The supply chain industry is one of the most heavily regulated sectors of the economy. Many potentially dangerous items pass through the supply chain and there are regular threats to those operating in it.

From the transport security perspective, industry is aware that following the events of 11 September 2001, the main security threat was that of terrorism. Some of the immediate consequences in the Australian context was the introduction of new aviation and maritime security legislation and the grant of new powers to those working in government agencies operating at the border. There was also a new focus on enhancing technology in the supply chain to protect against adverse effects without undue intervention or delay in the supply chain.

However, the nature of the threats in the supply chain has expanded significantly over time. There has been recent focus on cyber threats, the smuggling of tobacco, vapes and other illicit substances with amendments to legislation regulating premises licensed by the border agencies (such as bonds and warehouses) and amendments to legislation regulating services providers licensed by border agencies such as licensed customs brokers.

A look at legislation

Additional legislation has now been introduced into the Australian Federal Parliament which reflects a further new escalation in security practices required for the transport industry.

As stated in the explanatory memorandum to the Transport Security Amendment (Security of Australia’s Transport Sector) Bill 2024, “The Australian Government is committed to protecting the safety, security and resilience of the aviation and maritime transport sectors. As the threats and risks to Australia’s critical transport infrastructure evolve, so too must our approach to ensuring the ongoing security and resilience of these sectors.

“The main purpose of the Aviation Transport Security Act 2004 (ATSA) and the Maritime Transport and Offshore Facilities Security Act 2003 (MTOFSA) is to establish a regulatory framework to safeguard against unlawful interference with aviation and maritime transport, and offshore facilities. The purpose of the Transport Security Amendment (Security of Australia’s Transport Sector) Bill 2024 (the Bill) is to uplift and enhance this framework in line with the Australian Government’s commitment to protecting Australia’s critical infrastructure.”

Additional legislation has now been introduced into the Australian Federal Parliament which reflects a further new escalation in security practices required for the transport industry.

The expansion of the focus of the Australian transport security regime follows the independent review into Australia’s aviation and maritime transport security settings commissioned in 2021. The independent review included several recommendations under five general themes.

Regarding those five themes, the explanatory memorandum to the Bill commented as follows.

“The Bill will amend the ATSA and the MTOFSA to give effect to the first theme of the Independent Review – updating legislative and policy frameworks to enable iterative, risk-based, and scalable legislation. The four remaining themes do not require legislative change to implement; these will be actioned by the Government outside of legislative processes.”

On 13 January 2025, the Bill was referred to the Parliamentary Joint Committee on Intelligence and Security. The webpage for the committee, available here, includes a link to the independent review here.

Understanding the Bill

Key elements of the Bill include amendments to either or both the ATSA and the MTOSA to:

  • amend the definition of “unlawful interference” to capture a broader variety of acts, including cyber security incidents, and attempts as well as successful acts
  • impose reporting requirements for cyber security incidents
  • provide for the introduction of “all-hazards” security obligations into both legislative schemes, by authorising regulations to be made relating to security programs and plans, minimum security standards that must be met, security assessments and annual reporting
  • introduce system testing requirements for maritime security controls, and ‘vulnerability testing’ in both the aviation and maritime sectors
  • update provisions relating to “test weapons” to allow the department to use new test weapons reflecting current and emerging threats
  • broaden and align provisions across both acts for the issuance of security directions by the Department of Home Affairs
  • enable the establishment of a non-compliance “demerit points scheme” for the aviation sector
  • amend definitions of “port” and “security regulated port” to ensure that security regulation includes infrastructure, operations, assets and anchorages as part of port facilities.

The Bill includes other technical and administrative updates to the ATSA and MTOFSA.

There are several aspects that may be of interest to members including:

  • Checking with service providers to the company whether their cybersecurity and other security mechanisms will comply with the new requirements in the Bill. Will new testing or products be required?
  • Determining which ports will now be subject to security regulations and the changes which may be required to those ports and related infrastructure, operations, assets and anchorages.
  • How to incorporate these new security requirements into existing security provisions in agreements with contractors and employment contracts including existing Transport Security Plans.
  • Introducing new training for staff and contractors. Will new reporting obligations be required on employees and contractors? Will new expertise be required?
  • Ensuring that risks addressed by the Bill are covered by existing insurance or whether new insurance is required. For example, will “cyber security” and “all hazards” insurance cover new obligations in the Bill?
  • Will insurance cover the new “demerits points scheme” in the aviation sector?
  • Amending arrangements with new clients to cover new obligations under the Bill – including advising clients as to the nature of the obligations and which provisions for services need amending.
  • Amending the “onboarding” arrangements for new clients with revised terms and conditions of trade including new acknowledgements and warranties on security issues which will be required by the Bill.
  • Establishing what new costs which may follow from the revised security requirements including the costs for government agencies and the additional costs for those in the supply chain which will all be required to be imposed on their customers.
  • Whether there should be steps in the imposition of obligations depending on the size of the entity in the supply chain or of its turnover or the goods being handled and whether different levels of obligations will be imposed depending on the size of the affected parties.
  • What assistance will be provided to industry and from which part of the Australian government?

Submissions to the Committee were due on 13 February 2025.