When should you apply to become an Authorised Economic Operator (AEO)? Does this also imply that you are a Known Consignor (KC), or perhaps a Regulated Agent (RA)? What is the difference actually? Or is there no difference?

In this article we’ll provide a concise overview of the AEO framework, the corresponding legislation and how it is linked to other concepts like Known Consignor … Highlighting the most important elements when it comes to Identity and Access Management (IAM).

‍

What is AEO (Authorised Economic Operator)?

‍

First of all, there is an important difference to be made between the several concepts. AEO is a customs concept, while concepts like Known Consignor, Regulated Agent, ISPS… are security/safety concepts specific to certain industries.

The AEO concept is a customs-to-business partnership introduced by the World Customs Organisation (WCO). The AEO concept is a part of the larger WCO Framework of Standard to Secure and Facilitate global trade (SAFE). In essence, Authorised Economic Operators are traders who voluntarily meet a wide range of criteria to work in close cooperation with customs authorities to assure the common objective of supply chain security.

‍

Overview of the AEO Status

‍

‍

In Europe, companies who are part of the international supply chain, i.e. are involved in in customs-related operations, and established in the customs territory of the Union; and who have an EORI number, may apply for the AEO status.

The applicant can select to go for 1 of 2, or both AEO-statuses. 

• AEOC: Authorized Economic Operator Customs Simplification
• AEOS: Authorized Economic Operator Security and Safety

‍

There are several benefits related to having the AEO status.

‍

Benefits of AEOC and AEOS

‍

AEOC Benefits:

• Easier admittance to customs simplifications
• Fewer physical and document-based controls related to other customs legislation
• Prior notification in case of selection for customs control related to other customs legislation
• Priority treatment if selected for control
• Possibility to request a specific place for customs controls
• Indirect benefits

AEOS Benefits:

• Fewer physical and document-based controls related to security and safety
• Prior notification in case of selection for physical control related to safety and security
• Priority treatment if selected for control
• Possibility to request a specific place for customs controls
• Indirect benefits
• Mutual Recognition with third countries

‍

‍

The mutual recognition of AEOS is a key element of the WCO SAFE Framework of Standards, strengthening end-to-end security of supply chain and benefiting traders. By having such Mutual Recognition Agreement (MRA) a third country recognizes the EU operator’s AEO status. 

The EU has concluded and implemented Mutual Recognition of AEO programmes with Norway, Switzerland, Japan, Andorra, the US, China and United Kingdom.

‍

Legislation

‍

Within the EU, the legislation covering the AEO concept, is summarized in the Union Customs Code (UCC). The consolidated version of the legislation can be found in Regulation (EU) No 952/2013. Certain non-essential elements of the UCC are described in the UCC Delegated Act,  Regulation (EU) 2015/2446. The most important, and practical elements however are described in the Implementing Act, Regulation (EU) 2015/2447. Next to this there is also the Transitional Delegated Act, establishing rules around IT systems. This can be found in Regulation (EU) 2016/341.

‍

Link with other certifications

‍

Now it is important to identify the link with other existing certifications, as they are often mentioned in the same context, and this can cause for the necessary confusion.

The AEO-status of a company is related to the requirements & needs from a customs perspective. Within the relevant documentation, the specific needs towards safety & security are defined in Article 28 of the Implementing Act. 

In that Article 28, two paragraphs described alternative fulfilment of the needs defined in paragraph 28.1.:

• 28.2. (in short) : if the AEO applicant holds other security & safety certificates from a recognized standardisation body, it should be taken into account when checking the requirements under Article 39 (e) of the Code.
• 28.3. (in short): if the AEO applicant is a certified Known Consignor or Regulated Agent i.a.w. the necessary legislation, the requirements under Article 39 (e) of the Code are met.

Meaning – although: Known Consignor, Regulated Agents are certifications are linked to specific aviation security legislation. Because the requirements described in these regulations meet the same level as required for the AEO-status, it is deemed that KC/RA are automatically complying to the AEO safety & security needs.

For other standards e.g. ISPS, ISO28001, TAPA, TIR… there is no automatic recognition. They should however be taken into account when the AOE criteria are checked.

‍

Identity and Access Management (IAM)

‍

With the Implementing Act, Article 28 describes the different elements linked to safety and security. They describe high level what the requirements are, how these translate into practical measures needs to be assessed per AEO applicant, as this varies for the industry and size of the company.

This link will take you to the Regulation 2015/2447, the implementing act. The parts highlighted in yellow refer to Identity management, and the parts in green to Access management. 

‍

How can NineID help?

NineID is a complete IAM platform that address the needs for security on complex sites. In combination with the optional hardware units, XS1, NineID offers an end-to-end solution for IAM. It has an inherent flexible setup, allowing our users to easily  set up and adjust their security requirements per area, in accordance with the different security levels.

We help you to;

• Collect all necessary personal documentation, ID’s, licenses and certificates for each visitor, employee or contractor before visits and store it GDPR proof
• Send out trainings and security checks, at initial onboarding or for recurrent training
• Differentiate between different responsibilities, authority and roles
• Adjust roles & security clearances easily
• Send automated notifications in case of emergency
• Keep track of everyone on site