Transcription
Title: Port Security Regulations 2009 (amended2013) and Port Security Designation Orders (33)Post Implementation ReviewPIR No: DfTPIR0049Date: 22/12/2021Original IA/RPC No: DfT00176Type of regulation: EULead department or agency: DfTType of review: StatutoryOther departments or agencies:NoneDate measures came into force:19/03/2010Recommendation: KeepContact for enquiries: maritimesecurity@dft.gov.ukRPC Opinion: N/AQuestions1. What were the policy objectives of the measure?Port Security Designation Orders (DOs) have been issued for 33 ports around the UK andwork in conjunction with the Port Security Regulations 2009 (PSRs), as amended by the PortSecurity (Amendment) Regulations 2013.The DOs came into force between 19 March 2010 and 15 August 2015. Due to their natureand objectives, it makes sense to synchronise review dates of the 33 DOs and the PSRs 2009,and to review the legislation together. Such an approach was previously accepted for a PIR in2017. The full list of DOs being reviewed can be found in Annex A.An impact assessment was carried out for the PSRs and multiple impact assessments for therelevant ports to examine the impact of the legislation, listed below.Impact Assessment numberDfT00176 /09/1302/10/1302/10/1328/02/14The policy objectives of the PSRs and DOs were to “enhance security to complementmeasures to help prevent maritime terrorist incidents”1 and to “ensure that security measurestaken pursuant to Regulation (EC) No 725/2004 on enhancing Ship and Port Facility Security[derived from the International Ship and Port Facility Security Code] apply to the wider portarea.”2The PSRs and DOs provided measures to ports such as tools for risk management and forimproved coordination between port facilities, as well as an obligation to carry out exercises.Annex B is a logic map that explains framework for the PSRs and DOs and their impact on portsecurityThe UK had previously used a similar tool to coordinate security between port facilities in agiven area though DOs were issued in order to transpose Directive 2005/65 to meetobligations under European Union membership.12DfT00137 p.1DfT00176 p.7Page 1 of 38
An original objective of the PSRs was to implement Directive 2005/65, which was achieved.When first establishing the scope of the PSRs, DfT Maritime Security Compliance assessedevery port in the UK and found that 33 fell within scope. The DOs were issued for these portsand implemented the essential requirements of the PSRs which were: The delineation of the boundary of the ‘port’ for the purposes of the PSRs.The designation of a Port Security Authority (PSA) at each ‘port’ considered in scope ofthe Directive (a PSA may be designated for more than one port).The performance of a Port Security Risk Assessment (PSRA), from which a PortSecurity Plan (PSP) is developed, maintained and updated.The appointment of a Port Security Officer (PSO).Of the approximately 360 port facilities in the UK, almost 240 port facilities are encompassed inthe 33 PSAs.2. What evidence has informed the PIR?The level of resource used to collect the evidence used in this report was based on the initialimpact assessment and the PIR in 20173. These estimated and found the cost to business asrelatively low. Annual costs of PSO duties were estimated in the impact assessment at 12,540(2014 prices) per port and evidence in the PIR 2017 gave a median value of 4,992. A furtherindication that ports have difficulty in calculating the cost of the PSRs separately from othersecurity activity may be evidenced by the low response rate to the PIR 2017 survey.Furthermore, the PSAs introduced by the DOs were not thought to be risky or contentious, asthere was already a level of coordination in security arrangements in place at the in-scope portsvia the Port Security Committees. Overall, the PIR 2017 found that “the Directive andimplementing regulations along with the DOs are for the most part working adequately in theUK and the objectives have largely been met.”As such, for the PIR 2022, DfT has sought to repeat the PIR 2017, gathering a proportionatelevel of evidence that is sufficient to answer the research questions set out in the PIR template.Evidence was sought primarily through stakeholder engagement but also from the DfT’smaritime security compliance inspectors.Stakeholder engagement was conducted through an online survey, carried out in SeptemberOctober 2021, which was sent to all 237 Port Facility Security Officers (PFSOs) who aremembers of a PSA. This included specific questions for PSOs (a position created by DOs). Thesurvey questions are at Annex C, and data used for graphs throughout this PIR, at Annex D.Where appropriate, this has been compared to estimates for costs from impact assessments, atAnnex E.DfT’s maritime security compliance inspectors regularly interact the PSAs and inspectindividual facilities; they have been consulted with during the review process. The DfT alsosends representatives to PSA meetings on an ad hoc basis.Seventy-nine responses were received to the online survey, a response rate of 32.91%.Together the responses covered 23 out of 33 PSAs (69.7%). Not all the respondents answeredall the questions.Analysis of responses indicates that they are a representative sample of all port facilities thatare members of a port security authority. Port facilities are categorised as handling passengers(PAX); containers, roll on and roll off cargo (CRR); chemicals, oil or gas (COG); and other bulkcargo (OBC). The four categories of cargo entail different security procedures and adequaterepresentation of the categories among the survey answers will provide assurance that they are3Post implementation review 2017 of Port Security Regulations 2009, as amended, and 33 associated PortSecurity Designation OrdersPage 2 of 38
representative. While there are differences between facilities based on their size, i.e.throughput, The PSRs do not differentiate between different sized port facilities or PSAs. Thegraphs below show the number of port facilities per category for all 237 port facilities that aremembers of PSAs, and distribution of the categories among the port facilities represented byrespondents to the survey.Port facility types of all PSAmembersPort facility types representedin survey %COG24%All respondents held suitable positions to answer the survey and could indicate more than oneposition. The majority of respondents were Port Facility Security Officers, who are responsiblefor security at individual port facilities. Thirteen respondents were Port Security Officers of aPSA, who have additional responsibilities under the DOs. Four of the ‘Other’ respondents alsoindicated that they are PFSOs, the remaining respondent was a director of their port.Question 3: What is your position?Port Facility Security Officer70Deputy Port Facility Security Officer2Port Security Officer of a PSA13Other (please specify):501020Page 3 of 38304050607080
3. To what extent have the policy objectives been achieved?Evidence from both the online survey and from maritime security compliance inspectorsindicates that the policy objectives have been achieved.All respondents indicated what impact DOs have on the management of risk at their portfacility. Sixty respondents (77%) said there was a ‘positive’ or ‘significantly positive’ impact.Seventeen respondents said that there was no impact. One respondent said that they had anegative impact.Question 5: What impact do the Port Security Designation Ordershave on the management of risk at your port cantly positive40.0%Positive50.0%60.0%No impact70.0%Negative80.0%1.3% 0.0%90.0%100.0%Significantly negativeAll 60 respondents who said the DOs had had a positive impact indicated the ways the impacthad been positive.Question 6: In what ways has the impact of the Port SecurityDesignation Orders been positive?Improved intelligence sharing50.0%Improved communication with port stakeholders63.3%Improved assessment of risk48.3%Improved security planning53.3%Other (please specify):5.0%0%10%20%30%40%50%60%Where respondents selected ‘Other’, they noted several other positive impacts: Use of enforcement powers contained in the PSRsImproved trainingImproved exercising of security plansImproved quality of security plansImproved quality of PFSOImproved readiness for increase of security levelPositive attitude to overall port security across all member facilitiesPage 4 of 3870%
One ‘other’ answer also noted that the Port Security Committee that existed prior to the PSAwas effective.The respondent that answered that the DOs had had a negative impact cited, the ‘creation ofequal and several liability between PSA members that did not exist before the PSRs 2009’.Although it is true that PSAs have created liability between PSA members, DfT does not haveany records of incidents where liability has proved a challenge.The evidence also indicated that most PSA meetings are taking place correctly. When askedhow many times their PSA had met in the previous three years, most respondents answeredsix times, which is the recommended number of times the PSA should have met (twice peryear).Question 8: In the last 3 years, how many times has your PSA met?30Response count2520151050-123456Meetings in last 3 years78910The 13 Port Security Officers who answered the survey reported that three-quarters to all oftheir members regularly attend meetings, which indicates that meetings are appropriatelyattended.Question 13: What proportion of Port Security Authority membersattend meetings regularly?A quarter0.0%Half0.0%All38.5%Three quarters61.5%Page 5 of 38
The online survey also asked which organisations attend PSA meetings and whichorganisations attendees would like to attend, if they do not already. The answers to thesequestions indicated, respectively, that PSA meetings are well attended by appropriateattendees and that the majority of attendees did not think that any particular organisation wasmissing from PSA meetings.Question 9: Which organisations attend Port Security Authoritymeetings?80Response count70766669616050454030301620100Answers to question 9 under ‘Other’ indicate that a range of other port stakeholders attendmeetings, such as the local resilience forum, Counter Terrorism Police and the port healthauthority.Page 6 of 38
Question 10: If they do not already, which organisations would youlike to attend Port Security Authority meetings?80Response count706050403020101034812920The low response rate to question 10 further indicates that PSA meetings are appropriatelyattended. Only two answers to ‘Other’ under question 10 suggested further attendees to PSAmeetings (port tenants and shipping agents), which will be considered by DfT.The online survey included a question on use of video call software to hold PSA meetingsduring the COVID-19 pandemic and on whether continued use of such software wouldencourage attendance at future meetings. These found that 90.9% of respondents hadattended meetings via video call since the start of the COVID-19 pandemic and that it wouldencourage 36.4% of respondents to attend PSA meetings; 58.4% of respondents said that itwould make no impact on their attendance.Page 7 of 38
Question 11: Has your Port Security Authority held meetingsvirtually during the Covid-19 pandemic? (e.g. using video callsoftware)3.9%5.2%YesNoDon't know90.9%Question 12: Would holding meetings virtually make you morelikely to attend Port Security Authority meetings?36.4%More likelyLess likelyNo impact58.4%5.2%The online survey asked respondents to identify which exercises had been carried out by PSAsin the last five years. One respondent didn’t answer this question. The answers show that PSAshad carried out a variety of exercises.Page 8 of 38
Question 28: What scenarios have been exercised as part of the PortSecurity Authority since 2017?Percentage of respondents70.0%58.4%60.0% .9%11.7%7.8%0.0%Responses to ‘other’ listed further scenarios that had been exercised, which included: Power failure Medical incident in temporary restricted area Hostile reconnaissance StowawaysThe response rate, and range of responses, indicates that the exercising is contributing tomeeting the policy objective of enhancing security.In conclusion, the evidence gathered from the online survey indicates that the legislation has aclear positive impact on security at ports, resulting in improved intelligence sharing,communication, risk assessment and security planning. PSAs are functioning correctly in howoften they meet, who attends and what scenarios are exercised. As such, the legislationcontinues to meet the policy objective of enhancing port security in the wider port area and DfTwill not look to amend or repeal the legislation.Sign-off for Post Implementation Review: Chief economist/Head of Analysis and MinisterI have read the PIR and I am satisfied that it represents a fair and proportionateassessment of the impact of the measure.Signed:Date: 25/05/2022Page 9 of 38
Further information sheetPlease provide additional evidence in subsequent sheets, as required.Questions4. What were the original assumptions?The original assumptions for the legislation covered the costs associated with the enhancedsecurity and the expected benefits.CostsAssessment of costs has previously been identified as posing challenges as port facilityoperators typically do not collect data for PSA-related duties separately from a PSO’s or PSAmembers’ everyday roles. Questions about the costs in the online survey were designed toencourage replies by providing banded answers, though many respondents still could notprovide an answer. Where respondents were asked to estimate the monetary value of the timegiven over to duties, 23.1% of PSOs and 39.1% of all other respondents answered that they didnot know. When asked about the total yearly cost of running a PSA, 60.5% of all respondentsanswered that they did not know.The original impact assessments looked at start-up and on-going costs. The former wereaddressed in the PIR 2017; no further port designation orders have been issued and so start-upcosts have not been considered in this PIR.PSO costs were considered in the original impact assessments and derived from hours spentper week. Questions on both were included in the survey for this PIR. Questions 14 and 15indicated that the hours spent per week on PSO duties were mostly low and that this did nothave significant cost.Question 14: (PSOs only) As a Port Security Officer, how manyhours a week do you estimate you have spent on Port SecurityOfficer duties in the past year?23.1%30.8%Less than 2 hours2 - 3½ hours3½ - 7 hours8 - 21 hours15.4%More than 21 hours0.0%30.8%Where three respondents answered 21 hours per week, the corresponding answers given forthe cost estimate were “1,001- 2,500” (2) and “I don’t know” (1), which indicates thechallenging nature of quantifying the impact of the legislation.10
Question 15: (PSOs only) Can you estimate how much this costsper year?0.0% 023.1%23.1% 1 - 1,000 1,001 - 2,500 2,501 - 5,0007.7% 5,001 - 10,0000.0% 10,001 - 25,00023.1% 25,000 23.1%I don't know0.0%Answers to question 15 are mostly low value or indicate that the cost cannot be quantified.In the context of the impact assessments and previous post-implementation review, the resultsdo not offer a significant departure from previous findings.Table 1. Hours per week of PSO dutiesImpact AssessmentSample sizeEstimate (hours)7Range (hours)Median (hours)-PIR 2017190 - 204PIR 202213 2 - 212 - 3½Table 2. Annual cost ( ) of PSO dutiesImpact AssessmentSample sizeEstimate ( )12,540Range ( )Median ( )-PIR 2017142,000 - 24,0004,992PIR 2022101 - 25,000 1,001 - 2,500This PIR also considered the weekly hourly impact and yearly cost of the legislation on PSAmembers.11
Question 16: In the past year, how many hours a week do youestimate you have you spent on Port Security Authority-relatedwork?12.3%Less than 2 hours35.4%12.3%2 - 3½ hours3½ - 7 hours8 - 21 hours18.5%More than 21 hours21.5%Question 17: Can you estimate how much this costs per year?1.6% 020.3%39.1% 1 - 1,000 1,001 - 2,500 2,501 - 5,00014.1% 5,001 - 10,000 10,001 - 25,000 25,000 I don't know1.6%6.3%12.5%4.7%A question about the total yearly cost of running a PSA, excluding costs of Port SecurityOfficers, was asked in the survey. In original impact assessments this including the PortSecurity Risk Assessment and the Port Security Plan; costs of the PSA itself were zeroed in theimpact assessments as they were replacing Port Security Committees and therefore runningcosts were not new expenses introduced by the legislation. Answers produced a range of 0 25,000 and a median value of 2,501 - 5,000. The impact assessments’ estimates for thesame costs at each port had a range of 2,895 – 31,351 and a median value of 5,307, thisdata can be found in Annex E.12
Question 22: What is the approximate total yearly cost of runningyour Port Security Authority? (excluding the cost of Port SecurityOfficer duties)2.6% 1.3%10.5%2.6%3.9% 0 1 - 1,000 1,001 - 2,5006.6% 2,501 - 5,000 5,001 - 10,0005.3%60.5%6.6% 10,001 - 25,000 25,000 I don't knowOther (please specify):Comments under ‘Other’ related to the nature of the costs.The Port Security Regulations allow PSAs to charge fees to their members. The online surveyasked respondents if fees were charged, how much they were charged, and if there was anymore information to note.Question 23: Does your Port Security Authority charge a fee to itsmembers?18.2%13.0%YesNoI don't know68.8%Analysis of answers to question 23 show that 10 ‘Yes’ answers come from two PSAs, whichindicates that a very low number of PSAs charge fees to their members. When asked howmuch they are charged per year, nine answers indicated answers that are not reproduced hereas they are commercially sensitive but are not considered disproportionate. One answer did notknow how much they were charged. Further comments on this subject (question 25) indicatedthat respondents felt that memberships fees were value for money. The impact assessmentsdid not examine fees so no comparisons can be drawn.13
The online survey asked whether further members of staff worked on activity related to the portdesignation orders, what their titles were and how much this activity cost. Responses to thesequestions appear yield lower quality data that indicate that these questions may not have beenaccurately phrased.While 47 respondents (61%) answered that other staff do work on activity related to the PSAs(question 18), the responses indicating how many produced some unexpected answers. This islikely related to the definition of ‘activity’, though it is worth noting that the answers have amedian value of 2.Question 19: How many staff? (Please enter a number 0-100)18Response count16141210864201234671215313536405054Number of staffRespondents were invited to indicate what job titles said staff had (question 20) and how muchtheir activity cost (question 21). The former produced a variety of answers related to maritimesecurity, though does not yield any particular trend. The latter produced a similarly wide spreadof results with unexpectedly high numbers, with a median value of 2,000. The lower valuesrecorded are likely due to PSA-related activity forming an element of duties related to portsecurity.Question 21: How much do you estimate this costs ( ) per year?Response count9876543210Cost ( )Analysis of answers to questions 19-21 provides some insight into the cost of other staff.Firstly, there does not appear to be a correlation between either the number or cost of otherstaff to specific PSA. Secondly, when plotting cost of other staff against numbers of other staff,14
there does not appear to be any correlation, which supports the idea that PSA-related activityforms an element of duties rather than an entire role, which was foreseen in the originalassumptions.Staff working on activity related to PSAs: cost vs number100000Cost ( )80000600004000020000001020304050Number of staffIt should be noted that not all respondents who indicated other staff working on PSA-relatedactivity indicated the cost.BenefitsThe impact assessments identified benefits, though it was not possible to monetise them.Improved security measures would act as a mitigation towards maritime terrorist incidents dueto planning and coordination.5. Were there any unintended consequences?When asked directly whether there had been unintended consequences, 94.9% of respondentssaid there had not. The two positive responses cited an incorrect boundary to the portdesignation order.Question 29: Have there been any unintended consequences fromthe Port Security Designation Orders?2.6% 2.6%YesNoSkipped94.9%15
Both positive answers to question 29 state that a PSA boundary is incorrect. DfT haveexamined the issue and will clarify with the PSA how the PSA boundary should be interpreted.The PIR 2017, as well as industry engagement, indicated that the status of PSAs as either anincorporated or unincorporated body had previously posed challenges. Respondents wereinvited to say whether corporate status had posed challenges and whether their PSA wasincorporated or unincorporated.Question 26: Have any challenges arisen from the status of yourPort Security Authority as an incorporated or unincorporated body?2.6%40.3%YesNoDon't know57.1%In total, 97.4% did not state that challenges had arisen, which indicates that this is no longer asignificant issue. Where respondents indicated that challenges had arisen, they cited that legaladvice was required to set up the incorporated body, and that port security was only part oftheir role. Neither response indicates that corporate status is a challenge for PSAs.The large number respondents answering ‘Don’t know’ provide further support to thisconclusion.Question 27: Is your Port Security Authority an incorporated orunincorporated t know16
As such, these findings do not indicate any unintended consequences seen across industry.6. Has the evidence identified any opportunities for reducing the burden on business?When asked about ways to reduce the burden on business, 92.2% of respondents stated thatthey would not like to identify any opportunities.Question 30: Would you like to propose any ways to improve theapplication of the Port Security Designation Orders to achievegreater value for money?7.8%YesNo92.2%Of the six respondents wishing to propose ways to achieve greater value for money, oneanswer related to the redrawing of the PSA boundary; one related to stipulating training forPSOs; the remaining four answers suggested returning to the system of Port SecurityCommittees that existed prior the establishment of PSAs.DfT responds to these three suggestions as such. Firstly, the proposed change to the PSAboundary was addressed in an earlier section of this review. Secondly, DfT notes while PSOtraining is not currently mandated, many PSOs are also PFSOs and the training for the latterrole includes all necessary skills for the former. Furthermore, a forthcoming review of trainingguidelines, due Q4 2022, should provide clarity on this suggestion. Thirdly, although PortSecurity Committees are an effective means of coordinating security in a port area, the reviewhas not identified sufficient evidence that legislation for PSAs should be repealed and replacedwith committees.Respondents were also invited to give any other comments (question 31), which yielded threeresponses. These stated that: the costs and time involved in running and maintaining PSA's to ensure compliance areincreasing year on year17
the creation of their PSA had been a success in improving the standards of security,noting that their PSA was used as a model for implementation across Europe, andstating that they wanted the legislation to remain in placePSAs did not enhance security or information sharing beyond what was achieved byPort Security Committees that were previously in placeThe small number of additional comments indicates that the online survey gave respondentsadequate opportunity to provide input to this review. The three comments themselvesdemonstrate the range of opinions on port designation orders and PSA. DfT notes that althoughsome costs, financial and time, may appear to be increasing, the evidence from this surveydoes not indicate that costs are rising and that costs are not disproportionate from theadvantages gained by the legislation. There is a strong case for the retention of the portdesignation orders, which many respondents believe provides a useful tool for port security.While Port Security Committees may provide similar benefits to PSAs, the evidence found inthis consultation supports the retention of the legislation.As such, the evidence gathered for this review has not identified opportunities to reduce theburden on PSAs or their constituent members.7. How does the UK approach compare with the implementation of similar measuresinternationally, including how EU member states implemented EU requirements that arecomparable or now form part of retained EU law, or how other countries haveimplemented international agreements?Since the UK’s exit from the European Union, DfT no longer attends the EuropeanCommission’s Maritime Security Committee (MARSEC). This forum was used in the PIR 2017to gather evidence of the implementation of similar measures internationally by summiting aquestionnaire to members. As the UK no longer attends, and given the low level of evidencethat was agreed should inform this PIR, it was decided not to repeat the exercise of PIR 2017 togather evidence from MARSEC members, which would have required a disproportionate levelof resource to undertake.Under Article 19 of the Directive, the European Commission is required to evaluate compliancewith the Directive by Member States, the effectiveness of the measures taken, and, if necessarypresent proposals for addition measures. The latest evaluation, which must be undertakenevery five years, was submitted to the European Parliament and the Council of the EuropeanUnion in 2019.The report ‘Third report assessing the implementation of the Directive on enhancing portsecurity’ (COM(2019) 191) found that “significant progress has been made” in terms ofimplementation though further work is required in some Member States to correctly implementthe measures. Regarding the effectiveness of the Directive, the report noted that security hadimproved among local authorities, port operators and public law enforcement bodies atEuropean ports and that the Directive is “is a good example upon how heterogenous complexinfrastructure can be secured through individual assessments and corresponding plans”. Thereport concludes that the Directive is “currently meeting the expectations” and that it “does notneed to be amended at this point in time.”Since leaving the European Union, the UK has not made any changes to its port securityregime and it would be reasonable to assume that the findings of the report would likely apply toports in the UK. Additionally, the findings of COM(2019) 191 also complement the evidencegathered in this PIR, that measures implemented by the port designation orders are effective atincreasing the level of security in ports.18
Annex A: List of legislation being reviewedLegislation namePort Security Regulations 2009 (as amended 2013)The Port Security (Avonmouth Dock and Royal Portbury Dock and Port ofBristol Security Authority) Designation Order 2010The Port Security (Port of Dover) Designation Order 2011The Port Security (Port of Aberdeen) Designation Order 2012The Port Security (Port of Grangemouth) Designation Order 2012The Port Security (Port of Portland) Designation Order 2012The Port Security (Port of Tees & Hartlepool) Designation Order 2012The Port Security (Port of Workington) Designation Order 2012The Port Security (Ports of Swansea and Port Talbot) Designation Order2013The Port Security (Port of Newhaven) Designation Order 2013The Port Security (Port of Falmouth) Designation Order 2013The Port Security (Port of Sullom Voe) Designation Order 2013The Port Security (Port of Hull, New Holland, Immingham and Grimsby)Designation Order 2013The Port Security (Port of Liverpool and the Manchester Ship Canal)Designation Order2013The Port Security (Port of Southampton) Designation Order 2013The Port Security (Port of Milford Haven) Designation Order 2013The Port Security (Port of Barrow) Designation Order 2013The Port Security (Port of Cromarty Firth) Designation Order 2013The Port Security (Port of Fowey) Designation Order 2013The Port Security (Port of Glasgow) Designation Order 2013The Port Security (Port of Great Yarmouth) Designation Order 2013The Port Security (Port of Peterhead) Designation Order 2013The Port Security (Port of Troon) Designation Order 2013The Port Security (Port of Tyne) Designation Order 2013The Port Security (Ports of Cardiff, Barry and Newport) Designation Order2013The Port Security (Port of Belfast) Designation Order 2013The Port Security (Port of Shoreham) Designation Order 2013The Port Security (Port of Plymouth) Designation Order 2014The Port Security (Port of Medway) Designation Order 2014The Port Security (Port of London) Designation Order 2014The Port Security (Port of Bramble Island Dock, Felixstowe, Harwich,Harwich International, Ipswich and Mistley Quay) Designation Order 2014The Port Security (Port of Londonderry) Designation Order 2014The Port Security (Port of Rosyth) Designation Order 2014The Port Security (Port of Oban) Designation Order 2015SI numberSI 2009/2048SI 2010/319SI 2011/3045SI
These estimated and found the cost to business as relatively low. Annual costs of PSO duties were estimated in the impact assessment at 12,540 . As such, for the PIR 2022, DfT has sought to repeat the PIR 2017, gathering a proportionate level of evidence that is sufficient to answer the research questions set out in the PIR template.
