Monday, April 28, 2008

Third Party Entities under HR 5577

This is part of a continuing series taking a detailed look at the provisions of the new Chemical Facility Anti-terrorism Act of 2008 recently introduced in Congress (HR 5577IH). Today’s entry looks at Section 2109 that deals with the certification of third party entities under CFATA of 2008.

Previous blogs in this series include:

Acknowledging that DHS will not have enough personnel resources to ensure that the provisions of regulations required under this legislation are adequately complied with, the Committee provided for the hiring of outside contractors to provide needed assistance. These contractors are known as "Third Party Entities". Section 2109 sets forth the requirements for those contractors.

Areas of Operation

Contractors can be used in three areas of enforcement of the revised CFAT rules:

  • Alternative security plan reviews,
  • Site inspections, and
  • Site security plan reviews

Alternative security plans are authorized under HR 5577. Before they can be approved by the Secretary they must be reviewed to ensure that they comply with all of the minimum requirements for plans covered in this legislation. This review will time consuming and manpower intensive. With timely review a requirement, DHS will need outside assistance to get these reviews completed.

With potentially thousands of facilities to inspect for compliance, DHS is woefully undermanned. Using contractors to complete this requirement will ensure that each facility will be looked at. It will also allow DHS inspectors to concentrate on the highest risk facilities and facilities with identified problems.

While the Top Screen and Security Vulnerability Analyses can be automated to a large degree, the same may not be said for Site Security Plans. With a requirement to complete the review of a site security plan within 180 days of submission, DHS will be hard pressed to look at all of these plans without outside assistance.

Establish Procedures

Before contractors can be assigned responsibilities under these rules the Secretary has to establish standard operating procedures and requirements that they will be operating under. Current DHS regulations (subtitle G, Title VIII of the Homeland Security Act) specify a number of reviews that these procedures and requirements must undergo before they can be implemented.

Additionally, DHS is going to be required to complete a thorough review of the contractor’s ‘business engagements’ to ensure that there will be no conflict of interests in their enforcement of these regulations. Specifically, DHS is required to "disqualify any of these organizations that offer related auditing or consulting services to chemical facilities as private sector vendors" {Section 2109(c)(4)}.

This is going to be one of the most time consuming parts of implementing these new regulations. DHS has shown no great speed in writing rules or regulations and the additional reviews are going to slow this down further. The use of third party entities will be key to the enforcement of these regulations.

Small Business Contracting Requirements

The Committee has taken great pains to require that DHS contractors and sub-contractors come form a wide variety of selected small business and disadvantage business concerns. Among those specifically mentioned are businesses ‘owned and controlled’ by service disable veterans, ‘HubZone’ businesses, and ‘socially and economically disadvantaged’ small businesses. Black, Hispanic and Tribal colleges and universities are also included.

Contractors must show that they have a plan for including 25% of their sub-contractors come from such businesses. DHS is encouraged to use alliances of such businesses as prime contractors under this section. The DHS IG is required to report each year on the number of contractors and subcontractors meeting these definitions.

Liability Requirements

Once the Secretary issues a Certificate of Compliance to a contractor, and the contractor has provided proof of liability insurance coverage under existing DHS rules (subtitle G again) that contractor (including employees and sub-contractors) "shall receive all applicable litigation and risk management protections" {Section 2109(f)(3)}. This means that they will not have to defend themselves in lawsuits arising out of the business conducting their contractual duties.

No comments:

/* Use this with templates/template-twocol.html */