The revised MTSA regulations included in the recently published TWIC Final Rule go into effect on August 23, 2018. As usual, the final rule comes with an extensive preamble discussion of the Coast Guard's response to comments received during the rule making process. The preamble, which contains essential information, is usually skipped over by most readers. In fact, seasoned Coast Guard marine inspectors know to look back at the Federal Register when a particular regulation was published in order to determine the intent of a regulation in question.
Headline
The headline for this final rule is clearly: "We clarify that this final rule only affects Risk Group A vessels and facilities, and that no changes to the existing business practices of other MTSA-related vessels and facilities are required." Before you get too excited about that, you must understand this: when Coast Guard Headquarters makes that statement they are assuming you are currently doing everything correctly in accordance with the regulations and guidance. Hopefully, for you that is the case, but maybe not. Many compliance variations have been allowed over the years. Regardless, this new regulation will bring new scrutiny by the Coast Guard, and may bring some previously accepted practices into question. I will explain further below under "Potential impacts for non-Risk Group A Facilities."
Which vessels are required to conduct electronic TWIC inspections?
Only Risk Group A vessels will be required to conduct electronic TWIC inspections. Risk Group A vessel are listed in 33 CFR 104.263: vessels carrying CDCs in bulk; vessels certificated to carry more than 1,000 passengers; and vessels engaged in towing vessels subject to (a)(1) and (a) (2). Now before you towing vessel folks get too excited, there's an exemption from electronic TWIC inspection requirements for vessels with 20 or fewer TWIC-holding crewmembers. That number is determined by the minimum manning requirement specified on the COI. The Coast Guard estimates that only one vessel will be required conduct electronic TWIC inspections.
Which facilities are required to conduct electronic TWIC inspections?
Only Risk Group A facilities will be required to conduct electronic TWIC inspections. Risk Group A facilities are listed in 33 CFR 105.253: facilities that handles CDCs in bulk or receive vessels carrying CDCs in bulk; and facilities that receive vessels certificated to carry more than 1, 000 passengers. Now before you stop reading this, here are a couple of things to think about: How do you ensure the ship at your dock is not carrying CDCs in bulk even if that cargo has nothing to do with your facility? Also, "handling" includes CDCs in bulk being handled by truck or rail or other means on the facility, not just vessel related. The Coast Guard estimates that 525 facilities will have to conduct electronic TWIC verification. No OCS facilities are expected to have to conduct electronic TWIC verifications.
What is Certain Dangerous Cargo (CDC)?
It is a short but complicated list of cargos contained in 33 CFR 160.202, including ammonium nitrate based fertilizer.
A TWIC reader or a PACS?
For Risk Group A the Coast Guard authorizes either TWIC readers or using Physical Access Control Systems (PACS) that meets the standard. 33 CFR 101.530 details PACS requirements specifically for Risk Group A. The preamble explains, "… we are providing greater flexibility on the type of equipment used, as long as the three parts of electronic TWIC inspection are performed satisfactorily." Some existing PACS accepted by the Coast Guard may need upgrading for Risk Group A facilities.
Barge Fleeting Facilities
The revised regulation contains an exemption for certain barge fleeting facilities. 33 CFR 105.110(e) "Barge fleeting facilities without shore side access are exempt from the requirements in 33 CFR 101.535(b)(1) (Electronic TWIC inspection requirements for Risk Group A)
Clearly, if a barge fleeting facility containing ammonium nitrate barges can be accessed from shore, without having to take a boat, it will not be exempt from these TWIC reader requirements. MTSA PAC 10-09 allows free floating barge fleeting facilities to be defined as areas in the water, in accordance with the regulatory definition. This allows barge fleeting facilities to define the tiers containing the MTSA regulated barges as the "facility," and omit other tiers of non-MTSA regulated barges and shore side areas containing an office or wash dock. Therefore, if a barge fleeting facility is defined as in the FSP, for example, as mile 147.1 to 146.9, right descending bank of the Mississippi River, it may be able to claim this exemption.
Barge fleeting facilities that did not take advantage of this PAC and include all shore side areas, and did not limit their secure area to regulated barge tiers, may find themselves missing out on the exemption provided above, regardless of whether one must take a boat to get to the regulated barges. The preamble discussion sheds some light on the topic: "These commenters raise important issues as to how we would apply the electronic TWIC inspection process to secure areas on water, such as barge fleeting facilities. Upon consideration, we do not believe that requiring electronic TWIC inspection prior to entering such areas would be practical, as there is no particular access point to such an area that can be controlled by a TWIC reader. Electronic TWIC inspection would instead be required at the barge fleeting facility's shore side location."
Based on these comments its seems the verbiage of the exemption referring to "without shore side access," means an isolated barge fleeting facility along a waterway with no shore side "location" from which one would go through first to gain access to the barge fleet. Not just a free floating tier of barges.
Note: On 09/07/16, this barge fleeting section was read and confirmed to be correct by the Coast Guard Headquarters' P.O.C. named in the final rule.
Potential impacts for non-Risk Group A Facilities:
Incorporating TWIC checks into existing PACS
The guidance for incorporating TWIC checks into existing systems (PACS) is contained in NVIC 03-07 and PAC 08-09 CH1. The preamble explains those guidance documents will remain valid for non-Risk Group A facilities, but will be updated: "NVIC 03-07 and PAC 08-09 CH1 … because we are not making changes to the TWIC requirements for those vessels and facilities not in risk Group A, the guidance documents will retain their validity with regard to those entities. We will update and post these guidance documents online … prior to the effective date of the final rule." So what will the updated guidance look like for non-Risk Group A facilities? Here's the rub. 33 CFR 101.520, Electronic TWIC inspection, is not specific for Risk Group A facilities and outlines that the requirements must include: (a) Card authentication (b) card validity check (c) identity verification. Therefore, the revised guidance should be in line with the regulation and may not allow for issuing a facility swipe card to allow self-access to secure areas just because the person showed they possessed a valid TWIC, or even if a camera was added to monitor the person swipe themselves in.
Access point to Secure Area
The preamble sheds light onto a gray area, the physical place where the TWIC verification must take place: "Given the requirement that electronic TWIC inspection be conducted "prior to each entry" into a secure area (of facilities), we would anticipate that inspection points at facilities would be located at the access points to secure areas." While this verbiage in the preamble is in regards to electronic TWIC inspection, it is essentially the same for all MTSA facilities as outlined in NVIC 03-07, but clearer with regards to the location of the TWIC verification process. Therefore, some compliance processes proposed in the past may be affected, such as: checking the TWIC at the front gate guard shack and then telling a visitor a punch code, or handing him a swipe card, to let himself into the secure area dock gate.
Restricted areas
There is an omission in the preamble discussion regarding the NVIC discussion of restricted areas, which might cause the reader to believe that the secure area must encompass all restricted areas. That is not the case. However, the preamble does contain an interesting comment regarding restricted area access control: "We note that a second round of electronic TWIC inspection is not required when passing from a secure area to a restricted area, although we would anticipate other security measures to be in place." The implication is for more than signage, (33 CFR 105.260(c)).
Escorting
The preamble addresses escorting via CCTV and reiterates the standard put forth in the NVIC: "Where such monitoring is appropriate, the general principle applies that monitoring must enable sufficient observation of the individual with a means to respond if the individual is observed to be engaging in unauthorized activities or crossing into an unauthorized area." This may give rise to the Coast Guard ensuring continuous monitoring non-TWIC personnel, which meets the intent of the regulation, not just having cameras installed.
Secure area access control
Headline
The headline for this final rule is clearly: "We clarify that this final rule only affects Risk Group A vessels and facilities, and that no changes to the existing business practices of other MTSA-related vessels and facilities are required." Before you get too excited about that, you must understand this: when Coast Guard Headquarters makes that statement they are assuming you are currently doing everything correctly in accordance with the regulations and guidance. Hopefully, for you that is the case, but maybe not. Many compliance variations have been allowed over the years. Regardless, this new regulation will bring new scrutiny by the Coast Guard, and may bring some previously accepted practices into question. I will explain further below under "Potential impacts for non-Risk Group A Facilities."
Which vessels are required to conduct electronic TWIC inspections?
Only Risk Group A vessels will be required to conduct electronic TWIC inspections. Risk Group A vessel are listed in 33 CFR 104.263: vessels carrying CDCs in bulk; vessels certificated to carry more than 1,000 passengers; and vessels engaged in towing vessels subject to (a)(1) and (a) (2). Now before you towing vessel folks get too excited, there's an exemption from electronic TWIC inspection requirements for vessels with 20 or fewer TWIC-holding crewmembers. That number is determined by the minimum manning requirement specified on the COI. The Coast Guard estimates that only one vessel will be required conduct electronic TWIC inspections.
Which facilities are required to conduct electronic TWIC inspections?
Only Risk Group A facilities will be required to conduct electronic TWIC inspections. Risk Group A facilities are listed in 33 CFR 105.253: facilities that handles CDCs in bulk or receive vessels carrying CDCs in bulk; and facilities that receive vessels certificated to carry more than 1, 000 passengers. Now before you stop reading this, here are a couple of things to think about: How do you ensure the ship at your dock is not carrying CDCs in bulk even if that cargo has nothing to do with your facility? Also, "handling" includes CDCs in bulk being handled by truck or rail or other means on the facility, not just vessel related. The Coast Guard estimates that 525 facilities will have to conduct electronic TWIC verification. No OCS facilities are expected to have to conduct electronic TWIC verifications.
What is Certain Dangerous Cargo (CDC)?
It is a short but complicated list of cargos contained in 33 CFR 160.202, including ammonium nitrate based fertilizer.
A TWIC reader or a PACS?
For Risk Group A the Coast Guard authorizes either TWIC readers or using Physical Access Control Systems (PACS) that meets the standard. 33 CFR 101.530 details PACS requirements specifically for Risk Group A. The preamble explains, "… we are providing greater flexibility on the type of equipment used, as long as the three parts of electronic TWIC inspection are performed satisfactorily." Some existing PACS accepted by the Coast Guard may need upgrading for Risk Group A facilities.
Barge Fleeting Facilities
The revised regulation contains an exemption for certain barge fleeting facilities. 33 CFR 105.110(e) "Barge fleeting facilities without shore side access are exempt from the requirements in 33 CFR 101.535(b)(1) (Electronic TWIC inspection requirements for Risk Group A)
Clearly, if a barge fleeting facility containing ammonium nitrate barges can be accessed from shore, without having to take a boat, it will not be exempt from these TWIC reader requirements. MTSA PAC 10-09 allows free floating barge fleeting facilities to be defined as areas in the water, in accordance with the regulatory definition. This allows barge fleeting facilities to define the tiers containing the MTSA regulated barges as the "facility," and omit other tiers of non-MTSA regulated barges and shore side areas containing an office or wash dock. Therefore, if a barge fleeting facility is defined as in the FSP, for example, as mile 147.1 to 146.9, right descending bank of the Mississippi River, it may be able to claim this exemption.
Barge fleeting facilities that did not take advantage of this PAC and include all shore side areas, and did not limit their secure area to regulated barge tiers, may find themselves missing out on the exemption provided above, regardless of whether one must take a boat to get to the regulated barges. The preamble discussion sheds some light on the topic: "These commenters raise important issues as to how we would apply the electronic TWIC inspection process to secure areas on water, such as barge fleeting facilities. Upon consideration, we do not believe that requiring electronic TWIC inspection prior to entering such areas would be practical, as there is no particular access point to such an area that can be controlled by a TWIC reader. Electronic TWIC inspection would instead be required at the barge fleeting facility's shore side location."
Based on these comments its seems the verbiage of the exemption referring to "without shore side access," means an isolated barge fleeting facility along a waterway with no shore side "location" from which one would go through first to gain access to the barge fleet. Not just a free floating tier of barges.
Note: On 09/07/16, this barge fleeting section was read and confirmed to be correct by the Coast Guard Headquarters' P.O.C. named in the final rule.
Potential impacts for non-Risk Group A Facilities:
Incorporating TWIC checks into existing PACS
The guidance for incorporating TWIC checks into existing systems (PACS) is contained in NVIC 03-07 and PAC 08-09 CH1. The preamble explains those guidance documents will remain valid for non-Risk Group A facilities, but will be updated: "NVIC 03-07 and PAC 08-09 CH1 … because we are not making changes to the TWIC requirements for those vessels and facilities not in risk Group A, the guidance documents will retain their validity with regard to those entities. We will update and post these guidance documents online … prior to the effective date of the final rule." So what will the updated guidance look like for non-Risk Group A facilities? Here's the rub. 33 CFR 101.520, Electronic TWIC inspection, is not specific for Risk Group A facilities and outlines that the requirements must include: (a) Card authentication (b) card validity check (c) identity verification. Therefore, the revised guidance should be in line with the regulation and may not allow for issuing a facility swipe card to allow self-access to secure areas just because the person showed they possessed a valid TWIC, or even if a camera was added to monitor the person swipe themselves in.
Access point to Secure Area
The preamble sheds light onto a gray area, the physical place where the TWIC verification must take place: "Given the requirement that electronic TWIC inspection be conducted "prior to each entry" into a secure area (of facilities), we would anticipate that inspection points at facilities would be located at the access points to secure areas." While this verbiage in the preamble is in regards to electronic TWIC inspection, it is essentially the same for all MTSA facilities as outlined in NVIC 03-07, but clearer with regards to the location of the TWIC verification process. Therefore, some compliance processes proposed in the past may be affected, such as: checking the TWIC at the front gate guard shack and then telling a visitor a punch code, or handing him a swipe card, to let himself into the secure area dock gate.
Restricted areas
There is an omission in the preamble discussion regarding the NVIC discussion of restricted areas, which might cause the reader to believe that the secure area must encompass all restricted areas. That is not the case. However, the preamble does contain an interesting comment regarding restricted area access control: "We note that a second round of electronic TWIC inspection is not required when passing from a secure area to a restricted area, although we would anticipate other security measures to be in place." The implication is for more than signage, (33 CFR 105.260(c)).
Escorting
The preamble addresses escorting via CCTV and reiterates the standard put forth in the NVIC: "Where such monitoring is appropriate, the general principle applies that monitoring must enable sufficient observation of the individual with a means to respond if the individual is observed to be engaging in unauthorized activities or crossing into an unauthorized area." This may give rise to the Coast Guard ensuring continuous monitoring non-TWIC personnel, which meets the intent of the regulation, not just having cameras installed.
Secure area access control
33 CFR 105.255(a)(4) implies the secure area should be fenced, but it doesn't actually say that. If some secure areas within facilities were approved without fencing or additional access control, the new verbiage for Risk Group A facilities tacked onto this citation may bring some access control measure for secure areas into question.