2.V.7. Third-party service providers

The applicant may also maintain contractual business relationships with other parties, including cleaners, catering service providers, software providers, third-party security companies, and short-term contractors. For the purposes of the AEO, these parties are referred to as "service providers."

Article 28(1)(f) of the CAU AE requires that the applicant has established "appropriate security procedures for contracted external service providers."

Although third-party service providers do not play a direct role in the international supply chain, they can have a fundamental impact on the applicant's customs and security systems. Therefore, with regard to security and protection, the applicant must implement appropriate measures for these other parties, as it would for its business partners.

If the service provider meets any of the AEO's protection and security conditions on behalf of an applicant for AEO status, these conditions must be verified as part of the audit. A typical example is the access control condition when the applicant has hired a security company to handle their obligations in that area. The access control condition must be verified by assessing how the service provider fulfills it on behalf of the AEO. Although it may outsource these activities to a third party, the AEO itself, given that the service providers are acting on its behalf, remains responsible for compliance with the AEO criteria and ensuring that the service providers meet the relevant requirements.