Aviation Security Identification Cards (ASIC) and
Visitor Identification Cards (VIC)
5.1
ASICs provide access to secure areas of airports. They are issued to
employees who have cleared required background checks and who require frequent
access to these secure areas. A VIC must also be worn in secure airport areas,
but are issued to temporary or non‑frequent airport visitors for a
maximum of 28 days in a year.
5.2
The committee recognises that there have been a number of reviews into
the ASIC scheme over recent years, resulting in ongoing reforms and amendments
to the program. These reviews are considered in this chapter. The chapter also
discusses legislative changes currently before the Senate which seek to amend ASIC
eligibility and address security risks.
5.3
During the inquiry, a number of concerns were raised about the misuse of
ASICs and VICs and the impact of such activity on aviation and airport
security. This chapter details these concerns and the security risks they
present.
Background
Aviation Security Identification
Cards
5.4
The ASIC scheme seeks to ensure that individuals employed in or
regularly accessing secure or 'sterile areas' in the aviation sector are
subject to a certain level of background checking. Since its inception, the
scheme has been subject to a number of changes. While initially applicants were
only subject to criminal record checks, following the September 11 terrorist
attacks, the scheme was expanded to cover a greater number of airports and
airport staff. It was also strengthened through the introduction of tighter
criminal history checks and an Australian Security Intelligence Organisation
(ASIO) security assessment.
5.5
The ASIC scheme is provided for in the Regulations and is administered
by the department.
ASIC processing
5.6
ASICs identify a person who has undergone a background check. According
to the department, it shows that the person has met the minimum security
requirements to access secure areas of a security controlled airport. However,
the ASIC is not an access card, as the relevant authority at each airport
controls access to its secure areas.[1]
5.7
In 2016, the department informed the Senate Rural and Regional Affairs
and Transport Legislation Committee (legislation committee) that as of
31 March 2016, 138 825 valid ASICs were in use, with an average of
119 300 ASIC/MSIC applications annually processed since 2010 (when
reapplication every two years was introduced).[2]
5.8
Applicants for an ASIC need to apply to an ASIC issuing body. ASICs are
not issued by a government agency; this task instead lies with a number of
private and public sector issuing bodies, appointed under the Act. They include
airport operators, airlines, aviation organisations, and commercial ASIC
service providers.[3]
As of March 2017, there were 44 different issuing bodies.[4]
5.9
Under current arrangements, ASIC background checking is conducted by the
Australian Background Checking Service (AusCheck) on behalf of an issuing body.
AusCheck coordinates vetting arrangements that underpin the ASIC scheme.
Vetting includes:
-
a criminal record check by CrimTrac, used to determine if an
applicant has an adverse criminal record;
-
a security assessment by ASIO; and
-
if required, a right to work check by the Department of
Immigration and Border Protection.[5]
5.10
An ASIC may be refused if an applicant returns an adverse criminal
history check, or, if already issued, may be cancelled due to an adverse
criminal record. Applicants have legal rights for reconsideration or appeal if
denied an ASIC. In certain circumstances, applicants with an adverse criminal
record can apply for department consideration, based on their individual
circumstances. If successful, they will receive a discretionary ASIC card. An
adverse criminal record includes:
-
an aviation‑security‑relevant offence and sentenced
imprisonment; or
-
two or more aviation‑security‑relevant offences, with
no imprisonment, one of which was received within 12 months of the criminal
history check.[6]
5.11
The current regulations define an aviation-security-relevant offence as
'an offence of a kind mentioned in the following table against a law of the
Commonwealth, or of a State or Territory, or of any other country or part of a country'.[7]
Table 5.1: Aviation security‑relevant
offences
Item |
Kind of offence |
1 |
An offence involving dishonesty |
2 |
An offence involving violence or a threat of violence |
3 |
An offence involving intentional damage to property or a threat
of damage to property |
4 |
An offence constituted by the
production, possession, supply, import or export of a substance that is:
(a) a narcotic substance within the meaning of the Customs Act
1901; or
(b) a drug, within the meaning of:
(i) regulation 10 of
the Customs (Prohibited Exports) Regulations 1958; or
(ii) regulation 5 of
the Customs (Prohibited Imports) Regulations 1956 |
5 |
An offence, of a kind dealt with in Part II of the Crimes
Act 1914, against the Government of:
(a) the Commonwealth or a State or Territory; or
(b) a country or part of a country other than Australia |
6 |
An offence against Part 2 of the Crimes (Aviation)
Act 1991 |
7 |
An offence against Part 5.3 of the Criminal Code |
8 |
An offence constituted by the production, possession, supply,
import or export of explosives or explosive devices |
5.12
The Regulations specify three types of ASIC security passes which permit
access to security zones:
-
ASIC–– issued for those who require access to 'secure areas';
-
temporary ASIC––issued the ASIC holders when an ASIC is lost,
stolen or destroyed; and
-
visitor identification cards (VICs)––issued to people needing to
visit a secure area who are supervised by the holder of a valid ASIC while in
the area.[8]
Reforms to ASIC
5.13
As with aviation security regulation more generally, the ASIC scheme has
been subject to ongoing reviews and amendments. While this has led to
improvements in the scheme's administration, the committee was directed by the
evidence to numerous areas that could be enhanced to improve security outcomes.
Wheeler Review 2005
5.14
The Wheeler Review found a number of weaknesses within the ASIC system as
well as 'confusion as to what airport access an ASIC enables'. Wheeler found
that the criminal checking regime relied on convictions in a database at a
point in time from the issuant of a two-year card. As subsequent recorded
convictions were not automatically registered after a background check was
completed, applicants with a pattern of criminality or with major criminal
associations could still potentially be given access. Furthermore, Wheeler
found that:
-
the checking process could take weeks to complete, causing
'unacceptable reliance on procedures for visitor cards which do not require
background checks';
-
there were 188 ASIC databases and authorising bodies around
Australia that were neither consistent nor linked; and
-
some casual or contract workers, such as security screeners or
cleaners didn't initially hold ASICs and were not necessarily always
accompanied on-the-job by an ASIC holder as required under the legislation.[9]
5.15
Wheeler recommended that the background checking process required in
obtaining and holding an ASIC be further tightened and centralised in the
Attorney‑General's Department (AGD) and that this should be harmonised
with maritime cards.[10]
AusCheck, operating on a cost-recovery basis, now performs background security
checks for ASIC applications in line with the Wheeler Review recommendations,
thus 'improving consistency and robustness of checking'.[11]
Aviation White Paper 2009
5.16
The National Aviation Policy White Paper was published in December 2009.
It contained a series of measures directed at strengthening aviation security
including the ASIC regime. These measures include:
-
strengthening the cancellation provisions for ASIC governing
bodies and increasing penalties for false declarations by applicants;
-
allowing for subsequent background checks for ASIC holders where
their eligibility may have changed; and
-
tightening visitor management provisions at security controlled
airports.[12]
5.17
The white paper advocated for administrative changes to streamline the
ASIC scheme, including a reduction in the number of issuing bodies, and
providing that ASIC cards display a specified expiry date, rather than a
specified month.[13]
ANAO audit 2011
5.18
In May 2011, the ANAO tabled a performance audit of the ASIC and Maritime
Security Identification Card (MSIC) schemes. The ANAO made three
recommendations regarding governance arrangements, issuing processes, and information
management. All three recommendations were directed towards the OTS.
5.19
The ANAO recommended that OTS:
-
review the risks arising from the administrative practices of
issuing bodies, particularly in the issuing and manufacture of cards, and
evidence of the confirmation of an applicant's identity. The outcomes of this
review were to assess whether arrangements provided an appropriate level of
assurance that the scheme's requirements were being met;
-
increase the use of information obtained from its audit,
inspection and stakeholder program to focus further compliance activities on
areas that represented the greatest security risk; and
-
monitor the actual usage of VICs at security-controlled airports
and use this information to inform ongoing development of the ASIC scheme.[14]
PJCLE 2011
5.20
Under its terms of reference for its 2011 inquiry, the PJCLE examined
the effectiveness of the ASIC and MSIC schemes. It considered how these cards
were issued, monitored and stored, and how information was shared between
appropriate law enforcement agencies.[15]
5.21
The PJCLE expressed its concern about the significant risk posed by
criminal infiltration of the aviation workforce. As a means of preventing such
infiltration, the PJCLE recommended that the AGD review the list of relevant
security offences under the ASIC scheme. This review would assess whether any
further offences were required to effectively extend those schemes to protect
the aviation sector against the threat of infiltration by serious and organised
criminal networks.[16]
5.22
The government agreed to this recommendation and undertook to 'review the
lists of security-relevant to assess whether any further offences are
required'.[17]
5.23
A further recommendation called for the harmonisation of the MSIC and
ASIC eligibility criteria. The government agreed to review the ASIC and MSIC
eligibility exclusion criteria to seek greater harmonisation, where
appropriate.[18]
National Ice Taskforce 2015
5.24
The 2015 final report of the National Ice Taskforce noted that ASIC and
MSIC background checks did not consider criminal intelligence. It argued that 'the
use of criminal intelligence in the background checking process for ASIC and
MSICs could help identify links to organised crime among workers'.[19]
The report recommended:
The Commonwealth Government should continue to protect the
aviation and maritime environments against organised crime by strengthening the
eligibility criteria for holders of Aviation Security Identification Cards and
Maritime Security Identification Cards; and establishing a legal mechanism to
enable compelling criminal intelligence to be used in determining suitability
of workers to hold such a card.[20]
Other reforms
5.25
According to the department, a range of improvements to the ASIC scheme
are underway. Stage one commenced on 1 November 2016 and stage two will
commence on 1 August 2017.[21]
5.26
A white, role-specific ASIC was introduced from 1 November 2016,
and is issued to individuals who require a valid background check, but not
access to airport secure areas (for example, an employee of an organisation
that issues ASICs and VICs).[22]
5.27
In addition, from 1 November 2016, issuing bodies have been required to
include greater procedural content in ASIC programs and MSIC plans, and a
background check is required of all applicants under 18 years of age. From 1
August 2017, applicants will need to be verified via face‑to‑face
meetings, and new categories of identification will be introduced.[23]
Transport Security Amendment (Serious or Organised Crime) Bill 2016
5.28
The ASIC scheme was introduced through national security aviation
legislation to protect the aviation workforce from infiltration by terrorist
organisations. It was not designed to specifically target criminality and
organised crime.[24]
However, the various reviews into the ASIC scheme, as detailed above, have also
argued for more stringent background and criminal checks.
5.29
Law enforcement agencies and others have argued that the purpose of the
ASIC scheme could be broadened to provide general crime prevention measures.[25]
For example, the IBPP was supportive of changes to the ASIC scheme to address a
range of criminal threats and vulnerabilities, and 'to enhance the ability of
the schemes to support broader law enforcement purposes, including for national
security purposes'.[26]
5.30
The Transport Security Amendment (Serious or Organised Crime) Bill 2016
(transport security bill) is currently before the Senate and seeks to address a
number of security concerns, and in particular responds to ASIC recommendations
made by the PJCLE in 2011. The Minister for Infrastructure and Transport, the
Hon Darren Chester MP, noted that the bill addressed the current lack in the
ASIC scheme of a check for criminal risk.[27]
5.31
The transport security bill seeks to harmonise the ASIC and MSIC
eligibility criteria, to streamline the application process and reduce waiting
times (thus addressing some concerns raised in the Wheeler Review). The bill introduces
a new 'tier' approach to the eligibility criteria to better target serious or
organised crime, such as:
-
offences under anti-criminal organisation legislation;
-
the illegal sale and possession of firearms and other weapons;
and
-
illegal importation of goods and interfering with goods under
Border Force control.[28]
5.32
The eligibility criteria will be broken into 5 tiers. Tier 1 contains
all 'disqualifying' offences, and anyone with such an offence will be
disqualified from obtaining an ASIC. Examples include terrorism, hijacking or
destroying an aircraft, and an offence related to involvement with a criminal
organisation or gang. Tiers 2 to 5 are 'adverse' offenses that:
contain offences that would result in a person being found to
have an adverse criminal record and unable to be issued with an ASIC/MSIC
following the initial application. These persons will be eligible to apply for
an ASIC/MSIC through the discretionary assessment.[29]
5.33
In effect, less serious offences will require 'a higher imprisonment
threshold to become an aviation or maritime‑security‑relevant
offence, while more serious offences will only require conviction'. Examples of
offences in these tiers include assault of a person on an aircraft, illegal
import of goods, bribery, corruption, blackmail, dealing with proceeds of
crime, and forgery or fraud.[30]
5.34
The committee noted the previous work of the legislation committee in
the 44th Parliament which examined the transport security bill, and
the concerns raised about the targeting of serious crime via transport security
legislation:
Transport security is a vital mission for government – but it
is a qualitatively different task from targeting organised crime in our
transport system...There is potential risk that widening the purpose of transport
security legislation will confuse the two missions of transport security and
targeting serious or organised crime in the transport system. Both these tasks
are important – the question is whether achievement of both is best done via
the mechanisms [in this bill].[31]
5.35
In responding to the legislation committee's report, the government
noted that the transport security bill does not affect the national security
assessment component of ASIO background checks. It also argued against a new
security regime, noting that:
extending the current ASIC and MSIC regimes is more efficient
and effective than developing a new and separate scheme to counter serious or
organised crime at our airports and ports.
The existing ASIC and MSIC schemes are well understood by
industry. Introducing a new scheme would likely impose additional costs and
lead to confusion and inadvertent non‑compliance.[32]
5.36
Given the evidence before it, the legislation committee supported the
introduction of a more rigorous background checking regime, and excluding
potential security risks from accessing important aviation infrastructure. The
legislation committee supported having harmonised eligibility criteria across
both security card schemes.
5.37
The amendments reflect the position reached by a number of previous
reviews into the ASIC scheme. A number of administrative concerns with the ASIC
scheme were not within the scope of the transport security bill.
Self-reporting concerns
5.38
Under the current Regulations, there are self‑reporting
obligations for ASIC card holders. An ASIC card holder, who is convicted of and
sentenced for an aviation‑security‑relevant offence, must report
this to the ASIC issuing body or the Secretary of the AGD, within seven days.
It is an offence not to do so. The issuing body or AusCheck will then complete
another background check. If the background check returns an adverse or
disqualifying result, the ASIC is cancelled and the card must be returned.[33]
5.39
The transport security bill makes no changes to this self-reporting
regime. Under the revised ASIC eligibility criteria it will continue to be an
offence for a card holder to not report a conviction and sentence to an issuing
body.[34]
5.40
ASIAL argued that the two‑year validity of cards, in conjunction
with the absence of an automatic notification system for convictions of
relevant offences, could compromise airport and aviation security. ASIAL suggested
the introduction of a constant monitoring program for criminal activity that would
identify aviation workers no longer suitable for work in secure areas of
airports.[35]
5.41
The PJCLE, in its 2011 report, recommended that AusCheck and CrimTrac
work together to establish mechanisms for continual assessment of a card
holder's criminal record. This would allow disqualification of an ASIC very
soon after a conviction, rather than waiting for the conviction to become
apparent during a two‑year renewal background check.[36]
5.42
In its response to the PJCLE report, the government noted the
recommendation and endeavoured to work with other agencies to 'explore options'
in this area. It noted, however, that 'there are a number of technical,
privacy, legislative and funding issues that need to be resolved to achieve
this outcome'.[37]
5.43
The department stated that it was not feasible to implement a continuous
background-checking system with automatic notifications, due to the limitations
of current technology and data-sharing between a range of federal and state
agencies. Ms Sachi Wimmer, OTS, explained:
At the moment it is not possible to [create a continuous
background checking system]. We are not responsible for it. It is actually the
Attorney‑General's Department that undertakes all the background checking
for us for the ASIC scheme, through their centralised background-checking unit,
AusCheck.
....there are significant challenges in developing a system,
even in this age of technology, that is a continuous background-checking
system, because it actually requires all of the police forces in Australia to
come together with the same system, the same processes.[38]
5.44
ASIO declined to comment on whether the lack of an automated system
could seriously compromise aviation security. However, it noted the
organisation would welcome an automatic notification system, should it be
possible:
...we would certainly welcome that. I have no idea about
systems development and how easy that is to do, but obviously we rely on information
flow coming through....Particularly for us, if it is of a national security concern—from
the AFP and in criminal matters—I am sure that the sooner we can get that, the
better.[39]
Shortcomings of the ASIC
5.45
The committee received some evidence that the ASIC scheme, while
strongly regulated in parts, was open to some abuse. For example, as part of
the Seven Network's 2014 investigations, an ex-employee claimed that after their
resignation, they were able to use their ASIC card to access secure airport
areas '50 times'.[40]
5.46
In relation to ASIC holders, Mr Allan Kessing argued that airport ground
staff issued with an ASIC were not subject to vigorous background checking. He
further noted that the 2003 report into aviation security at Sydney Airport
found that:
Twenty per cent of persons holding those identification cards
enabling access to the sterile areas were found to have criminal convictions,
and about half of those were serious convictions, including drug trafficking, assault
and other misdemeanours.[41]
5.47
Much to the concern of the committee, Mr Kessing went on to state that:
What was most worrying was the degree of identity fraud in
obtaining [ASIC] cards. There were a number of individuals who had cards in
multiple names. There were at least eight people who were unidentifiable by any
known database. They did not exist. They were not on the electoral roll. They
did not have drivers licences. They did not own cars.[42]
5.48
The Wheeler Review identified that some workers who were yet to receive
their initial ASIC card were not accompanied in airport secure areas by ASIC
card holders, as required by law. Workers without a valid ASIC included
cleaners and security screeners.[43]
5.49
Submissions to the 2014 ASRR argued that ASICs were a significant
regulatory burden with issues surrounding expense, renewal frequency, and
duplication with other forms of identification, particularly for pilots.[44]
5.50
Specifically, concerns were raised about ASICs in relation to:
-
disproportionate expenses for smaller operators;
-
the two-year renewal requirement being excessive and inflexible;
-
scepticism about the actual benefits received by pilots, owners
and operators; and
-
duplication with other valid forms of identification, such as
pilot licences.[45]
5.51
In its final report, the ASRR found that:
...submissions questioned the validity of the ASIC requirements,
in particular for operators at regional and remote airports where it was noted
that other security measures such as perimeter fencing and passenger screening
are sometimes minimal and the ASIC regime is seen by industry as
disproportionate to the level of localised risk. Submissions suggested that
ASICs create a significant impost without delivering a commensurate security
benefit.[46]
5.52
The ASRR made numerous recommendations, including amending the
Regulations so that background checks and the requirement to hold an ASIC card
would only be required for unescorted access to SRAs, not for general airside
access.[47]
Visitor Identification Cards
5.53
VICs are issued to individuals who are not required to have ASICs but have
a lawful reason to temporarily or infrequently enter the secure zones of a
security‑controlled airport.[48]
No background check is required to obtain a VIC.
5.54
Individuals issued with VICs are required to remain under the direct
supervision of an ASIC holder while in a secure area. Should they become
unsupervised for some reason, they must leave the secure area immediately.[49]
To obtain a VIC, proof of identity is required, as is a declaration that the
applicant has not been refused an ASIC, or had an ASIC cancelled or suspended
due to criminal activity.[50]
5.55
An individual can be issued with a VIC in order to access a secure area
across a particular security controlled airport for a maximum of 28 days within
a 12 month period. This is known as the '28 Day Rule'.[51]
However, there is a separate 28 day limit for each airport (the number of days
a VIC has been issued at one airport does not count towards the number of days
a VIC has been issued at a different airport). If the 28 days is reached, the
person must apply for an ASIC or be denied access.[52]
5.56
The obligations of VIC issuers are set out in the Regulations. VIC
issuers must ensure that VIC users are aware of their responsibilities,
including returning the VIC card when finished with it, leaving a secure area
if they are no longer supervised by an ASIC card holder, and complying with the
28 Day Rule.[53]
5.57
The committee understands that the VIC program underwent a number of
changes in 2011. These changes were examined by the department in a Post
Implementation Review (PIR) in 2014, which identified a number of administrative
areas where the VIC scheme could be improved.[54]
Background checking
5.58
While VIC holders do not require any background checking, since
1 November 2016 employees involved in issuing VICs must hold at least a
white ASIC card, to prove they have undertaken a background check.
Additionally, VIC holders must always be accompanied on airport grounds by a
valid ASIC card holder.
5.59
The OTS has argued that:
Visitor supervision requirements largely mitigates many of
the risks associated with allowing non‑background checked individuals
into secure areas....However, it became evident over time that in some cases VICs
were being used to avoid background checking requirements. In response, the
Department in cooperation with industry, undertook a policy development process
to identify and implement policies to significantly strengthen visitor management,
culminating in the enhancements to the Regulations.[55]
5.60
The committee acknowledged the changes requiring an ASIC holder to hold
a valid background check to issue VICs. However, the fact that an ASIC card
holder had a background check and can issue a VIC, does not change the fact
that the VIC holder may not be suitable to enter an airport secure area.
5.61
The committee considered that there is no realistic way in which to
police whether VIC holders are being accompanied by ASIC holders in real time,
across all of Australia's airports. Unless actively monitored at each airport,
this appears to be an area of high security risk.
5.62
An acknowledgement of this issue was made in the PIR, which stated, in
relation to smaller and more remote airports:
Some airports face the difficulties of adhering to VIC
requirements when the airport is manned by a limited number of staff. Various
airports have indicated that the current regulations make it difficult, if not
impossible, to supervise visitors and also conduct their operational duties
relating to incoming aircraft.
...the requirement to supervise visitors away from a core area,
has the potential to inadvertently decrease the security outcome at that
airport.[56]
5.63
The PIR provided examples of where VICs were not issued at smaller,
regional airports. Itinerant pilots arriving from non-security controlled
airports, and not holding an ASIC, could refuel and leave without obtaining a
VIC. Likewise, hobbyist pilots may bring guests to an airport without obtaining
VICs and without regard to the security regulations. The PIR undertook to
consider better options for visitor management at smaller and remote airports.[57]
28 Day Rule
5.64
The 2011 changes limited the 28 Day Rule to a 12 month period, for any
one airport. As noted in the PIR, this was to ensure that 'frequent or non‑genuine
visitors to secure areas of airports are background checked', and cannot avoid
ASIC requirements.[58]
5.65
The PIR found no instances of anyone trying to, or succeeding in,
obtaining a VIC for greater than the 28 day period. Industry stakeholders
argued that 28 days was an appropriate time for a person to be engaged with an
airport before having to apply for an ASIC. The PIR analysis also found that
the introduction of the 28 Day Rule 'resulted in a reported reduction of non‑background
checked people working or accessing secure areas of airports'.[59]
5.66
The committee was concerned to hear that the 28 Day Rule could still be
open to manipulation, either accidently or intentionally. The PIR argued the
greatest risk to breaches of the rule was from software data entry errors:
Such errors include incorrect names, spelling or use of
different identification when applying, this potentially leads to a person
being recorded in a VIC register as multiple individuals and the 28 day rule
being inadvertently or even intentionally breached.[60]
5.67
The committee also noted that as the 28 Day Rule can apply at different
airports, in theory a VIC applicant could indeed be a 'frequent' airport
visitor. In this way, a VIC user with an adverse background could
circumnavigate the requirement for an ASIC by exploiting the 28 Day Rule.
VICs and contractors
5.68
In relation to screening officers, the department confirmed to the
committee that these officers were to hold and display a valid ASIC at all
times. Screening officers in training, who had applied but were waiting for an
ASIC, could use a VIC, provided they were 'not making independent screening
decisions, and [were] constantly supervised by a qualified screening officer'.[61]
5.69
However, evidence received by United Voice indicated that in some cases
subcontractors were being continuously issued with VICs in place of an ASIC, or
using expired VICs. It argued that the use of VICs in place of ASICs could
constitute a significant security risk, given that some companies appeared to
rely on VICs for a significant proportion of their employees, and to avoid ASIC
processing times.[62]
5.70
The PIR noted instances where a discretionary ASIC applicant was found
to be working under a VIC, despite being refused an ASIC. The employer had no
knowledge that the initial ASIC had been refused.[63]
5.71
Additionally, evidence to the PJCLE indicated that the high turnover of
security guards meant that up to 25 per cent operated using the less-stringent
VIC rather than a full background-checked ASIC.[64]
5.72
Amendments to the ASIC and VIC schemes since 2011 have gone some way to
address these issues. Under questioning from the committee, the department
noted that law enforcement, including police, AFP and Customs have authority to
monitor VIC cards for compliance. The committee noted evidence it had received
that expired VIC cards were in use, with the department responding:
The challenge is that, until we actually see that they are
doing something wrong, we cannot act. We do not have officers at the airports
all the time. So it is a matter of when we are there as to whether we are
actually picking up those breaches that they may be committing.[65]
5.73
The department noted it was the responsibility of industry stakeholders
to ensure that the relevant screening officers and other employees used VICs
appropriately, and complied with the regulations.[66]
However, the department undertook a compliance program, consisting of annual
audits, inspections and system testing.[67]
5.74
Despite the 2011 enhancements and the PIR, the committee was concerned
by evidence regarding the alleged improper use of VICs by airport security
workers. The committee remains particularly concerned that VIC holders do not
require any background checking, and that this still makes the VIC scheme open
to exploitation.
5.75
In addition, amendments to the VIC scheme were noted to have a
disproportionate effect on regional and rural airports. The PIR found that
despite efforts to 'tailor' arrangements for smaller airports, the VIC changes
increased regulatory requirements at regional airports, and restricted 'the
management operations of the airport due to staffing levels'. The PIR went on
to state that:
maintaining the current arrangements at smaller/regional
airports would continue to restrict their ability to apply more appropriate,
tailored security measures which can have a similar security benefit but reduce
the cost burden on industry.[68]
Committee view and recommendations
Shortcomings of the Aviation
Security Identification Card
5.76
The committee notes that the ASIC scheme has undergone constant review
and alteration, particular in recent years and within the heightened security
environment. While the committee is supportive of strong and effective security
screening and processes, it acknowledges concerns regarding the impact of
constant review and change to the ASIC regime.
5.77
Ongoing change makes it difficult for regulators, issuers, card holders
and airports to understand and apply the most current version of the
regulations and the most stringent security parameters. Constant change also
leads to confusion and therefore increases the scope for people to
circumnavigate the ever‑changing rules.
5.78
It appears to the committee that the number of ASIC issuing bodies has
decreased from 188 at the time of the Wheeler Review to 44 currently. However,
the Wheeler Review noted these bodies were not linked or consistent, and,
despite recommendations for a single, centralised, government‑run issuing
body, there are still various issuing bodies.[69]
5.79
Given the importance of the ASIC, and the increased requirements for
background checking proposed under the transport security bill, the committee
urges the Australian Government to consider the feasibility of establishing a
centralised issuing authority. Such an approach would likely lead to improved
security outcomes.
Recommendation 5
5.80
The committee recommends that the Australian Government review the
feasibility of establishing a centralised issuing authority for Aviation
Security Identification Cards.
Self-reporting
5.81
The committee upholds the view that the current self-reporting
arrangement for ASIC holders convicted of an offence is not satisfactory, and
raises significant security risks. This self‑reporting system is not
amended by the transport security bill, despite providing an opportunity to
start addressing this issue.
5.82
Given this, the committee recommends that the Australian Government work
with federal bodies and state stakeholders to investigate the possibility of a
national integrated notification system for the sector. This would go some way
to closing potential vulnerabilities in the current ASIC provisions.
Recommendation 6
5.83
The committee recommends that the Australian Government consider the
development of a national automatic notification system for
aviation-security-relevant offence convictions of Aviation Security
Identification Cards holders.
Alleged misuse of Visitor
Identification Cards
5.84
The committee was concerned by evidence regarding alleged incidences of
inappropriate VIC usage. The committee heard allegations that the current
system may allow some misuse of VICs by unscrupulous security service providers,
and by users who wish to avoid background checks.
5.85
The committee sees the lack of a background check for VIC holders as a
considerable risk to aviation security. The committee appreciates that in some
instances, a VIC may only be required for a very short period of time, and a
background check is not realistic. This short timeframe does not, however,
reduce the risk should someone be inclined to nefarious activity.
5.86
The fact there is a separate 28 day VIC limit for each airport, and no
background check required for a card holder, appears to the committee to be an
area of substantial risk. Additionally, the heightened level of offences under
the ASIC/MSIC scheme to address serious and organised crime, proposed under the
transport security bill, will not apply to someone casually entering secure
airport areas under a VIC.
5.87
The committee is also concerned by evidence which revealed that the legal
requirement to ensure that all VIC users are accompanied by an ASIC card holder
at all times was not being adhered to. This presents a clear security risk,
particularly in light of the fact that VIC holders are not background checked.
Recommendation 7
5.88
The committee recommends that the Department of Infrastructure
and Regional Development update the committee early in 2018, on progress and
outcomes, following implementation of Stage Two of the Visitor Identification
Card enhancements.
Recommendation 8
5.89
The committee recommends the Australian Government consider mechanisms,
including legislative amendment, to strengthen the Visitor Identification Card
process, incorporating appropriate background checking where appropriate.
Navigation: Previous Page | Contents | Next Page