight that is now required. Proper compliance necessitates an understanding of the relationship among related regulations that appear distinct (e.g. CFATS and TWIC). When enforcement actions do occur, lawyers with homeland security expertise are ideally positioned to achieve the fairest resolution in the shortest time.