Notices to Members

No. 3 - Maritime Security - New SOLAS Requirements

April 2003

Dear Sirs


Following a Diplomatic Conference in London in December 2002, the International Maritime Organisation (IMO) has made a number of far-reaching amendments to the 1974 Safety of Life at Sea (SOLAS) Convention to strengthen maritime security. It is important to note that many of the new measures enter into force next year and are mandatory. In view of the short lead time and the unlikely prospect of an extension, Members are urged to start work without delay.

Some of the principal changes are summarised below, but the information is not exhaustive. Members should refer directly to the new amendments for a more comprehensive view of what is required.

Automatic Information Systems (AIS)
SOLAS, Chapter V (Safety of Navigation), Regulation 19 contains a new timetable for the fitting of Automatic Information Systems (AIS). Ships (other than passenger ships and tankers) of 300 gross tonnes and upwards but less than 50,000 gross tonnes are required to fit AIS not later than the first safety equipment survey after 1 July 2004, or by 31 December 2004, whichever occurs earlier. Existing AIS compliance dates for passenger ships (not later than 1 July 2003), tankers (not later than the first survey for safety equipment on or after 1 July 2003) and other ships of 50,000 gross tonnes and upwards (not later than 1 July 2004) remain unchanged. Ships fitted with AIS are to operate the equipment at all times except where international agreements, rules or standards provide for the protection of navigational information.

Ship Identification Number
SOLAS Chapter XI “Special Measures to Enhance Maritime Safety” has been re-numbered as Chapter XI-1. Regulation 3 has been modified and requires the ship’s identification number to be marked in a visible place on the stern, or on both sides of the hull amidships, or on the front of the superstructure. Passenger ships may carry the marking on a horizontal surface visible from the air. The identification number is also to be marked on one of the end transverse bulkheads in the machinery space, or on one of the hatchways, or in the pump room or, if a ro-ro, on one of the end transverse bulkheads in the cargo space. All digits are to be not less than 200mm in height externally and not less than 100mm internally, painted in a contrasting colour and are to be permanently carved or raised. It is also believed that the identification number may need to be prefixed by the letters “IMO”. Existing ships are to comply with this requirement no later than the first scheduled dry-docking after 1 July 2004.

Continuous Synopsis Record
SOLAS Chapter XI-1, Regulation 5 requires ships to maintain a Continuous Synopsis Record (CSR) as from 1 July 2004. Flag administrations are responsible for issuing this document which will chronicle the ship’s history. The CSR is to contain information such as the ship’s name, identification number, flag state, date of registration, port of registry, classification society, name and address of company and address from where company’s safety management activities are carried out, name of the owner(s) and their address(es), name of the bareboat charterer(s) and their address(es), and name of the organisation(s) which issued the company’s Document of Compliance, the vessel’s Safety Management Certificate and the International Ship Security Certificate. All changes are to be recorded in the CSR and the document is to be retained on board throughout the life of the vessel, irrespective of new management or ownership. The CSR is to be available for inspection at all times.

Ship Security Alert System
A new SOLAS Chapter XI-2 has been added, titled “Special Measures to Enhance Maritime Security”. Regulation 6 requires passenger ships of any size and oil tankers, chemical tankers, gas carriers, bulk carriers and cargo high speed craft of 500 gross tonnes and upwards to be fitted with a Ship Security Alert System not later than the first survey of the radio installation after 1 July 2004. All other cargo ships of 500 gross tonnes and upwards are to fit such equipment not later than the first survey of the radio installation after 1 July 2006. The Ship Security Alert System is to be capable of being triggered from the bridge and at least one other location. When activated it is to transmit a ship-to-shore security alert to a “competent authority” designated by the flag administration identifying the ship and its location. It is believed that many flag administrations will consider the vessel’s operator to be a “competent authority”.

Specific Responsibility of Companies
SOLAS Chapter XI-2, Regulation 5 requires companies to provide the master with information enabling port state control officers to establish who is responsible for appointing members of the crew, who is responsible for deciding the employment of the ship and, if the ship is on charter, who are parties to the agreement.

Master’s Discretion for Ship Safety and Security
SOLAS Chapter XI-2, Regulation 8 confirms the master’s authority and emphasises that he is responsible for maintaining the safety and security of the ship. It adds that masters may deny access to persons or their effects or refuse to load cargo in order to achieve this aim and shall not be constrained by the company or the charterer. Regulation 8 also states that in the event of a conflict between safety and security requirements, the former shall take priority. In such an event the master is to implement temporary security measures and inform the flag administration and, if appropriate, the authorities responsible for the port concerned.

The International Ship and Port Facility Security Code
The International Ship and Port Facility Security (ISPS) Code enters into force on 1 July 2004 and applies to passenger ships of any size, cargo ships and high speed craft of 500 gross tonnes and upwards, and mobile offshore drilling units.

Part A of the ISPS Code is mandatory and contains detailed requirements for ships, companies, port authorities, flag administrations and governments. Part B of the ISPS Code is advisory and contains guidelines on how to comply with Part A. However, Members should be aware that the US Coast Guard has announced that it plans to make compliance with Part B obligatory for vessels trading to US ports.

In brief, shipping companies are required to appoint a Company Security Officer ashore and a Ship Security Officer on board each ship. These need not be exclusive positions, and existing personnel may be nominated. The company is also responsible for ensuring that a Ship Security Assessment is carried out on board and for preparing a Ship Security Plan for each ship thereafter. Ship Security Plans must be submitted to the flag administration, or to a Recognised Security Organisation (RSO) authorised by the flag administration, for approval. Once approved and implemented, the security arrangements on board are to be verified by the flag administration or RSO. A successful verification will result in the ship being issued with an International Ship Security Certificate which must be obtained no later than 1 July 2004. Renewal verifications are to take place every five years, with at least one intermediate verification between the second and third anniversary dates.

Governments are required to carry out Port Facility Security Assessments, produce Port Facility Security Plans and appoint Port Facility Security Officers in a similar manner. However, in the case of a port facility visited by ships engaged on international voyages only occasionally, the contracting government is at liberty to decide the extent to which the ISPS Code will apply. Therefore it should not be assumed that a Port Facility Security Officer will be found in every port.

Company Security Officer (CSO)
The company may appoint more than one CSO provided it is clear for which ships each CSO is responsible. Duties of the CSO include co-ordinating the Ship Security Assessments, overseeing the development, submission, approval, implementation and maintenance of the Ship Security Plan, informing vessels of the levels of threat likely to be encountered, arranging internal audits and reviews of security activities, ensuring that any deficiencies are rectified and organising the initial and subsequent verifications.

Ship Security Officer (SSO)
The duties of the SSO include supervising the implementation of the Ship Security Plan on board, carrying out regular security inspections of the ship, liaising with the CSO and Port Facility Security Officers as necessary, reporting security incidents, checking that the vessel’s security equipment is functioning correctly and ensuring that crewmembers are adequately familiarised with shipboard security and their respective responsibilities.

Port Facility Security Officer (PFSO)
The PFSO is responsible for implementing and exercising the Port Facility Security Plan, undertaking regular security inspections of the port facility, modifying the Port Facility Security Plan in response to changes and deficiencies, reporting and recording occurrences which may threaten security, co-ordinating local security services and, if requested, assisting the SSO to confirm the identity of those seeking to board the ship.

Ship Security Assessment (SSA)
According to the ISPS Code, Ship Security Assessments are to be carried out by “persons with appropriate skills”. Subject to confirmation by the relevant flag administration(s), the company may use its own staff for this purpose if adequately trained. Alternatively, they may delegate this function to an RSO. All Ship Security Assessments are to be documented, retained and reviewed periodically by the company, and protected from unauthorised access or disclosure.

An integral part of the Ship Security Assessment is an “on-scene” survey. The process should be used to identify the presence of any existing security measures, key shipboard operations which should be protected, possible threats and potential vulnerabilities. Part B of the ISPS Code gives detailed advice on how to conduct such exercises.

Ship Security Plan (SSP)
A Ship Security Plan is to be developed for each vessel based on the outcome of the Ship Security Assessment. Once completed the plan must be submitted to the flag administration for approval. If the company has used an RSO to carry out the assessment and/or prepare the plan, the same organisation cannot approve the Ship Security Plan on behalf of the flag administration or carry out verifications for certification.

The plan should identify the SSO and the CSO and is to address issues such as the duties of shipboard personnel, restricted areas, measures to prevent unauthorised access and safeguards to counter the unlawful carriage of weapons, dangerous substances and devices. In addition, procedures are required for training and drills, interfacing with port facility security activities, reviewing and updating the plan, countering security threats, responding to security instructions given by governments, reporting incidents, evacuating the ship, carrying out security audits (including internal audits of the plan), and inspecting, testing and maintaining the vessel’s security equipment. The plan should also identify the ship security alert activation points and include procedures governing the use of such equipment. Alternatively, information on the ship security alert system may be kept elsewhere on board in a confidential document known only to the master, the SSO and other senior personnel as decided by the company.

In normal circumstances a vessel’s Ship Security Plan is not subject to inspection by port state control officers. However, if port state control officers believe that a ship is not complying with SOLAS Chapter XI-2 or Part A of the ISPS Code and the only means to verify or rectify the non-compliance is to review the relevant requirements of the Ship Security Plan, limited access is exceptionally allowed provided the flag administration or the master give their consent.

Levels of Security
The Ship Security Plan is to provide for three different levels of security:

Level 1 (Normal):

The level at which the ship will normally operate. Minimum requirements include ensuring the performance of all ship security duties, controlling access, checking identities, locking unattended spaces, monitoring deck areas, restricted areas and areas surrounding the ship, supervising the handling of cargo and ship’s stores, and making sure that security communication is ready for use.

Level 2 (Heightened):

The level applying for as long as there is a heightened risk of a security incident. This may mean deploying additional personnel to deter unauthorised access, stepping up security patrols, limiting the number of access points to the ship, escorting visitors, carrying out searches and, in co-operation with the port facility, establishing a restricted area ashore adjacent to the ship and deterring waterside access.

Level 3 (Exceptional):

The level applying for the period of time when there is the probable or imminent risk of a security incident. Maximum precautions may include establishing a single, controlled access point, suspending embarkation/disembarkation, granting access only to those responding to the security situation, suspending cargo operations and deliveries, and moving or evacuating the ship.

Security levels will be set by Contracting Governments (flag administrations or port states). If a flag administration requires shipboard security to be increased to Level 2 or Level 3 for a certain port or region, the vessels affected must acknowledge receipt of such instructions.

If a port requires Level 2 or Level 3 security, the ship must acknowledge receipt of the order and contact the port facility security officer to confirm that the applicable measures in the Ship Security Plan have been implemented. In the event of any compliance difficulties the Port Facility Security Officer and the Ship Security Officer are to discuss and agree a suitable course of action.

It is possible that a flag administration may require a higher security level for a particular port than that set by the government of the country concerned. If so, the ship is to notify the competent authority of the port state and the Port Facility Security Officer without delay. In addition the Ship Security Officer is to liaise with the latter and co-ordinate appropriate actions. This may include a Declaration of Security.

Declaration of Security
A Declaration of Security is a formal agreement made between the ship and the port facility on the security measures that each will apply, together with their respective responsibilities. Either party may initiate the process if they consider such an undertaking to be necessary. A Declaration of Security may be warranted:

  • At higher security levels.
  • When the ship is operating at a higher security level than the port facility or a ship with which it is interfacing.
  • If there has been a security threat or security incident involving the ship or the port facility.
  • If the ship calls at a port which lacks a Port Facility Security Plan.
  • During ship-to-ship activities with a vessel which does not have or require an approved Ship Security Plan.
  • If there is an agreement between Contracting Governments regarding certain international voyages or specific ships on such voyages.

A specimen Declaration of Security form can be found in Part B of the ISPS Code.

Ship Security Officers and the Company Security Officer are to be trained, taking into account the broad guidance summarised in Part B of the ISPS Code. The provision of training is a company responsibility and records need to be maintained. Although the ISPS Code does not specify how CSO/SSO training is to be delivered, IMO model courses are being developed. However, at the present time it would appear that companies are free to make their own arrangements using in-house or external resources as they see fit. Before taking action Members are advised to check whether their flag administration(s) have introduced any additional requirements regarding the ambit or duration of such training.

Similarly, shipboard personnel with specific security duties are to be familiarised with their responsibilities as described in the Ship Security Plan, and all other crewmembers should be acquainted with its relevant provisions (eg the meaning of different security levels, knowledge of emergency procedures, techniques used to circumvent security measures). The Ship Security Officer may carry out this task and should ensure that all details are recorded.

Drills and Exercises
Security drills are to be held on board at least once every three months to promote the effective implementation of the Ship Security Plan. If more than 25% of the crew is changed at any one time, the new joiners are to take part in a security drill within their first week on board.

The company is to organise a full scale exercise or a tabletop simulation each year involving the Company Security Officer and as many other interested parties as possible. No more than 18 months are to elapse between exercises.

As a minimum, and subject to any additional flag administration requirements, records of the following activities are to be maintained on board:

  • Training, drills and exercises.
  • Security threats, security incidents and breaches of security.
  • Changes in security level.
  • Communications relating to the direct security of the ship.
  • Internal audits and reviews of security activities.
  • Periodic review of the Ship Security Assessment and Ship Security Plan.
  • Implementation of any amendments to the Ship Security Plan.
  • Maintenance, calibration and testing of any security equipment on board, including testing of the ship security alert system.

The Ship Security Plan and all security records are to be written in the working language of the ship. If not English, French or Spanish, a translation into one of these languages is required. If such information is held in electronic format it is to be protected from unauthorised access or disclosure, and from unauthorised deletion, destruction or amendment.

Control and Compliance Measures
SOLAS Chapter XI-2, Regulation 9 describes the action which may be taken by port state control authorities if a ship is found to lack a valid International Ship Security Certificate or if there are “clear grounds” for believing that it is not complying with the requirements. Such measures may result in inspection, delay, detention, restriction of operations, limitation of movement or expulsion.

Prior to entering port a vessel may be asked to provide details of its International Ship Security Certificate, the names of the last 10 port facilities visited and the security measures taken in each location. Records are to be maintained on board for this purpose. If such information gives the shore authorities “clear grounds” to think that a ship is not in compliance, the vessel may be required to rectify the situation, proceed to a specified location within territorial limits or submit to an inspection. Alternatively, entry may be denied.

Club Support
Members requiring a copy of the ISPS Code or seeking further guidance on carrying out Ship Security Assessments or preparing Ship Security Plans are invited to contact the Club’s Loss Prevention department.

Moreover, it was recognised some time ago that the training of Ship Security Officers may pose significant logistical difficulties for some companies. In response and with assistance from the Club, Videotel Marine International has produced a distance learning course designed to provide such training. The package consists of written material and a video titled “Shipboard Security”. Alternatively an interactive CD Rom is available if preferred.

A working group drawn from many sectors of the shipping industry was formed to oversee the development of the course and included representatives from several Members, the International Maritime Organisation, the International Chamber of Shipping, Bimco, Intertanko, the US Coast Guard and the UK Maritime and Coastguard Agency.

Members will receive a complimentary copy of the video within the next few weeks and those wishing to purchase the full package from Videotel will be entitled to a significant discount. If evidence of training is required, assessment and certification may be arranged through Videotel for an additional fee. Full details will accompany the videos when dispatched.


Yours faithfully
The West of England Ship Owners
Insurance Services Limited
(As Managers)

M W H Williams