Risk management process

There are five main steps in the standard customs risk management process as defined by the World Customs Organization [1]: 

1. "Establish Context": importation of goods, export controls, passenger traffic, etc.; 
2. "Identify Risks": revenue protection (e.g. under valuation, origin, classification), prohibitions and restrictions (e.g. drug trafficking, IPR, fire arms, etc.); 
3. "Analyse Risks": likelihood of a risk occurring (less likely, likely, highly likely); 
4. "Assess and Prioritize Risks": assess impact and consequence of risks occurring (e.g. high, medium, low); 
5. "Address Risks": define countermeasures and assign to risk levels and options (e.g. tolerate, treat, transfer or terminate). 

In addition to these five steps, risk management requires constant monitoring and review in order to eliminate false negative as well as false positive risk assessments.

Throughout the process proper documentation, communication and consultation with all relevant stakeholders is key, as risk management is a corporate task involving the entire organization and not one dedicated unit only.

--------------------

[1] This is an excerpt from the article "The risk challenge of indirect tax - customs (Part I)" by Mark Rowbotham, published in CCRM Issue 22 (2023)