Skip to main content
2016 OAS Guidelines

2.V.6. Staff safety

Along with physical security, access controls, business partner security, etc., staff security is one of the most important aspects of security. It should be noted that this condition is not related to occupational safety, as it falls outside the scope of the protection and safety criteria.
To prevent the intrusion of unauthorized personnel who could pose a security risk, the applicant shall, to the extent permitted by national law, carry out "security screening of potential future employees who may occupy security-sensitive positions" and shall periodically and where circumstances warrant, carry out "general checks on employees currently occupying such positions." In relation to the practical implementation of this requirement, the customs authorities and the applicant must take into account the following relevant issues:

  • All economic operators must have appropriate systems and procedures in place to comply with this requirement, and customs authorities must have the necessary capacity to verify this.
  • The applicant, as the employer, is responsible for carrying out such controls, while customs authorities will verify whether they are carried out and whether they are sufficient to ensure compliance with current legislation.
  • The scope and purpose of the controls must be unequivocal. The principle of proportionality will be respected, that is, "the action must not go beyond what is necessary in relation to the objective pursued."

The degree and assessment of compliance with the condition depend on the size, organizational structure and type of business activity of the economic operator. In this sense, each verification will be tailored to the conditions of the applicant in question. In any case, the main areas that should be checked on all occasions are:

The applicant's employment policy

The organization and general procedures for recruiting new staff must be unambiguous, including those responsible for these tasks. The applicant's policy should reflect in particular all reasonable precautions to be taken when recruiting new staff to work in security-sensitive positions, to ensure that they have no prior criminal record for security-related or customs-related offenses or other criminal offenses related to the security of the international supply chain, and to conduct, for the same purpose, regular background checks on more established staff in such positions, in both cases to the extent permitted by national law.

Security screening methods may include basic checks, such as pre-employment verification of identity and address, or verification of work permits if necessary, completing a self-declaration of criminal records, and inquiries based on reliable evidence or official data on professional experience and references.

Furthermore, the applicant must have established security requirements applicable to contracted temporary and interim staff. Similar safety regulations apply to temporary and permanent staff and agency workers, taking into account the security-sensitive nature of the various positions. If an employment agency is used to recruit staff, the applicant must specify in the agency's contracts the level of security screening to which staff will be subject before and after entering sensitive positions. Customs auditors may request an inspection of the applicant's conduct of external personnel inspections. In this regard, the applicant must have records of data that prove the standards applied.

Employees working in security-sensitive positions

When defining "security-sensitive positions," relevant risk analyses must be conducted, taking into account that these do not only include management positions, but also positions directly related to the handling, storage, and movement of goods. In this context, these are security-sensitive positions, for example:

  • those in which responsibilities are assumed in matters of security, customs or hiring of workers;
  • those assigned to building surveillance and receiving goods;
  • those developed in the workplaces described in section 6 of the CAE in relation to the entry and exit of goods and storage.

Such controls could also be applied to employees from other departments not considered security-sensitive when they begin working in those positions.

For positions requiring a high or very high level of security, police investigations may be required in relation to completed or pending sentences. Contracted employees may inform their employer about bail situations, pending court proceedings, and/or convictions affecting them. In addition, they should report any other employment or activity that may involve risks.
It should also be recommended that the staff employed should not be included in any of the blacklists established under national or supranational legislation [e.g. e.g. Regulation (EEC) No. 2580/2001(12), Regulation (EEC) No.881/2002(13) and Regulation (EU) No.753/2011(14)].

The controls carried out must comply with EU or national personal data protection legislation governing the processing of personal data under various conditions. In several cases, there are provisions that allow the processing of personal data only if the data subject has previously given his or her consent. In this regard, and in order to facilitate the process for some positions, a special clause may be included in contracts requiring the applicant to authorize the conduct of so-called background checks.

The policy and procedures applicable in the event of resignation or dismissal of staff

The applicant must have procedures in place to promptly remove access to identification systems, facilities, and information systems of those employees whose employment relationship with the company in question has ended.

As outlined in the CAE explanatory notes (see question 6.11 "Personnel Security"), all security requirements adopted in connection with the applicant's employment policy must be documented.

(12) Council Regulation (EC) No 2580/2001 of 27 December 2001 on specific restrictive measures directed against certain persons and entities with a view to combating terrorism.(Back)

(13) Council Regulation (EC) No 881/2002 of 27 May 2002 imposing certain specific restrictive measures directed against certain persons and associated entities.(Back)

(14) Council Regulation (EU) No 753/2011 of 1 August 2011 concerning restrictive measures against certain persons, groups, undertakings and entities in view of the situation in Afghanistan.(Back)