Commission Implementing Regulation (EU) 2015/1998Show full title

ATTACHMENT 6-C4 U.K.

VALIDATION CHECKLIST FOR THIRD COUNTRY EU AVIATION SECURITY VALIDATED KNOWN CONSIGNORU.K.

Third country entities have the option to become part of an ACC3's (Air cargo or mail carrier operating into the Union from a third country airport) secure supply chain by seeking designation as a third country EU aviation security validated Known Consignor (KC3). A KC3 is a cargo handling entity located in a third country that is validated and approved as such on the basis of an EU aviation security validation.

A (KC3) shall ensure that security controls have been applied to consignments bound for the Union(1) and the consignments have been protected from unauthorised interference from the time that those security controls were applied and until transferring to an ACC3 or a third country EU aviation security validated regulated agent (RA3).

The prerequisites for carrying air cargo or air mail into the Union (EU) or Iceland, Norway and Switzerland are required by Implementing Regulation (EU) 2015/1998.

The checklist is the instrument to be used by the EU aviation security validator for assessing the level of security applied to EU/EEA bound air cargo or air mail(2) by or under the responsibility of the entity seeking designation as a KC3. The checklist is to be used only in the cases specified in point 6.8.4.1(b) of the Annex to Implementing Regulation (EU) 2015/1998. In cases specified in point 6.8.4.1(a) of said Annex, the EU aviation security validator shall use the ACC3 checklist.

If the EU aviation security validator concludes that the entity has succeeded in complying with the objectives in this checklist, a validation report shall be given to the validated entity. The validation report shall state that the entity is designated third country EU aviation security validated known consignor (KC3). The KC3 shall be able to use the report in its business relations with any ACC3 and any RA3. Integral parts of the validation report shall include at least all of the following:

Page numbering, the date of the EU aviation security validation and initialling on each page by the validator and the validated entity shall be the proof of the validation report's integrity. By default, the validation report shall be in English.

For those parts that cannot be assessed against the requirements of Implementing Regulation (EU) 2015/1998, baseline standards are the Standards and Recommended Practices (SARPs) of Annex 17 to the Convention on International Civil Aviation and the guidance material contained in the ICAO Aviation Security Manual (Doc 8973-Restricted).

If the EU aviation security validation concludes that the entity has failed to comply with the objectives referred to in this checklist, this entity shall receive a copy of the completed checklist stating the deficiencies.

Completion notes: U.K.

(1)All parts of the checklist must be completed. Where no information is available, this must be explained.U.K.

(2)After each part, the EU aviation security validator shall conclude if and to what extent the objectives of this part are met.U.K.

PART 1U.K. Organisation and responsibilities

PART 2U.K. Organisation and responsibilities of the third country EU aviation security validated known consignor

Objective: No air cargo or air mail shall be carried to the EU/EEA without being subject to security controls. Cargo and mail delivered by a KC3 to an ACC3 or RA3 may only be accepted as secure cargo or mail if such security controls are applied by the KC3. Details of such controls are provided by the following Parts of this checklist.

The KC3 shall have procedures in place to ensure that appropriate security controls are applied to all EU/EEA bound air cargo and air mail and that secure cargo or mail is protected until being transferred to an ACC3 or a RA3. Security controls shall consist of measures that reasonably ensure that no prohibited articles are concealed in the consignment.

Reference: Point 6.8.3.

PART 3U.K. Identifiable air cargo/air mail

Objective: To establish the point (or place) where cargo/mail becomes identifiable as air cargo/air mail.

NB: Detailed information should be given on the protection of identifiable air cargo/air mail from unauthorised interference or tampering in Parts 6 to 9.U.K.

PART 4U.K. Staff recruitment and training

Objective: To ensure that the required security controls are applied, the KC3 shall assign responsible and competent staff to work in the field of securing air cargo or air mail. Staff with access to identifiable air cargo possesses all the competencies required to perform their duties and are appropriately trained.

To fulfil that objective, the KC3 shall have procedures in place to ensure that all staff (permanent, temporary, agency staff, drivers, etc.) with direct and unescorted access to air cargo/air mail to which security controls are being or have been applied:

Note: U.K.

• A background check means a check of a person's identity and previous experience, including where legally permissible, any criminal history as part of the assessment of an individual's suitability to implement a security control and/or for unescorted access to a security restricted area (ICAO Annex 17 definition).

• A pre-employment check shall establish the person's identity on the basis of documentary evidence, cover employment, education and any gaps during at least the preceding five years, and require the person to sign a declaration detailing any criminal history in all states of residence during at least the preceding 5 years (Union definition).

Reference: Point 6.8.3.1.

PART 5U.K. Physical security

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering. If such cargo or mail is not protected, it cannot be forwarded to an ACC3 or RA3 as secure cargo or mail.

The entity has to demonstrate how its site or its premises is protected and that relevant access control procedures are in place. It is essential that access to the area where identifiable air cargo/air mail is processed or stored, is controlled. All doors, windows and other points of access to secure EU/EEA bound air cargo/air mail need to be secured or subject to access control.

Physical security can be, but is not limited to:

• Physical obstacles such as fencing or barriers;

• Technology using alarms and/or CCTV systems;

• Human security such as staff dedicated to carry out surveillance activities.

Reference: Point 6.8.3.1.

PART 6U.K. Production

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering during the production process. If such cargo or mail is not protected, it cannot be forwarded to an ACC3 or RA3 as secure cargo or mail.

The entity has to demonstrate that access to the production area is controlled and the production process is supervised. If the product becomes identifiable as EU/EEA bound air cargo/air mail in the course of production, the entity has to show that measures are taken to protect air/cargo/air mail from unauthorised interference or tampering from this stage.

Answer these questions where the product can be identified as EU/EEA bound air cargo/air mail in the course of the production process.

PART 7U.K. Packing

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering during the packing process. If such cargo or mail is not protected, it cannot be forwarded to an ACC3 or RA3 as secure cargo or mail.

The entity has to demonstrate that access to the packing area is controlled and the packing process is supervised. If the product becomes identifiable as EU/EEA bound air cargo/air mail in the course of packing, the entity has to show that measures are taken to protect air cargo/air mail from unauthorised interference or tampering from this stage. All finished goods need to be checked prior to packing.

Answer these questions where the product can be identified as EU/EEA bound air cargo/air mail in the course of the packing process.

PART 8U.K. Storage

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering during storage. If such cargo or mail is not protected, it cannot be forwarded to an ACC3 or RA3 as secure cargo or mail.

The entity has to demonstrate that access to the storage area is controlled. If the product becomes identifiable as EU/EEA bound air cargo/air mail while being stored, the entity has to show that measures are taken to protect air cargo/air mail from unauthorised interference or tampering from this stage.

Answer these questions where the product can be identified as EU/EEA bound air cargo/air mail in the course of the storage process.

PART 9U.K. Despatch

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering during the despatch process. If such cargo or mail is not protected, it cannot be forwarded to an ACC3 or RA3 as secure cargo or mail.

The entity has to demonstrate that access to the despatch area is controlled. If the product becomes identifiable as EU/EEA bound air cargo/air mail in the course of despatch, the entity has to show that measures are taken to protect air cargo/air mail from unauthorised interference or tampering from this stage.

Answer these questions where the product can be identified as EU/EEA bound air cargo/air mail in the course of the despatch process.

PART 10U.K. Consignments from other sources

Objective: The KC3 shall have procedures in place to ensure that cargo or mail which it has not originated itself, shall not be forwarded to an ACC3 or an RA3 as secure cargo or mail.

A KC3 may pass consignments which it has not itself originated to a RA3 or an ACC3, provided that:

All such consignments must be screened by an RA3 or ACC3 before they are loaded onto an aircraft.

PART 11U.K. Transportation

Objective: The KC3 shall have procedures in place to ensure identifiable air cargo and/or air mail bound for the EU/EEA is protected from unauthorised interference and/or any tampering during transportation. If such cargo or mail is not protected, it cannot be accepted by an ACC3 or RA3 as secure cargo or mail.

During transportation, the KC3 is responsible for the protection of the secure consignments. This includes cases where the transportation is undertaken by another entity, such as a freight forwarder, on its behalf. This does not include cases whereby the consignments are transported under the responsibility of an ACC3 or RA3.

Answer these questions where the product can be identified as EU/EEA bound air cargo/air mail when transported.

PART 12U.K. Compliance

Objective: After assessing the eleven previous parts of this checklist, the EU aviation security validator has to conclude if its on-site verification confirms the implementation of the security controls in compliance with the objectives listed in this checklist for EU/EEA bound air cargo/air mail.

Two different scenarios are possible. The EU aviation security validator concludes that the entity:

In general, the EU aviation security validator has to decide if cargo and mail handled by the validated entity is treated in such a way that at the moment it is delivered to an ACC3 or an RA3 it may be deemed to be secure to be flown to the EU/EEA in accordance with the applicable Union legislation.

The EU aviation security validator has to keep in mind that the assessment is based on an overall objective-based compliance methodology.

Name of the validator:

Date:

Signature: