For your seven billion dollars. I' ll call it two You see it exists. The risk is ninety percent cinpymes that generate eighty cis. Give me twenty minutes of your time and I, in return, will give you information on the most relevant issues in foreign trade, tax and customs with a human touch and let' s traik a podcast of Magic TVs and Mexico hello how good afternoons are welcome. Let' s barter, as you know, a telese magas event in Mexico and well, I hope everyone at Republic level will
be fine with the hurricane. The truth is that in some places there are rains, no and floods, so let' s try not to get out much not to try to take care of ourselves, but well, I think there are rains throughout the Mexican Republic. Then take care of yourself, too. And well, today seems like a miracle. I see Master Béjar here connected as a paralist, I am very happy to greet him Master indeed how good that accompanies us today. He' s got his microphone, already what
we missed to get him to connect. Yeah, thanks, thanks to Clairvoyance. Likewise for all participants, Juan Antonio Carballido to Dr Octavo Ivancia Karen were yes already. The cyclone pulled out the hurricane. Hillary pulled out. I don' t know where he was, but that' s where he got me, because we' re really glad he got him out here. And, well, I also think there was a hurricane last week, too.
In some changes that took place during the week, not talking about some publications of the general import tax that shook us many and well, also today. We wanted to start the week with a topic that many are already asking us that that' s why we said you know what to do as soon as possible and today barter is changes in the profile of the authorized economic operator in
Mexico, how to implement them. And that' s why you' re here today, Karen, how are you, Karen, welcome, let' s make a barter again, hello, hello, good afternoon, it' s been a while since I' ve been here. So, very happy to bring you new, very interesting, excellent information. Well, we have a p- data from today' s TK. Besides that we have essentially the Eighth Doctor of the Tower, who also health and we are very happy to have you here. I think the hurricane got you out, too.
Then we take advantage of the little data from the Trek. Therefore, the small barter data with some recommendations to reduce the tariff impact on imports. This is derived from the decree issued by the Federal Government increasing the general import tax by hundreds of ninety- two tariff fractions. A tariff action increased by five
percent. Two tariff fractions increased by ten percent twenty- seven increased by fifteen twelve, twenty percent and three hundred sixty tariff fractions increased by twenty- five
percent. This decree, which enters into force on the 16th of August of the two thousand and twenty- three and what we have realized is that this modification has represented for some companies focused on the export of products substantially transformed in Mexico, especially with import inputs, an annual impact that has even reached the amount of more than three hundred million pesos by virtue of this new general import
tax. Here it is necessary for us to review the impact of these modifications and make a provision for the remaining twenty- three and twenty- four. This is so that the industry can bear this burden that is currently being borne,
which is a new burden. We should even assess the expansion or implementation of promotion programs such as PROCEC as the service IMAX, in the event that the operation allows, or, where appropriate, the acquisition of inputs for processing, in which some tariff benefit from some FTA or trade agreement is being applied. Here, look, you have to see if you bring in operations that you' re declaring a country with which we have a treaty that, maybe
you' re not applying the benefit. Well, now you have to go get these certificates of origin so that you can benefit. Okay. Here are six recommendations to reduce the tariff impact on these imports that nothing else will affect. Not only are they impacting the industry, but they are also impacting trade. The first thing is to review the tariff fractions that are subject to import tariff increases Check according to your operation, your history and what you intend to
import in the future. If those fractions you' re going to use suffered some change from those found in those three hundred ons there are two fractions. You have to identify, of course, whether those goods are going to be allocated to a definitive regime or a temporary regime, and there you must include, where appropriate, the tariff deferment programmes that are set out in the rules themselves. You should also review whether these temporary imports are duty- free.
This according to the benefits you may have if you count on an IMEX program, for example, in the case of the service modality of this program of the maquiladora industry and manufacturing of export services. You also have to verify based on origin, whether the goods have the possibility to apply any tariff benefits from
the agreements or free trade agreements to which Mexico is a party. Of course, you have to use the sector promotion programs as an alternative, but you have to check if they agree with the production of the final goods that you are producing and that you are exporting. Abused with that because you can take the tariff fraction, but it' s not destined for the final product that
you' re exporting. And even if it is included in the list of tariff fractions of the sectors that are supported through this promotion program, because you could not apply it. We must, of course, examine the tariff benefits granted to you by previous import commitments, i e the octave arrangement. Here
you have to check it and see if you can apply it. And finally, you have to verify the tariff benefits of the schemes for border companies when that product is being destined to the franco or border region or to the Chetomal - free zone. I invite you to contact the associate TV team and we will help you. This is the small data of today' s barter.
Contact us. We' re going to put the data down here in order to help you have an analysis of whether or not there is an impact on your operation, on the operation you' re going to be doing the one you' ve been doing in order to make the best decisions and you can provide and you can continue to have more with your investment in national territory. Well, very interesting, this little barter fact, and well, I invite you to do this analysis so you can see if it' s really going
to have an impact on your operation. And, well, now we do welcome all those who are connecting, who are also on social media. And in order to give the floor to teacher karan Anaya, I will present her looks if you will allow me. The teacher Karen Anaya Mendoza is a graduate in international relations. Graduated from the Autonomous University of Baja California, where she participated in an academic exchange at the Faculty of International Business at the University of
Karlstan in Sweden. He worked in the logistics area in the maquiladora industry, actively collaborating in certification and compliance of City pat e. He made nine thousand has a diploma in foreign trade for the customs operation in the IMAX companies and additionally he took a diploma in foreign trade to n uar more tax and compliance by predia in what I have done today. He served as a security certification leader at the Associate Teles Time Supply Academy and also holds a master' s
degree in tax and administrative law from Puet Baja California. So Karen welcome, thank you very much for always updating us on the subject of authorized economic operator And well, now yes, the microphone is yours and, as you know, in the end we will answer questions and answers, but if you want to go putting your questions and the authorized economic operator team always supports us to go, answering during the course of the talk. Welcome. Thank you very
much, good afternoon, everyone. I' m already sharing a screen. Truth they listen to us well, all right, perfect. Thank you very much. Yeah, my team' s around. In case you have doubts, with confidence, you can write them to us in the chat or in the Questions and Answers section. And so, in the end we will try to read, as the most, the most repeated. And all that then, so let' s start with the subject that, the truth is quite extensive. I think this is going to be the first part of several of
us to talk about this. And so good. First, starting with the context, on 25 July, the third resolution of amendments to the general rules of foreign trade for two thousand twenty- three was published in the Official Journal
of the Federation. So, then, among the transients, in the transitional fourth, we were no longer passing, but until the end, in the transitional fourth he mentioned this resolution that, therefore, there was going to be a modification to the profile formats of both the company and the certified commercial partner in all the modalities. So what has been published in Annex One tells us this transitory, this rule which will enter into force in accordance with the following.
And here it tells us well, in the case of companies that, at the date of the publication of this resolution, that is, the twenty - fifth of July, have in force their registration in the certification scheme of companies in the modalities of OAS or certified commercial partner in any category, they will have six months counted from the resolution, from the publication of the resolution
to comply with the security profile. Then no one is saved here. All companies that have the current registration, All certified companies or certified commercial partner in all the categories enter here in this case. So this tells us that n n n ne until before the twenty- fifth of January of two thousand twenty - four, for to present this updated safety profile, this format, this
for companies that are already certified. Now, the second fraction tells us that companies with applications in process for any modality authorized economic operator, certified commercial partner in any category, calls of carriers, customs agents, all the items of certified commercial partner that are in process will have six months counted from the date on which they are granted their registration, the moment when they get their job
of registration that they are already certified, as you see, as a certified commercial partner. From that date you will have six months to present your updated security profile. So, well, and this for these two assumptions, no, but the companies that we were perhaps in the internal process of preparing to apply, for certification, because there we do have to adjust as soon as possible to be able to enter the procedure, because they have already been published.
The third of August is when the annex is published, one of the rules where the profile formats come and so all, the three, the four, or five, six, seven, eight, nine up to the eleven not with all the headings. Then there, in this, in this annex, you can look it up in the Official Journal of the Federation. August 3 is where they' re going to find all these profile formats for you
to be thrown out. Take this one and you can see it completely today, because we are going to focus on talking to you a little bit about these changes. We' re not gonna get to see everyone. The truth is that it is quite what was changed in the drafting of the profiles, especially things that were added. Then let' s try to give a general overbu. I hope that time will reach us, but surely, because we will be out there publishing more information and talking a little bit more about it.
And so I' m also going to talk to you a little bit about my recommendations so that you can already implement it. So, broadly and above all, in everything that I' m going to present to you, I' m going to base myself on what is the profile of the company, because, because it' s regularly where the other profiles come from, it' s like the main model and from there the others start. Then
let' s focus on that. Here I gave you a screenshot of the first part in case you need to identify it and so, broadly, what are the changes or what was the reason for the changes? It is practically an approval, it is a consolidation with the criteria and with the safety profile of TIPA. Out there if you have been entering more bartering all these years, I believe that since two thousand twenty, that Citi PAT suffered this great
change in its profile. Since then, we have been foreseeing that there would also be this modification to the OAS profile a little bit to keep up with that of stilettos. Then it' s not something new, it' s not something that catches us so by surprise. In fact, over here, we also heard it in anotheréque out there in March. Then we already knew there was going to be a change, we already knew that OAS was going to try to incorporate these huge changes that there were in Citypat in two
thousand and twenty. But, well, you already know that OAS is a little bit more tissue and I am a little bit more specific about what we have documented. As far as the documentary issue is concerned, yes, we have to be very specific in our procedures. Then apply remember this change for companies whether or not they are citipat If they are already City par they probably
have a plus there that they already have certain criteria implemented. I wish everyone, but they probably don' t have it documented as specifically as you ask. Or not, because if Tipas doesn' t ask you for such thorough procedures, unlike her, then I think it' s a big change for everyone, even for those who are already citipas. So, well, it ' s a type- approval. What we note throughout the document is that the word recommendations is deleted. There is no longer such a word in the
explanatory notes that recommended recommendations. We recommend no longer that in the same way, because in practice, although in the profile he mentioned that they were recommendations, in practice, the truth is that the authority demanded it, then simply because that was not already formalized. And there are changes in all standards. The substandards that do not have a modification are counted. I think less than five substandards are the ones left. Just like not i the specific account,
but more or less. And in general, because there are changes regarding the Security Committee, the formation of a security committee as such, cyber security measures that we had already mentioned there that OAS, because it was already a little obsolete in terms of the risks of cyber security that have been arising around the world in recent years, that that was no longer enough the measures that OAS
established for us. Then, because we have already been paired with citipat and with all these risks that exist, we are also added to pest pollution prevention measures, which is Citypad' s agricultural safety standard. It does not add a standard as such to the profile, but this theme does, because it
repeats it to us. That is when we mention inspections of the units, inspections of the loading and unloading area, the use of packaging material there is mentioning the issue, although it was not added as a standard, as such, as we are also mentioned very much about the issue of the prevention of forced labour and child labour in our supply chain, which we have already seen very strong with CITPAD and which also began to be implemented here in Mexico this
year, and because also other issues that already have time implementing City Pat, such as the prevention of having commercial partners that have links with money laundering with resources from legitimate terrorist funds. This is also already mentioned by Orea' s profile. So, well, I' m going to try to mention the
main changes for each standard. The reality is that not all standards changed so much, I think there are two three that today I will not mention because of time issues and because, perhaps, the changes were not so big, but soon we will complement them with the information. So, in standard number one, here you are already adding to us for those who are already city paat who have knowledge of stipat is adding to us the standard of vision,
of safety and responsibility or of high management. And in this, what it tells us is that, well, we have to form a security committee that incorporates representatives of the departments involved. And here remember that I always tell you it' s a team job. Certification can not only leave one person, but a person can lead. It is important that we have a multidisciplinary committee
in which all areas related to certification participate. So here it is formalizing it in a certain way, as if TIPAT also mentions to us that the main points of contact of the certification those we declare before the certification, because they must also be involved in this committee and in these implementations. It is not worth putting an operations manager who, perhaps works in corporate, who is not really soaked with day- to- day operations, because at the moment when
the authority contacts him, maybe he grabs us in a curve. So you have to try to make sure that the contact points that we declare are the ones that are actually working on certification and are informed of what is going on. In shape. The profile tells us a lot that the Committee must be involved in risk analysis, in internal audits, in trainings they must be doing
or, well, I recommend them. I don' t think I did that, but I' m doing regular meetings where they set up calendars with the activities they' re going to carry out throughout the year related to certification. Now you' re also asking us to attach the risk matrix Remember that
before we had to attach nothing else to the procedure. The matrix that has been the implementation of the procedure, since the time of the visits was reviewed Only then is it asking us to attach the matrix, as if tipaz has done it for a long time So, there you have to be also careful with the information that we are going to present to the Authority, because those matrixes of rune risks, because we can be putting the rope to our necks. We' re not alone, and that' s not the point.
Then you have to try to handle it well. But obviously, since it ' s a real and implemented matrix, it' s not lying either. Well, we mentioned the subject of the recommendation. They no longer put us when it is recommendation, simply asks us to indicate, establish, etcetera. And here he tells us about the methodologies of iso thirty- one, thousand, thirty- one, ten and twenty- eight zero, which have always been the basis of the OAS risk matrix. That goes on as such.
Also the security policy must be signed and approved by a senior company official as if tipat then we can use the same security policy that we have simply, as it is now to be seen that average approval by high management firm. It also asks us to indicate how the audits are carried out and how management
verifies the results of the audits. And this writing we see throughout the entire profile in certain examples, because previously it told us whether they carry out internal or external audits, indicate if management verifies the result of them and here it is telling us how they do it. It doesn' t leave us like that, yes or no. According to my analysis, I don' t think so. Here he is already telling us that we have to do it
and we have to explain how we do it. We also have to contemplate contingency plans, which this was already established, but now it adds other assumptions, a little beyond the journeys. If you remember, OAS contingency plans were more focused on journeys, customs, logistics than they are right now. He ' s already giving us examples of cyber- attack situations, fires, other security risks, as if TIPA also mentions it in terms of physical security standard
two. It asks us that in practice this has always been requested by the Authority, but now, since it already formalizes it, it establishes it for us. I think that of so many complaints that we had that the profile was very ambiguous, because now it turned out the other way around and they made us very specific some requirements. Then we have to keep track of the
results of the infrastructure inspections. That' s where we have observations and we have detection of some damage, because we already have to have as such our file with evidence that we followed up on those reports and that they were closed through photos, invoices, work orders, etcetera. A whole file of these
checks to the physical infrastructure. Sensitive restrictive access must also be well documented, because this is something that we have been known to implement for years for certification, that we have to have sensitive areas in which not anyone can access, but when we put it so specific, it formalizes it and that makes us have to document it. Then you have to have a procedure that says how we restrict access to sensitive areas, how we avoid unauthorized access. All of
that has to be documented. We also need to mention the procedure for the use of alarms and STVs. It doesn' t make us choose around here anymore. He doesn' t ask us if we have alarms or not, whether we have a camera system or not. You already tell us that we have to have the procedure in place to use them. So it is already a little bit more, an obligation, especially the issue of alarms, which has always been according to risk analysis. Doesn' t it give us that
option anymore? Then we have to analyze to see if there is still flexibility in the analysis of risks, that each company implements certain measures or not, truth, because because it does not give us in the pure writing, it does not give us as that option and also tells us which must have an alternate energy source and a system of notifications of failure. So here, because it' s also already marking that we have to do it, that we
have to have an alternate energy source. So let' s also see in practice, in implementation, because how mandatory it really is not going to be, because there are companies in which, because there is not that possibility or even that risk in which they need it. It is not clear to me that there are companies that have blackouts at all times, that they are in areas where that is a very big risk, and there yes, we always
recommend it. But if there really is no such risk, then you will have to see how much flexibility there with authority at the time of implementation.
As for the standard of access controls, we have to carry out internal audits of the access control processes and this is something that also, because it left City Pat if out there always recommends that and to the processes of the security guards, the control of visitors, of all those logs that we are carrying out internal audits periodically, that is, well followed, we are reviewing the logs, see that everything is filled well that we are not left alone with
the annual audit to all the processes. We are already specifically mentioned, then, to carry out audits without any terns to these access control processes. It also tells us about access to sensitive areas, depending on the tasks or job description of the employee, that not any employee can be entering any area, but that we make that distinction a little bit between sensitive areas and employees.
We also need to specifically indicate whether employees wear any kind of uniform, how they are assigned, how they distinguish each other, whether it is per position per area and how it is the return that is also something that they have always recommended, it has always been mentioned there has always been one of the
measures for sensitive areas. But the fact that he' s already asking us or already mentioning it in the profile, because it means that we already have to have it well documented, well specified and follow it the same way. The visitor records already tell us which fields should have that if the date, that if the visitor' s name, that if the number of their official identification, that if they have seen out there the profile of citipat is very
specific as to the fields that carry the logs. So that part was clearly rescued too, as it left it very much to our interpretation, which now tells us what data the vitaculas need to carry. I know I' m going fast but I want to get to mention all the slides and the doubts we see in the end in the standard four of trading partners we also see
several little changes. It tells us that the analysis of our trading partners, the risk analysis of our trading partners, must already include issues related to the prevention of activities related to money laundering, financing of terrorism and we must also ask for certain criteria of social compliance, for example, the issue of child labour and forced labour. So, that too, we need to be reviewing
our trading partners. It also mentions here in this standard the participation of the Committee in the audits of the partners and in the planning or setting of the annual calendar of these visits or of these reviews to the trading partners. So, even in that we have to be involving our committee. And that' s better, because we regularly leave it to an apartment or a person. And the idea is that we should be in compliance. And if we leave it to a person an apartment, because it' s quite a job,
it' s not heavy enough. Then I think this is a good idea. Nothing else that already tells us here the profile that we have to ask for additional security requirements, that is, consider this type of partner as critical partners. Remember, we' re going to have business partners and we' re going to have critical business partners. Then, the trading partners might meet certain general data, certain general criteria give us good service, because it is
more than enough. But the critical trading partners that are already involved in the security of my supply chain, because with them we have to have more security measures, such as visits, audits, security questionnaires, an agreement, a contract in which they are obliged to comply with the criteria. These are my critical business partners. And so he tells us that we have to take into account transport service providers, whether long- distance, transfer crossing, x Works,
outsourced, etcetera. So there' s nothing here that' s x Works, it' s not my responsibility, it' s not my partner, because if it' s your partner, because it' s involved in your supply chain, so, in a way, you have to have certain
risk prevention measures. Then, transport service providers for transport, distribution of foreign trade goods, customs agents, logistics outsourcing suppliers, warehouses, maquila companies, manufacturers, sellers, suppliers of foreign domestic raw materials parts, direct and indirect, cleaning service providers, private security, hiring of personnel, suppliers of high security stamps, collection and recycling, suppliers of systems and information technologies, among
others. So, all of these we have to consider in a certain way critical. Obviously, we are not going to ask everyone the same for the twist and the nature of the service they provide. But we do have to be a little more strict than just asking them for their record of fiscal status and positive opinion. So to be considered, for your critical business partner matrices and your partner risk analyses. As for the five process security standard, I
think it' s one of the most changing ones. He suffered as if he were two thousand twenty, and here we are told that we have to include in our mapping all those involved in the supply chain. And here they come also to some of those I mentioned in the last slide, suppliers of their storage maquila, foreign domestic suppliers. He mentions several examples, but I didn' t want it to look so full of information. The slide will be found in the profile. But we do have to add quite a few
other types of suppliers that were previously considered. We also have to point out the rest or storage points of cargo vehicles during the journey and the estimated journey times and time of the reservation. We do not have to ban unauthorized or unscheduled stops. Remember that there is a red light if in our GPS order we see an unauthorized or unscheduled stop, because there we have to turn on the alerts. Security measures must also be taken during the storage of shipments.
That I say this has also always existed, but it already tells us more specific that the area has to be monitored, there has to be an alarm system, it has to be restricted access, it has to be inside an area with perimeter fence, etc. More already we specify it more there must also be some kind of supervision during the loads and the discharges of the goods, that is, a third party besides the personnel that is carrying out the
loading and unloading, that also this we the specifics and tipat And also tells us that we have to take photographs at the time of the loading and at the time of the placing of stamps, And these photographs we have to share with the destination of that merchandise, because for them to verify that everything is
coming as it was sent. We must also try to ensure that the deliveries, the receptions of the goods are with prior appointment or with prior notification that no one comes out of nowhere to collect or leave merchandise without we have information that it would arrive, with the information of who is the driver, which units, etc. And, well, what I mentioned to you about agricultural
security, which you already add to us here. Standard five tells us that the loading areas and all surrounding areas, that is, the platform areas, the warehouse, all those areas close to the loading and unloading areas, must
be inspected against pest contamination. So, that' s if we' re doing inspections of the infrastructure by standard two, because we have to try to add another little point that we' re looking at, because there' s not a little plagiarism, some kind of nest bug issue, whatever it is we' re also looking at and continuing with this standard that I' m telling you is the one that lengthened the most well what I mentioned to you,
pest contamination. Also that we have to have measures against ecolusion between employees, that is, internal conspiracies, to prevent them from succeeding for an end. We have to have measures in place against that. We have to carry out a check of the luggage of the operators, of the transport of the
chopérez, not only check the cabin as previously established. But also, because a little bit there the luggage or belongings of the choférez in the areas of high risk or on routes of high risk, it is suggested to use the method of convoy, that is to say that there are several units together, to prohibit unscheduled stops, as already mentioned, to carry out inspections at the scheduled stops, that is, that the driver as such at the time of
the stop, since before leaving, it is again an inspection that sees that the seal remains intact, that it is still the same, that it has not suffered damage, equal to the unit in general, to have GPS, whose external hardware is hidden and that it can resist the attempts to remove it, indicating the type of system that has been implemented in the units that are used and in case of being a outsourced service, to describe the consultation tools
to be able to monitor the merchandise. So we' ve become even stricter on the subject of GPS. You don' t have to try to keep it hidden that can' t be easily ripped off. And because we definitely have to have access, whether it' s our own system or that of
my carrier company or any other subcontractor, I have to have access. It also tells us that we have to have a procedure of control, dissemination and prevention of visible contamination of pests in case of use of wood packaging materials, and this is for use of wooden pallets, crates boxes, whatever, that we use wood packaging material, because we have to have documented in a procedure how we avoid the contamination of that wood that, obviously, has been implemented
for years, because we know that it is mandatory to use only wood packaging material that has been treated wood that has its seal. We know. I think we all know that we have to have it implemented, but because they must already be documented as such, as we do exactly, we carry out
fumigations that do not specify that we have to fumigate necessarily. But, because all these are measures against standard seven on the safety of cargo vehicles, because it also tells us about agricultural inspections, in addition to our safety inspection in the container, because we have to be looking at, apart from there are no packages, suspects, strange compartments, apart from all that we already know, we have to look at, therefore, that there is no sign of
contamination by plan, that is, any type of organic material that may be transporting pathogens, viruses or just some living being alien to the ecosystem to which that material goes that can wreak havoc. We have to be conducting systematic inspections at the entrance and exit of the facilities. What we already knew, but now it tells us in domestic parentheses and international traffic. I mean, we already have to be doing inspections of the domestic units as well as the local
ones. We also have to carry out periodic audits of the stamps we have in existence, but by a supervisor. This is also something to quote that has already been implemented since two thousand and twenty. I mean, I have a person to marry from the hello administration, to carry out the logbook of
all that. The supervisor of that person or some other teammate has to carry out periodic audits, for to see that we are not overrun or missing stamps and that everything is correctly documented in the vita, and these audits also have to be documented. Obviously, he also speaks very specifically to us about stamp placement and replacement procedures. It tells us, therefore, to document establishing exactly who places the seals in case of opening on the way, that the driver
is trained and carries out an inspection before placing it. The method drinks to have also mentions it, but, as I tell you, a little more specific with dots that, maybe we don' t have documented, even if we do have it implemented. We have to count or make sure that the cabins are free of garbage, that is, the cabin of the chofé.
We have to check. That little dot gives us the specific data that should have the inspection formats, which was what I mentioned to them a little while ago, no longer leaves us free, but we list what data they have to do in the log, as you do and type. We also need to implement second inspections of vehicles randomly, i e, you' ve already
checked my guard or my vehicular warehouse staff. The person who conducts the inspection of the units if he has already inspected it, must have every certain time, periodically, randomly, a supervisor who re- examines the inspection already carried out by the Guard. And this, then, in order to avoid internal conspiracies in the same way and strengthen the activity at best, the guard will be motivated to do the inspection better if he knows that later they will supervise
him and then they will carry out this inspection again. And it also asks us to verify the mechanical conditions of the vehicles in order above all to make sure that perhaps not a rim punched or some other type of mechanical failure, because very clearly it will affect my foreign trade operation. This over standard seven. I didn' t put it on eight, it doesn' t. I do not think that the six are such significant changes either, especially because
of the subject matter. In the case, for example, of the hole that talks about the safety of the staff or about the requirements of human resources, there are not so many changes regularly. It still leaves us to the interpretation of our sensitive staff of compliance with security requirements that if we ask for socio- economic studies or a criminal background letter or anti- doping tests, all that continues to leave to our consideration the measures that we will implement.
Look here at the measures, but we do have to implement additional security measures with sensitive employees and we have to be updating them as well. The profile tells us that, periodically, we recommend that it be, at least annually, updating these safety requirements. I mention them so quickly, because there really weren' t such big changes, but we' ll be seeing it soon.
As for the nine standard of information security, it is what is comparable to the standard of cyber security of destipas, then, because it does have enough changes. It asks us first of all not to have enough protection to boost the security of the information technology infrastructure, that is to say, that we have software and hardware against malware, viruses, trojan worms and against certain practices such as batting, fishing, external internal instructions, that is to say,
that we have firewalls in the company' s computer systems. That is to say, measures such as antivirus, measures such as firewalls to avoid intrusions, measures especially with employees, with users of networks, to prevent them from falling into these new methods of social engineering, the famous fishing and the hijacking of information. All this also suggests use. He doesn' t suggest us.
It establishes the use of BPNES for remote connections. If we have home office employees or allow them to access the company' s network from other locations, that is, we have to be using BPNES, we have to be performing periodic network security tests, which is like what is comparable to the vulnerability analyses that CITIPA asks us, which also tells us that it has to be periodic also some system or some measure of detection of violations of the policies,
that is, some employee who is not following the proper uses of the network or the equipment. We also have to be carrying out periodic endorsements of the information, which we already had, but it specifies it a little bit more. Users' accounts have to be at their own responsibility, that is, that not any account on the network can access all the company' s information,
but only what it needs to carry out its activities. It also tells us that you have to have safer password formats, remember that out there you do type. You already tell us that you have to try to have double authentication when you are entering the company network, double authentication or longer passwords or with safer specifications, something that makes them safer. Also measures against the use of unlicensed software, that is, that all the software is software that we
are using in the company, therefore, legitimate. We also have to establish the procedure of destruction of equipment, therefore, taking into account the applicable environmental or ecological measures, but also of correctly deleting all the company' s information from those equipment before it is available. Also the issue of equipment inventories does not tell us as such, but it does mention us, since how to do this process of activating user accounts, to ask for the return of equipment
when an employee is being discharged. We' re almost done with standard ten on training and security awareness, as it also mentions that the committee has to be involved. They must also be supporting the creation as of this annual training plan. They also share responsibility there. They must be forgiven and the topics of training, in addition to what we already know, because they must already include issues of agricultural security, decrypt security, especially of awareness, because in
order to prevent users from falling into these traps that criminals put in. Also with regard to the affixing of stamps, especially out there also remember that there is a substandard of time that tells us about training to drivers or transport operators, regardless of whether they are from us or outsourced, we have to have a mechanism to train them as well. So this already includes the issue of placing unit inspection seals, because in case of scheduled stops along the way,
they will be responsible for carrying it out. Also, the prevention of operations with legal resources must also be part of the training, especially since procurement staff or personnel responsible for selecting and evaluating suppliers also the process or measures to be
followed in the event of incidents. And we have to implement as well as whether to implement measures to verify that the purpose of the training was fulfilled, that is, a test, a survey, a practice, a drill, something that we implement to see that the training really has served and the staff has understood the subject. And as for the 11th standard of incident investigation management, it tells us that we need to establish procedures that have an updated directory
of personnel to report in case of incidents. And this is, in terms of internal communication, communication with commercial partners, applicable and, in any case, also with the authority. This, too, dude. He' s
been asking us for years to be like a scaling process. Even if we know peace this internal incident, because I have to notify such a person happens to an accident, perhaps an incident forgiveness, perhaps on the way, because I have to talk to such and such a commercial partner, perhaps, with the carrier, maybe, with the customs agent, etc. Or something bigger
happens, maybe I have to get authority involved. So that has to be documented and established and, finally, have or establish a mechanism of anonymous complaints in order for an employee or anyone who is perhaps being the victim of some kind of threat of extortion or who has simply learned of some internal conspiracy that
has a way of notifying him without suffering reprisals, reprisals. Then we have to count on maybe a phone extension, an eight hundred, a mailbox that ' s in there half- hidden, some anonymous way to pass those memories on to us. And so now, to close and continue with the questions, what recommendations do we give for this update. First of all, there will be a documentary review, whether we are citipat or not. Some of
these measures are probably already in place. Maybe we already have everything in place, but we don' t have it documented. Perhaps it was documented in the two thousand and twenty when Citi Fatz was updated, but it no longer belongs to the activities we are carrying out today. So we need to do a full review of all our security procedures, of our entire profile, that is, comparing it to the current profile, to see what we need to set in the procedures. And for that, it' s better than involving
all departments. You can' t throw all this work away, you can ' t just throw it at one person. We need the support of all areas, that each area will be responsible for reviewing its procedures against the requirements of the new profile and it will be very helpful to them for this.
Once you have formed your safety committee, which requires certification. Then involve all the departments to carry out this documentary review set commitment dates to the best of here to two months to have updated all my procedures and the following month update our profile to achieve to present this update, because before the validity, that is within the deadline, before the twenty- fifth of January of two thousand twenty- four, then that time does not come to us, we almost
spend a month, then set those commitment dates well so that they can go forward and remember that in many cases it is already asking us for implementations.
No, no, no, no, no, no, no, no, no, no, no, no, no, no, For example, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no,
no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, no,
no, no, no, no, no, no, no, no, no, no, no, no, no, no, no, the risk matrix asks us to attach it. Then you have to not only document and not just say if I' m going to do it, but already implement it. Above all, and if we know that there is already a visit of supervision or visit of the first time, also that already we are already implementing or initiating it. A responsible leader must be appointed. But let him make sure that the commitment dates are being fulfilled as always,
I always tell you. I think that' s what this record is all about, but we need to update the risk analysis. The risk matrix must always be up- to- date. It' s a living document. We may be having a risk right now and in a month he' s down or maybe, he' s up or maybe we' re detecting a new risk. Then we need to update the risk analysis, because from here it' s going to start what we' re going to implement. Here we will realize what we lack to document or what we lack to put into
practice. And, last but not least, we must try to find a way to comply, not find a way to turn the requirements around, but find a way to comply and thus avoid this requirement. So, that' s the information so far is also very, very digestite. It' s pretty, it' s pretty much the changes. I hope I' ve given you an overr or everything, and I think we' re going to
keep talking about it. They' re going to keep watching newsletters from us and especially if they' re customers, because that' s where we' re going to be biting their ribs to move forward with this update in time and form. And now we' re going with the doubters. Here are several questions that have answered the girls online but, for example, what about us commercial? I don' t know if you can tell us, because a lot of things with business partners. The scope of what we consider to
be critical trading partners must be increased or expanded. Previously we focused on my carrier, my customs agent and already, but Ahorita really, because already we specify that we also have to consider those who are external but who elaborate inside the company, for example Dining security cleaning up the gardener all of them that enter the company and that, then, if it is not a reliable company, because we are giving it, you do not let a stranger pass to
your house, but rather to assure you who it is and if it is reliable, then, as it is. You have to extend that scope and, because increasing these verification measures with them here ask me you have to present the whole profile or only the standards that have instead the new version. Actually all standards had changes at best. One only changed the wording a little bit or words were added. So, with everyone there are changes and you have
to present the whole profile. And yes, not only the world filled in, but all the documents that cover that we' re writing on the profile. Then complete profile, complete procedures manual and in cases where you ask us for something additional, for example, read outs mapping of risk matrix processes, we also have to count this here. There' s another question. The companies that accredited economic operator and authorized through City Pat' s validation report.
They are not exempt from sending the new profile or no one is exempt from everything we have to update. Yes, here they also asked us well and if I have a follow- up visit of citt you can avoid the d or if you have to come to the plant visit. Probably yes, I say there is also the criterion of the authority whether it takes it as valid or not, but you can present the validation report and the authority because on your next visit it will take it as valid. It' s c and
it' s not going to visit you anymore. But there are also cases in which, since it takes it as valid one year equal to the following year, you already visit depending on the criteria. We are also asked here about the new updated standards already on the SAT page. On the SAT page, I think not yet, in fact, if there is enough delay with what is posted on the SAT page. As for formats and all this at
least of OAS, which is what we review every day. But in the Official Journal of the Federation of August 3, they find in annex one to the rules that is where the profile comes or send us corretos. We will gladly provide you with this nothing I say I don' t know if you can tell you Karen, you already did as an emphasis analysis to make it happen to you very quickly how much the Ward profile has changed, as well as that you should how much it really is changing and you ask me here
the profile has to be presented by window or by officiality of parts. Okay there, the annex tells us it' s a window, but really remember we still can' t. The option to submit notices or updates is not yet in the window. So, while the annex says it' s a window, I really think it' s only going to apply to first- time applicants and other companies that are already certified. The notice must be submitted
to the party office. This is the new one of the moment. Well, we don' t think we got a profile in nine so they' ll see a little bit how they are. And here the kids already did as a little change analyst what' s underlined. You' ll see what changes are being added as new. Or to evoke us in the profile. Then you' re going to see most of it in green. These are some changes that there are then to be taken into account. Actually, yes, there are going to be changes in all standards, so it' s
important that you read it. Remember that the profile is our guide to actually filling the requirements that sat has. Then I suggest you read the changes very well and make a comparison with what you had before, and that' s
going to help you guide. Here we are being told by Kargen, that a short time ago we discussed it, which says for the case of security of personnel, the issue of anti- dopin and non- criminal antecents for the reforms of the Federal Labor Law would not be violating the rights of employees. How can we vouch for these changes in order to comply with the certification, as that is a subject I think well controversial already for several years.
That is why the authority, if you see the profile of both the new OAN and the STPAT, tells us that we have to have certain investigations and certain additional safety requirements with sensitive employees, but always in compliance with local laws. So, for example, we have the issue of the new lion state,
in which it is forbidden to request criminal record letters. So in those cases, because obviously you don' t need to do it, you don ' t need to have that requirement, but you do need to find an alternative or other measure to make sure that your employees in sensitive positions, because they' re reliable people who have no links to organized crime, who don ' t have a record there, maybe fake or have no addiction problem in general, who are people who speak and within the law. Then the Authority
doesn' t tell you as such. You have to ask for this, do you have to ask for this? You have to ask for this, but it' s in accordance with your risk analysis and local legislation. So we recommend that if it is still legal in your states request the criminal record letter maybe, an antidopping, maybe some socio- economic study and that this is being updated annually Maybe. An employee who came into compliance later is no longer in compliance and we need to have a way of detecting it. Then
yes, there is controversy. That' s why the profile leaves it a little bit to the interpretation. But we definitely have to have measurements here, which actually tells them a little bit in the profile, in the eight one. In the other explanatory notes. At the point in the second paragraph,
he said that they really saw the criminal record. If the company' s legislation and policies allow it, then in that part it puts it in parentheses, but it puts you a list of what suggests that people' s background is investigated, and especially in sensitive positions. So this is where we have to see how he fulfills it. Then I believe that in that sense can be fulfilled. And, well, I' d seen another question. The Committee must be made up of all the departments of the companies or only those
involved in the feminist chain. I recommend that they be all involved in certification, for example, Maybe someone from production, although your department is very important, maybe it doesn' t have so much to do with the activities they do or the procedures we have documented. So, yes, it does not set us exactly who they should be, but rather it is a multifunctional team that knows a little bit about all the disciplines that are related to certification.
Well, I' m telling you not to leave it to the last one. Don' t remember that we' ll leave it at the end. But we have a few months to be able to prepare ourselves, to make the corresponding changes, to change the procedures and be able to present it on time, so I suggest you don' t leave it at the end and well, right now I would like to open the microphone some panelist. If you want to make a comment. How about how you' re doing good night, sorry to ask for the word. He wants this toast, Doctor
Carvajal, my dear friend Gabriel Béjar, good to see you. Like Enrique and all those who follow, Karen, we were always congratulating you on this measure and we were talking about this change already, it is essential that we pay attention, because obviously, the good non- compliance in the case of those who make an application and not using it in the new formats, because obviously it will have a problem regarding that application and those who have already achieved
their certification in this modality by failing to comply, because they will also be subject to a requirement and possibly later a beginning of cancellation of the certification that they have granted them under the modality of authorized economic operator. Then don'
t leave him. In the end let us be good citizens and try to do it and not leave everything as told to the Mexican woman in the last days, because it will not give them time, because finally, also the formats and profiles did have some adjustments that are not minor in terms of the information and the way in which we have to dump it and the way in which we have to present it. This certification of authorised economic operator comes from
a Treaty to which Mexico is a party, which is the trade facilitation agreement before under the SEIF framework, which was not binding and which we now have
in several of our free trade agreements. Yes, it is a certification that will last and is even the only one, the only one in foreign trade and customs, that has so many benefits and that will hardly be eliminated, as happened with the desertification Ivajeffs, which is based on other laws that are not customs and that are in another context, from which they took away all
the benefits they had and nothing else. They were obviously left, one that was fundamental, which is the subject of this was going to be declared, but it does not find out. In the case of this one, in
particular, the benefits that it has operational are fundamental. Then pay attention to the need to update the companies that are certified under this modality, the trading partners that are also linked, so pay attention to the recommendations that are very healthy, that Karen is making, that is being the FTA team and to whom we make a barter And then approach in order that good meet in time.
It' s really a privilege to have these certifications. It costs a jet of work to achieve them, as if for a situation of laziness, of lack of attention. Whatever happens, the classic I told you, we told you and you missed your time. Not that would be imma Contribution, Daniela, and I greet again all the friends who are here. Thank you very much, ibuana view and thank you, dani Es, congratulations Skaren or
the exhibition. I see so deep the normivity. He sees it and gets into the kitchen with the company, which is only missing for risk control analysis, because putting an alcohol meter is going to come the moment many congratulations. The master says good afternoon, happiness of the exposé. We' ve been managing the poea. We were rejected because when he was ap or so, we currently asked him for his entire security program to be able to walk within
the requirements. We were denied it because it was national security. The same authority did not authorize us for this to update to have that or. Then we had a meeting, they considered it and sent us to present it to their October. To say that now we have to present the new modality in this. I am commenting on this because there are other service providers who consider it national security and what will happen if they accept it that for safety they
do not give you any report. You can, like our case, be denied permission to make the consultation in time. That' s in my comment. Thank you very much, thank you, Master. If there are some considerations and each for each case, there are some companies, it is different and in this case, because yours is a particular topic. And well, here I propose that we review each of the companies in time, each one review the profile how it applies to them both as a certified trading partner and
certified companies, as an authorized economic operator. And well, Karen, thank you so much for your time, thank you for sharing your knowledge with us to do this barter and good on behalf of the entire telesemagas team in Mexico. We got to a wheel you what. We' re going to give this recognition to teacher Karen Anaya. Ah Ya fast me to correct guys for making a truck in the virtual conversation with the theme changes the authorized economic operator
profile in Mexico. How to implement them. The twenty- first day of August to two thousand twenty- three, filmed by the Doctor of Creed of the servant Tower. Thank you so much, Karene, and good congratulations. Extraordinary presentation will be part two. Of course, thank you very much. Yeah, we' re gonna keep talking about it soon. Thank you all very much and good isa that we have on Wednesday so that they do not
lose it. Well, on Wednesday we are going to have the subject of fiscal discrepancy with the master Gabriel Cordero, who is a consultant and author of the work of taxes and dragons. So come with us as usual at 6 p m, Central Time, 5 p m, Pacific Time. See you on Wednesday and thank you so much for joining us and making a track that has a nice afternoon and nice beginning of week. Thank you, okay, what a good look to you. Well we saw Doctor Octavio de la Torre
is that now fight Carlos Sacua to all and also Master Sheep. He left some in his era in others in Ba California, but Gabriel makes the promise that he' s not going to miss any TV anymore Yes, no, not really even here I love it splendid because you were very surprised. Thank you. I don' t believe the mutual. Anyway usque goes to the doctor that you' re fine pussy, kare Congratulations Splender Let' s all go to Wednesday and thank you until you. Thank you for this group.
Thank you until the e. We begin this two thousand twenty- three and we must certainly reflect on the fact that we become the people with whom we relate. That' s why we created FTA community your new digital platform involving national and foreign specialists to share courses, conferences, updates, newsletters, podcasts,
videos and more aspects of foreign trade, tax and customs. This space allows you to interact through our forum to network with the ideal specialist for you or your company to feedback opinions, propose improvements, share and learn about changes in legislation actively. In addition, being part of the Tlc TE community allows you to have benefits such as discounts and exclusive rewards in cinemas, restaurants, hotels, universities, department stores and cafes, all worth more than ten zero
three monthly. According to COSUL, and that' s not all, you ' ll have access to a job bag dedicated to finding professionals specialized in our subject, as well as posting vacancies from your company and everything in one place, we' ve reached the end of today' s tackle. Thank you so much for joining us. This was a barter via som a telc Magas and Mexico event. If you liked this talk. Don' t forget to share each event with your contacts so that we continue to spread knowledge and stay
up to date. They find all our talks through our online education platform, entering www TLC magas in Mexico com MX in the course section, where you can see them again without cost. If you are interested in any specific topic, send us a message to others through the social networks of TVs and rags in Mexico and we will look for an expert who can clarify your doubts. This was on let' s do a croac.