49 CFR 1540.203 – Security threat assessment
(a) Each operator subject to this subpart must ensure that each of the following undergoes a security threat assessment or a comparable security threat assessment described in § 1540.205:
(1) Cargo personnel in the United States, as described in § 1544.228.
(2) Cargo personnel in the United States, as described in § 1546.213.
(3) Individuals with unescorted access to cargo, as described in § 1548.15.
(4) Proprietors, general partners, officers, directors, and owners of an indirect air carrier, as described in § 1548.16.
(5) Personnel of certified cargo screening facilities, as described in § 1549.111.
(b) Each operator must verify the identity and work authorization of each applicant and examine the document(s) presented by the applicant to prove identity and work authorization to determine whether they appear to be genuine and relate to the applicant presenting them.
(c) Each operator must submit to TSA a security threat assessment application for each applicant that is dated and signed by the applicant and that includes the following:
(1) Legal name, including first, middle, and last; any applicable suffix; and any other names used previously.
(2) Current mailing address, including residential address if it differs from the current mailing address; all other residential addresses for the previous five years; and e-mail address if the applicant has an e-mail address.
(3) Date and place of birth.
(4) Social security number (submission is voluntary, although failure to provide it may delay or prevent completion of the threat assessment).
(5) Gender.
(6) Country of citizenship.
(7) If the applicant is a U.S. citizen born abroad or a naturalized U.S. citizen, their U.S. passport number; or the 10-digit document number from the applicant’s Certificate of Birth Abroad, Form DS-1350.
(8) If the applicant is not a U.S. citizen, the applicant’s Alien Registration Number.
(9) The applicant’s daytime telephone number.
(10) The applicant’s current employer(s), and the address and telephone number of the employer(s).
(11) A Privacy Notice as required in the security program and the following statement:
The information I have provided on this application is true, complete, and correct to the best of my knowledge and belief and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact, on this application can be punished by fine or imprisonment or both (see section 1001 of Title 18 United States Code), and may be grounds for denial of authorization or in the case of parties regulated under this section, removal of authorization to operate under this chapter, if applicable.
I acknowledge that if I do not successfully complete the security threat assessment, the Transportation Security Administration may notify my employer. If TSA or other law enforcement agency becomes aware that I may pose an imminent threat to an operator or facility, TSA may provide limited information necessary to reduce the risk of injury or damage to the operator or facility.
(d) Each operator must retain the following for 180 days following the end of the applicant’s service to the operator:
(1) The applicant’s signed security threat assessment application.
(2) Copies of the applicant’s document(s) used to verify identity and work authorization.
(3) Any notifications or documents sent to or received from TSA relating to the applicant’s application and security threat assessment.
(4) As applicable, a copy of the applicant’s credential evidencing completion of a threat assessment deemed comparable under paragraph (f) of this section.
(e) Records under this section may include electronic documents with electronic signature or other means of personal authentication, where accepted by TSA.
(f) TSA may determine that a security threat assessment conducted by another governmental agency is comparable to a security threat assessment conducted under this subpart. Individuals who have successfully completed a comparable security threat assessment are not required to undergo the security threat assessments described in this subpart. If TSA makes a comparability determination under this section, TSA will so notify the public. In making a comparability determination, TSA will consider—
(i) The minimum standards used for the security threat assessment;
(ii) The frequency of the security threat assessment;
(iii) The date of the most recent threat assessment; and
(iv) Other factors TSA deems appropriate.
(g) To apply for a comparability determination, the agency seeking the determination must contact the Assistant Program Manager, Attn: Federal Agency Comparability Check, Hazmat Threat Assessment Program, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6019.
(h) TSA has determined that each of the following are comparable to the security threat assessment required in this subpart:
(1) A CHRC conducted in accordance with §§ 1542.209, 1544.229, or 1544.230 that includes a name-based check conducted by TSA.
(2) A security threat assessment conducted under 49 CFR part 1572 for the Transportation Worker Identification Credential or Hazardous Materials Endorsement programs.
(3) A security threat assessment conducted for the Free and Secure Trade (FAST) program administered by U.S. Customs and Border Protection.
(i) If asserting completion of a comparable threat assessment listed in paragraph (h) of this section, an individual must—
(1) Present the credential that corresponds to successful completion of the comparable assessment to the operator so the operator may retain a copy of it; and
(2) Notify the operator when the credential that corresponds to successful completion of the comparable assessment expires or is revoked for any reason.
(j) A security threat assessment conducted under this subpart remains valid for five years from the date that TSA issues a Determination of No Security Threat or a Final Determination of Threat Assessment, except—
(1) If the applicant is no longer authorized to be in the United States, the security threat assessment and the privileges it conveys expire on the date lawful presence expires; or
(2) If the applicant asserts completion of a comparable threat assessment, it expires five years from the date of issuance of the credential that corresponds to the comparable assessment, or the date on which the credential is revoked for any reason.