Assessing cargo supply risk: a study of supply line risk in 45 countries finds that many companies are not properly assessing or countering vulnerabilities.
The largest and fastest growing global economies around the world include Brazil, Russia, India, and China (BRIC BRIC Brazil, Russia, India and China (world affairs)
BRIC Brooklyn Information & Culture
BRIC Biological Research Information Center (Korea)
BRIC Benign Recurrent Intrahepatic Cholestasis ). These countries, along with other high-tech manufacturing centers such as Malaysia and Indonesia, are attractive to companies both as a source of supply and as new markets to sell into. Before companies enter these inviting markets, however, they must understand the risks of operating supply lines in these environments and how to counter them.
These issues have been the subject of a multiyear study that was completed earlier this year by our company, First Advantage. The study examined countries to see what risks they represent, and it looked at the measures being implemented by companies to see whether indeed they are mitigating those risks.
The study, which covered 45 countries, specifically focused on transportation route risk. Supply chain risk assessments typically included a review of companies' manufacturing locations, trucking operations, freight forwarders An individual who, as a regular business, assembles and combines small shipments into one lot and takes the responsibility for the transportation of such property from the place of receipt to the place of destination. , third-party logistics A third-party logistics provider (abbreviated 3PL) is a firm that provides outsourced or "third party" logistics services to companies for part, or sometimes all of their supply chain management function. warehouses, container-stuffing operations, and the supporting seaports This is a list of the world's seaports: Atlantic Ocean
Among the vulnerabilities were that most companies failed to conduct container security inspections; containers often arrived at the seaport with no seals; there were no background investigations on employees; and there was no security or threat awareness training for workers. Most companies had no idea what, if any, security procedures had been adopted by their business partners.
Within single businesses, the security equipment and procedures were limited to the main manufacturing facility. Security at other potential weak spots, such as container-stuffing operations or third-party warehousing, was ignored.
When judged against objective standards, such as the U.S. Customs and Border Protection's program, Customs-Trade Partnership Against Terrorism (C-TPAT C-TPAT Customs-Trade Partnership Against Terrorism (US government) ), many of the facilities rate a poor grade. We estimate that most of the companies studied would be only 50 percent compliant with C-TPAT security criteria and some would be as low as 10 percent compliant.
Lack of consistency. A key contributing factor is the lack of a consistent security methodology across all operations of each company. For C-TPAT certification, the security methodologies must be consistently applied throughout a corporation's in-house and outsourced manufacturing locations and transportation base. For example, the study found that when companies conducted assessments of their own security operations, they generally looked only at one or two internal and outsourced facilities and suppliers, sampling them as an auditor would, rather than thoroughly examining security at every single site. This method is unlikely to reveal an accurate state of security for a particular corporation.
Corruption. The study also looked at the extent to which corruption was an issue in these environments. The study used an existing indicator, the Transparency International Transparency International (TI) is a leading international non-governmental organization addressing corruption. This includes, but is not limited to, political corruption. Corruption Index, developed by a German nonprofit group. The index indicates the degree of corruption as seen by business people and country analysts and uses a scale that ranges between 10 (highly clean) and 0 (highly corrupt). The calculation includes police corruption Police corruption is a specific form of police misconduct sometimes involving political corruption, and generally designed to gain a financial or political benefit for a police officer or officers in exchange for not pursuing, or selectively pursuing, an investigation or arrest. , business corruption, and political corruption In broad terms, political corruption is the misuse by government officials of their governmental powers for illegitimate private gain. Misuse of government power for other purposes, like repression of political opponents and general police brutality, is not considered political .
As a point of reference, the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. has a corruption index rating of 7.6 and Switzerland is rated at 9.1. The study found that the three top-rated countries for corruption--Nigeria, Malaysia, and Indonesia--are also rated as a "severe risk" in terms of anti-American or anti-Western sentiment. When we merge these two variables together, a potential risk emerges. For example, there may be a greater opportunity for something harmful to be introduced to a U.S.-bound container coming from one of these countries.
Cargo theft. The study also used First Advantage's Global Loss Repository--a database of cargo theft data from around the globe--to create loss rates for cargo transiting through respective countries. The countries are rated as low, guarded, elevated, high, or severe, depending on the number of losses. For simplicity, the survey chose to use the same coding system Noun 1. coding system - a system of signals used to represent letters or numbers in transmitting messages
code - a coding system used for transmitting messages requiring brevity or secrecy the Department of Homeland Security Noun 1. Department of Homeland Security - the federal department that administers all matters relating to homeland security
executive department - a federal department in the executive branch of the government of the United States applies to terrorism risk levels.
Companies operating in countries rated as "severe" can expect armed and violent truck hijackings, armed warehouse robberies, and frequent heists at airports. Companies operating in countries ranked as low risk should expect only minor losses due to pilferage pilferage n. a crime of theft of little things, usually from shipments or baggage. (See: theft) .
We also devised a weighted C-TPAT exposure matrix for the survey; it quantifies risks associated with anti-American sentiment or other hostility to Western governments. In this scale, countries rated as "severe" would present the possibility of terrorist attacks against U.S. or Western citizens, possibly have travel restrictions in place, and support high levels of supply chain theft.
The study incorporated all of this information to develop a profile of emerging-market country risk. The results were surprising, especially when compared to the Department of Homeland Security's Threat Advisory panel.
For example, Russia and Brazil are among two of the highest-risk countries in terms of supply chain theft. Incidents commonly involve government representatives including police, military, and customs officials. However, in terms of C-TPAT, these countries are given a "low" threat rating because the governments and residents are on amicable terms with the United States and are not hostile to Western culture.
China presented a similar situation. The three-year cargo theft trend in China reveals that losses are increasing and higher levels of violence are being used in cargo theft, leading the authors to give the country a "guarded" rating. However, China was rated "low" in their level of C-TPAT exposure because of a low cargo tamper To meddle, alter, or improperly interfere with something; to make changes or corrupt, as in tampering with the evidence. rating and alignment with Western culture.
The study also went beyond BRIC countries to places such as Indonesia, Malaysia, and Nigeria. In contrast to countries like China, these countries are rated as risky (severe risk) from a C-TPAT perspective because of the cultural differences and high cargo-tampering rates throughout the country. Some of these countries, which export huge volumes of goods to the United States, present an opportunity for terrorists to use those shipments to smuggle smug·gle
v. smug·gled, smug·gling, smug·gles
1. To import or export without paying lawful customs charges or duties.
2. To bring in or take out illicitly or by stealth. weapons of mass destruction Weapons that are capable of a high order of destruction and/or of being used in such a manner as to destroy large numbers of people. Weapons of mass destruction can be high explosives or nuclear, biological, chemical, and radiological weapons, but exclude the means of transporting or into the U.S. or to use the shipments as cover for an attack.
A significant problem contributing to this risk in Southeast Asia Southeast Asia, region of Asia (1990 est. pop. 442,500,000), c.1,740,000 sq mi (4,506,600 sq km), bounded roughly by the Indian subcontinent on the west, China on the north, and the Pacific Ocean on the east. is labor shortages A Labor shortage is an economic condition in which there are insufficient qualified candidates (employees) to fill the market-place demands for employment at any price. This condition is sometimes referred to by Economists as "an insufficiency in the labor force. that affect the quality of the work force. To use Malaysia as a specific example, shortages of manufacturing labor within the country have led to high rates of foreign workers foreign workers
Those who work in a foreign country without initially intending to settle there and without the benefits of citizenship in the host country. Some are recruited to supplement the workforce of a host country for a limited term or to provide skills on a within Malaysian factories.
Some factories may sustain a 75 percent foreign work force, and many workers come from countries with a high rate of anti-American or anti-Western sentiment. These workers are typically not vetted and are working on products bound for U.S. importation.
Organized crime. But terrorism, while high consequence, is low probability. The more common risk in these countries is theft from organized crime. For example, in Malaysia, the Mamak gang The Mamak Gang is a notorious Malaysian gang that has been active since the early 1990s. Originally they specialised in breaking into factories and warehouses, but eventually they switched to mainly carjackings and robbing motorists. is a highly organized group of cargo thieves that has plagued Malaysian transportation for over two decades. Members are primarily Southern Indian Muslims who target high-value loads from the central and northern regions of Malaysia. This gang, although smaller today than in previous years, is still active in the region and carries out thefts on a monthly basis.
Land routes are not the only problem. The Strait of Malacca , between Indonesia and Malaysia, suffers the highest rate of sea piracy in the world. The Strait of Malacca is a narrow, 805 km (500 mile) stretch of water between Peninsular Malaysia (West Malaysia) and the Indonesian island of Sumatra.
Adding to troubles in the region, experts speculate that Southeast Asia's most wanted Most Wanted may refer to:
1. One who lives near or next to another.
2. A person, place, or thing adjacent to or located near another.
3. A fellow human.
4. Used as a form of familiar address.
v. Indonesia. Top is the self proclaimed leader of Tandzim Qoedatul Jihad jihad: see Islam.
In Islam, the central doctrine that calls on believers to combat the enemies of their religion. According to the Qur'an and the Hadith, jihad is a duty that may be fulfilled in four ways: by the heart, the tongue, the hand, , commonly referred to as the al Qaeda of the Malay Archipelago Malay Archipelago, great island group of SE Asia, formerly called the East Indies. Lying between the Asian mainland and Australia, and separating the Pacific Ocean from the Indian Ocean, it includes Brunei, Indonesia, the Philippines, Papua New Guinea, East Timor, .
He is believed to be involved in the Bali nightclub bombing, the Marriott Hotel bombing in Jakarta, and the Australian Embassy bombing in Indonesia. Top, a bombmaker by trade, is also believed to be actively recruiting in several Southeast Asia countries with primary targets being the United States or other supporting Western countries.
Firms that are assessing their supply chain operations should take each of these risk variables into consideration. However, the study indicated that, within the global supply chain, a cookie-cutter approach to security has led companies to overspend o·ver·spend
v. o·ver·spent , o·ver·spend·ing, o·ver·spends
To spend more than is prudent or necessary.
1. in low-risk countries such as China and underspend Un`der`spend´
v. t. 1. To spend less than.
Verb 1. underspend - spend less than the whole of (a budget, for example)
spend - spend completely; "I spend my pocket money in two days" in high-risk countries such as Malaysia and Indonesia.
This was the case with one high-tech organization that had small facilities in both Malaysia and Indonesia, but imported 80 percent of its goods through China. The company focused security on its supply lines in China because that country supplied the most goods. That approach might seem logical, but it is ill advised. Volume-based risk assessment will only identify a company's largest importer, not necessarily its biggest risk.
After reviewing the company for the survey and applying the results to its entire supply chain, we recommended a different approach. By reviewing all of the supply chain risk variables, no matter what size, we determined the level of inherent risk. For this company, the risk variables included mode of transportation, the country of origin, type of load--consolidated or LTL LTL - Linear Temporal Logic (less than full load)--and transshipment Transshipment
The passing goods from one ocean vessel to another. locations. We found that several relatively small suppliers in Malaysia represented more risk than all of the suppliers in China.
While leaving the security plan for Chinese suppliers in place, the company increased security in Malaysia. It also began security escorts to and from the port, enhanced seal and lock processes at the warehouse, and set out to protect the integrity of the product from factory to port.
The company also ensured that the Malaysia facility implemented basic physical security procedures, such as fencing and surveillance, as well as a background screening program for employees. The new company plan ensured that facilities and practices in China were C-TPAT compliant.
In Malaysia, security procedures exceeded those required under C-TPAT. Security was tiered based on the associated threat in the company's global supply chain. In the end, this new strategy saved the company millions of dollars.
Threat Mitigation Options
An effective threat mitigation policy for supply chains has some key components: The first is to have a basic security program in place at all locations to protect all of the company's operations; second is participation in security programs, whether voluntary or initiated by the government; third is return-on-investment (ROI (Return On Investment) The monetary benefits derived from having spent money on developing or revising a system. In the IT world, there are more ways to compute ROI than Carter has liver pills (and for those of you who never heard of that expression, it means a lot). ) analysis; and fourth is benchmarking with companies that have good programs in place.
Basic protection. A starting point Noun 1. starting point - earliest limiting point
terminus a quo
commencement, get-go, offset, outset, showtime, starting time, beginning, start, kickoff, first - the time at which something is supposed to begin; "they got an early start"; "she knew from the for supply chain security is to ensure that the company has in place the basic traditional security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising"
security , including personnel screening, physical perimeter and access controls, information security for all facilities and operations, route security for all transportation conveyances, education for awareness, and training for response to incidents. The optimal security program is one that is suited to the specific challenges of the firm and is flexible enough to renew itself as new risks emerge and uncertainties change.
Programs. Active participation in voluntary programs serves several purposes: It helps create a network of secure operations, it establishes a base level of security standards, and it helps raise the overall level of security for global operations Global Operations is a first-person shooter computer game developed by Barking Dog Studios and published by both Crave Entertainment and Electronic Arts. It was released in March of 2002, following its public multiplayer beta version which contained only the Quebec map. . Also, participation in voluntary programs helps build the partnerships between the public sector and private industry necessary to create a secure environment.
The United States has been proactive with initiatives to upgrade trade and transportation security, and many other countries have also passed new legislation or have undertaken new prevention-based initiatives. Most of the initiatives involve approaches similar to those undertaken in the United States. They are based primarily on voluntary efforts by companies to improve supply chain security and include a benefit for companies in the form of a facilitated customs process.
While participation in C-TPAT is voluntary, the disadvantages for those firms that do not volunteer are significant. For example, the higher rates of inspection for those not in the C-TPAT program can add up to 10 to 12 days in a congested con·gest·ed
Affected with or characterized by congestion.
congested ENT adjective Referring to a boggy blood-filled tissue. See Nasal congestion. U.S. seaport and uncertainty in U.S. Customs processing.
More than 10,000 companies have applied to the program, and at last count, nearly 1,000 had been validated by U.S. Customs and Border Protection U.S. Customs and Border Protection (CBP), a bureau of the United States Department of Homeland Security, is charged with regulating and facilitating international trade, collecting import duties, and enforcing U.S. trade laws. . C-TPAT validation typically includes a security review of one U.S-based and one foreign-based manufacturing operation. These reviews can also include the corporation's transportation carriers, third-party manufacturers and freight forwarders, or logistics providers.
Canada's Partners in Protection, Sweden's StairSec, and the European Union's Authorized Economic Operator program contain the central themes of voluntary actions to improve supply chain security and a benefit of facilitated customs process in exchange for security improvements.
International framework. The World Customs Organization The World Customs Organization (WCO) is an intergovernmental organization that helps Members (Governments usually represented by Customs administrations from 170 countries) communicate and co-operate on customs issues. is moving toward an international framework for supply chain security and customs processing. This year, it adopted the Resolution on Global Security and Facilitation Facilitation
The process of providing a market for a security. Normally, this refers to bids and offers made for large blocks of securities, such as those traded by institutions. Measures Concerning the International Trade Supply Chain, which aims to create an international system for identifying businesses that offer a high degree of security in their supply chain operations and to provide customs facilitation for those companies.
Return on investment. According to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. my experience, more than 80 percent of corporate losses due to theft occur within the supply chain, yet supply chain security spending typically accounts for less than 5 percent of a firm's security budget.
Some firms have implemented supply chain risk-modeling tools to identify financial exposures within their global supply chain. These firms are assessing each of their transportation routes to determine the level of financial exposure due to cargo theft contained within the origin, transshipment, and destination countries; transportation modes; product lines; and other pertinent shipping variables.
Once the data are gathered, transportation routes are ranked by relative risk and the value of revenue flowing through that route. The final step involves conducting a cost-benefit analysis cost-benefit analysis
In governmental planning and budgeting, the attempt to measure the social benefits of a proposed project in monetary terms and compare them with its costs. to determine where security measures can be implemented to yield the greatest return on investment.
In doing these calculations, managers should remember to include the fact that insurance premium reductions will follow the lowering of loss rates. In many cases, insurance savings alone provide the necessary capital to fund these countermeasure coun·ter·meas·ure
A measure or action taken to counter or offset another one.
action taken to counteract some other action
Noun 1. programs.
Companies must understand, however, that they can negotiate with their insurance company to reduce premiums only if the program can be proven to reduce loss. For example, we recently met with the Brazilian government regulation body IRB IRB
See: Industrial Revenue Bond and met with underwriters and actuaries on behalf of a Brazilian company. We demonstrated that the company exceeded all security requirements and provided evidence that their insurance premiums were overpriced o·ver·price
tr.v. o·ver·priced, o·ver·pric·ing, o·ver·pric·es
To put too high a price or value on.
costing more than it is thought to be worth
Adj. . The IRB agreed and reduced the rates by 40 percent annually.
C-TPAT limitations. When meeting with insurance professionals, proving that a company is C-TPAT compliant is usually not enough to win a reduction in premium payments. That's because companies have not seen a reduction in overall theft because of C-TPAT.
What has happened instead is that the program has caused threats to shift. For example, before C-TPAT, theft during warehouse storage and container stuffing accounted for a third of a company's losses. After C-TPAT, in most countries, losses at these specific locations and steps in the process have all but disappeared. However, now 90 percent of loss occurs while the product is being moved cross country by truck. This is because C-TPAT does not require increased security on trucking routes within the company's destination country.
Intended to prevent or counteract terrorism; counterterror: antiterrorist measures.
an ROI. ROI methodology that could be used for antiterrorism countermeasure spending consists of modeling the financial impact corporations would face should an event occur within their supply chain. There is also data regarding how supply chain disruptions affect stocks. For example, a 2005 industry study of 861 firms over a nine-year period illustrated the significant impact of supply chain glitches. Each glitch A temporary or random hardware malfunction. It is possible that a bug in a program may cause the hardware to appear as if it had a glitch in it and vice versa. At times it can be extremely difficult to determine whether a problem lies within the hardware or the software. See glitch attack. had a lasting impact on the stock value of publicly traded firms. Stock value saw a permanent loss of approximately 9 percent after each event.
A valuable but underused resource in addressing supply chain risk is the collective wisdom of companies that are security industry leaders. With that in mind, we'd like to offer a few suggestions from our research on companies that exhibited exceptional security performance. These leaders had three things in common. They all took a holistic view of security, they learned from prior security incidents, and they remained vigilant.
Holistic view. Companies with good security programs understand that security plays a critical role in the firm. Consequently, they integrate security into the business process in a number of ways. Organizationally, the integration is both formal and informal, manifesting as coordination between business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets and security with regard to issues such as supply chain design and the selection of transportation routes.
This approach is reinforced by regular training exercises that the security organization runs with the business operations end of the company. These exercises engender en·gen·der
v. en·gen·dered, en·gen·der·ing, en·gen·ders
1. To bring into existence; give rise to: "Every cloud engenders not a storm" collaboration between operations and security while giving both parties a chance to practice response and coordination for successful risk mitigation. Ultimately, this integration builds a security culture that permeates the organization and socializes the concept of secure operations.
Prior incidents. Leaders also learn from past security breaches and near misses, building on past experiences to make the organization stronger. For example, in some European countries, hijackers fake a car accident on a trucking route. The plan is to lure the driver from the truck to help the "victims" of the crash.
Because these thieves use many dry runs to perfect their plan, near misses must be tracked just as closely as actual thefts. For example, in one company a well-informed driver failed to stop at a fake accident scene because he recognized it as a trap. However, the driver had been trained to report such incidents. Dispatchers were able to alert all drivers about the scam (SCSI Configured AutoMatically) A subset of Plug and Play that allows SCSI IDs to be changed by software rather than by flipping switches or changing jumpers. Both the SCSI host adapter and peripheral must support SCAM. See SCSI. , and the company was able to conduct a refresher training Refresher training is a form of updating military knowledge of the reservist troops. After one has completed the conscription service, he or she can be called for refresher training for some amount of days. course on the various schemes employed by such thieves.
Vigilance. Effective security leaders are ever-vigilant to avoid falling into a false sense of security. They know that their supply chain is only as secure as the weakest point in the network.
Security experts live in a world of expanding global operations amid increasing uncertainty and growing threats. The good news is that there are tools and processes that are available to address the challenge.
Operating in emerging markets such as BRIC and dealing with increasing risks can be managed by thoughtfully considering the quantified risks and risk exposure in those particular environments. Successful firms are integrating security into their operations and mitigating exposures before incidents occur.
As the study indicates, security must consider the extended supply chain and expand security to all company sites, internal operations, and perimeters. The entire network must be scrutinized. Finally, it is also important to recognize that the security requirements may vary by the type of market being served--local versus offshore, concentrated versus fragmented distribution base, and robust versus nascent transportation. These measures will make countering vulnerabilities an easier task.
Dan Purtell is president of the supply chain division for First Advantage, a consultant on global supply chain risk, in Phoenix, Arizona Phoenix /ˈfiːˌnɪks/ (English: Phoenix, Navajo: Hoozdo, lit. "the place is hot", Western Apache: Fiinigis) is the capital and the most populous city of the U.S. . James B. Rice, Jr., is director of the integrated supply chain management program at the Massachusetts Institute of Technology Massachusetts Institute of Technology, at Cambridge; coeducational; chartered 1861, opened 1865 in Boston, moved 1916. It has long been recognized as an outstanding technological institute and its Sloan School of Management has notable programs in business, in Cambridge, Massachusetts This article is about the city of Cambridge in Massachusetts. For the English university town, see Cambridge, England. For other places, see Cambridge (disambiguation).
Cambridge, Massachusetts is a city in the Greater Boston area of Massachusetts, United States. .
RELATED ARTICLE: SYNOPSIS
Before companies enter new markets in foreign countries, they must understand the risks of operating supply lines in unstable environments and how to counter them. This has been the subject of a multiyear study by First Advantage, completed earlier this year and released here for the first time.
Focusing on transportation route risk, assessments were conducted in 45 countries. These supply chain risk assessments typically included a review of the company's manufacturing locations, trucking operations, freight forwarders, third-party logistics warehouses, container-stuffing operations, and the supporting seaports and airports. The study looked at the extent to which corruption was an issue in these environments.
The study also used First Advantage's Global Loss Repository--a database of cargo theft data from around the globe--to create loss rates for cargo transiting through respective countries. We also devised a weighted C-TPAT exposure matrix for the survey; it quantifies risks associated with anti-American sentiment or other hostility to Western governments.
The study incorporated all of this information to develop a profile of emerging-market country risk. The results were surprising. For example, Russia and Brazil are among two of the highest risk countries in terms of supply chain theft. Incidents commonly involve government representatives including police, military, and customs officials. However, in terms of C-TPAT, these countries are given a "low" threat rating because the governments and residents are on amicable terms with the United States and are not hostile to Western culture.
The study indicated that, within the global supply chain, a cookie-cutter approach to security has led companies to overspend in low-risk countries such as China and underspend in high-risk countries such as Malaysia and Indonesia.
RELATED ARTICLE: Industry Initiatives
There are a number of industry initiatives that are helping companies find solutions for industry-specific issues. The following are among the initiatives underway today.
TAPA. A nonprofit organization Nonprofit Organization
An association that is given tax-free status. Donations to a non-profit organization are often tax deductible as well.
Examples of non-profit organizations are charities, hospitals and schools. of more than 200 of the largest multinational corporations
Early on, this group realized the security exposures that could come with certifying only main facilities. TAPA, therefore, requires that transportation providers get the designated authority to certify the security of each of their individual facilities, rather than allowing them to get one certification for the corporation as a whole. This program has netted millions of dollars of loss reduction; the average TAPA member company has reduced losses by 40 percent by having its supply chain certified.
ACC See adaptive cruise control. . The American Chemistry Council The American Chemistry Council (ACC), formerly known as the Chemical Manufacturers' Association, is an industry trade association for American chemical companies.
The American Chemistry Council (ACC) is in charge of improving the public image of the chemical industry. (ACC) created the Responsible Care Security Code as a mandatory facility security program to protect chemical-specific facilities, transportation systems, and handling systems. The security code addresses three levels of security--cyber, facility, and transportation--by requiring vulnerability assessments A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. , security system enhancements, and an independent compliance verification. The program has been recognized as a model for the chemical industry by various federal, state, and local government organizations, including the Department of Homeland Security. This industry group is lobbying Congress to pass legislation to create security standards for all chemical companies, and boasts that its members have already added more than $2 billion in investments to improve site security since late 2001.
Cargo Theft and C-TPAT Exposure Ratings CORRUPTION SUPPLY CHAIN WEIGHTED COUNTRY INDEX THEFT EXPOSURES C-TPAT RISK Brazil, Russia, India, and China Brazil 3.7 Severe Low Russia 2.4 Severe Low India 2.9 Elevated Elevated China 3.2 Guarded Low Other Notable Growth Countries South Africa 4.5 Severe Guarded Poland 3.4 High Low Turkey 3.5 Elevated High Indonesia 2.2 Severe Severe Thailand 3.8 Guarded Guarded Nigeria 1.9 Severe Severe Malaysia 2.2 Severe Severe Source: First Advantage Corporation; CIA World Fact Book; Transparency International