The Comptroller and Auditor General of India (CAG) has released a comprehensive report on the IT audit of the Indian Customs Electronic Data Interchange System (ICES). The report, numbered 14 of 2023, covers the audit conducted on the Union Government’s Department of Revenue-Indirect Tax-Customs and the Director General of Foreign Trade under the Ministry of Commerce and Industry. Spanning the period from 2015-16 to 2019-2020, the report provides insights into the functioning, interfaces, and governance of the ICES system.
The report delves into the IT audit of the ICES, a significant system for processing import and export documents. The audit focused on various aspects, including functionalities, interfaces with other IT applications, IT governance, and management issues. The report identifies multiple areas of concern, such as lack of validation controls leading to issues like incorrect levying of late fees, short/excess levy of duty, and non-alignment of data in different modules. The report also highlights challenges in automation, closure processes, refund mechanisms, and the integration of ICES with other applications like banks, RBI, and SEZ Online.
The audit findings underscore the importance of timely updates, validation checks, and adherence to protocols in ensuring the efficiency and accuracy of ICES operations. Recommendations span various aspects, such as enhancing validation controls, ensuring accurate reflection of duty rates, operationalizing risk-based selection processes, and expediting the development of integration protocols.
The CAG’s report on the IT audit of the Indian Customs Electronic Data Interchange System (ICES) provides a detailed assessment of the system’s functioning, interfaces, and governance. By highlighting crucial findings and offering recommendations, the report emphasizes the need for continuous improvement in the system to enhance its accuracy, efficiency, and compliance with regulations. The insights presented in the report serve as a valuable guide for authorities responsible for the ICES system’s maintenance and development, aiming to enhance its performance and contribution to the effective management of customs processes.
*****
PRESS RELEASE
OFFICE OF THE COMPTROLLER AND AUDITOR GENERAL OF INDIA
NEW DELHI
08th AUGUST, 2023
The IT Audit of Indian Customs Electronic Data Interchange System (ICES) 1.5-Report No. 14 of 2023 of the Comptroller and Auditor General of India on Union Government (Department of Revenue-Indirect Tax-Customs) and Director General of Foreign Trade under the Ministry of Commerce and Industry covering the period 20 15-16 to 20 19-2020 was presented in the Parliament here today.
The audit scope intended to examine the functionalities of import and export modules, interface with other IT applications viz. DGFT, SEZ, Bank, RBI etc. and IT Governance issues such as – Organisation and management, IT governance and management, and effectiveness of Change Management. For the examination of functionalities, the audit focus was more on major changes/new functionalities added in the ICES application during 2015 to 2020.
This report is divided into four chapters. Chapter 1 present an overview of Indian Customs EDI System (ICES) and indicates the audit objectives, scope, sample, audit criteria and audit methodology used for conduct of this ‘IT Audit of ICES 1.5’. Chapters 2, 3 and 4 cover the audit findings, conclusions and recommendations pertaining to this IT Audit. This report contains 24 audit observations, including sub-paragraphs, and 16 recommendations. Responses were received for 20 observations, out of which 15 have been fully/partially accepted and five have not been accepted. No response was received in respect of four audit observations.
The following are the important findings in the report:
Audit noticed that:
Core Indian Customs EDI Systems
a) Lack of certain validation controls in ICES Import module resulted in (i) Late fee wrongly levied, collected and waived off, (ii) Short/excess levy of duty under Notification 46/2011- Customs, (iii) Working of Risk Management System for Import, (iv) Lack of control in ICES regarding levy of duty in the case of BE filed prior to date of entry inwards and (v) Country of Origin not identical at BE level and Item level,
b) Lack of validation in ICES Export module caused (i) Non – alignment of DBK Serial number with RITC (Export validation) (ii) Acceptance of negative FOB value of exported goods,
c) Partial automation of Shipping Bills and drawback claims under Section 74 of the Customs Act 1962,
d) Delay in implementation of Post Clearance Audit for RMS Export module,
e) Non-Automation of closure of IGM,
f) Non-automation of Refund process,
g) Non- auto reversal of duty in case of double payment,
h) Responses on the status of the implementation of the recommendations of the Time Release Study (TRS) Committee Report 2022 were awaited.
Interfaces with other applications
The Interfaces of ICES with other stake holders IT applications is not fully implemented to address their requirements with regard to Linking of ICES with Banks, Sharing of RBI Export Outstanding Statement (XOS) data/ Caution list with ICES and Integration of SEZ Online with Customs ICES.
IT Governance and Management
Audit noticed gaps in the governance and management of the ICES application especially:
(i) updation of Software Requirements Specification (SRS) and Software Design Document (SDD),
(ii) Non-updation of User Manuals,
(iii) Directory Change Management,
(iv) Structural Change Management and
(v) Help desk and end-user support system.
Recommendations:
1. The Ministry should ensure that necessary validation checks in ICES regarding levying, collection and wavier of late fees are implemented, duly mapped and functioning It may also be ensured that in case of wavier of late fees, the reasons are also recorded.
(Paragraph 2.2.1)
2. The Ministry should ensure necessary validation checks in ICES so that Customs duty rates are correctly reflected based on Country codes read with exemption notifications, and not solely based on self-declaration.
(Paragraph 2.2.2)
3. The Ministry should ensure proper validation in ICES that in cases wherein a Bill of Entry is taken up for examination by the Risk Management System, the field relating to examination report should not be null.
(Paragraph 2.2.3)
4. The Ministry should ensure that the notifications are updated in a timely manner and invariably before the effective date. The delay in updation by DMS sites should be viewed seriously and necessary action taken in cases of delay. DMS sites must comply with the existing SOP and this should be verified and ensured by DG (System).
(Paragraph 2.2.4)
5. The Ministry should ensure necessary validation in ICES export module so that the FOB value after deducting insurance and freight is not negative.
(Paragraph 2.3.2)
6. RMS for exports for selection of Shipping Bills for Post Clearance Audit (PCA) should be made operational at the earliest for increased transparency and targeting using a risk based approach.
(Paragraph 2.5)
7. The module for daily updating of exchange rate may be made operational at the earliest.
(Paragraph 2.6)
8. The Ministry may take necessary steps so that the IGMs filed in ICES are closed electronically and all goods are duly accounted for. Efforts may also be made to manually close all the open IGMs. Ministry should also decide and prescribe a time limit for the closure of IGMs as undue delay/non-reconciliation is fraught with the risk of revenue
(Paragraph 2.7)
9. The Ministry may consider having online workflow for capturing and processing refunds on the lines of the GSTN System so that the Department is able to electronically keep track of BEs against which refund has been applied for. This would make the monitoring of refund cases more efficient, effective and transparent.
(Paragraph 2.8)
10. Ministry may expedite the development of APIs for sharing of challans/warehouse details between ICES and ICEGATE in a time bound manner.
(Paragraph 3.2)
11. Ministry may explore mapping/cross-verifying of RBI XOS data with caution list maintained by CBIC for identifying default cases for effective monitoring of export proceeds realisation.
(Paragraph 3.3)
12. Ministry should integrate SEZ Online with ICES at the earliest for better monitoring of SEZ operations (both EXIM and DTA transactions) and for ease of doing business in
(Paragraph 3.4)
13. In addition to immediate updating of SRS and SDD, the Ministry should also ensure that SRS and SDD is kept up to date at regular intervals to factor all the important changes made in the application.
(Paragraph 4.1.1)
14. The updating of user manuals consistent with changes should be regularly carried out in a time bound manner to avoid accumulation of requirements.
(Paragraph 4.1.2)
15. Ministry must ensure that protocols are properly and completely followed at the time of sign off of any change management. They must ensure that all changes including testing and approval of such changes are properly documented.
(Paragraph 4.2.2)
16.Ministry may prescribe:
(a) Time limits for resolving or escalating the complaints,
(b) Average time, for resolution with useful/suitable details of tickets which take unduly long time be captured and monitored.
(Paragraph 4.3)
******
Report of the Comptroller and Auditor General of India
IT Audit of Indian Customs Electronic Data Interchange System (ICES)
Union Government
Department of Revenue-Indirect Taxes (Customs)
No. 14 of 2023
EXECUTIVE SUMMARY
About the IT Audit
The Customs Computerization project was started in 1992, at a number of Customs Houses throughout the country with the assistance of National Informatics Centre (NIC), a Government of India entity, when after a detailed study, the requirement of Electronic Data Interchange (EDI) was felt. The pilot project was launched in the year 1994-95 at Delhi Customs House which included EDI as a key element for connecting all the players involved in international trade with Customs House electronically. After the successful implementation at Delhi Customs House, the Customs Department decided to extend the service to other Customs Houses in a phased manner since
1997-98.
ICES was developed as the core Information & Communication Technology system through which import and export documents viz. Bills of Entry (BsE), Shipping Bills (SBs), Import General Manifests (IGMs) and Export General Manifests (EGMs) were to be processed. It receives and processes all incoming messages and generates all outgoing messages automatically at the appropriate stage of the clearance process.
ICES has been developed with the help of NIC since its inception and it is also responsible for its maintenance. The Directorate General of Systems and Data Management (DG Systems) at New Delhi has been entrusted with the implementation of ICES. Initially, ICES 1.0 application was developed and implemented in distributed environment (separate servers at various locations). During 2009-10, ICES 1.0 application was migrated from a host based architecture to a three tier architecture. This version is referred to as ICES 1.5 and is deployed in the current centralised architecture under the database consolidation of Central Board of Indirect Taxes and Customs (CBIC).
Accordingly, Customs ICT systems and the ICES application have been modified from time to time in accordance with the operational requirements of Department and changes in the Customs Act and allied Acts, Rules and Regulations. Although the core ICES application has been migrated from decentralised to centralised environment from the year 2009-10, subsequently, there were several changes in the underlying ICT infrastructure, work flow, data transfer and storage, security, etc. The IT Audit of ICES 1.5 application was conducted during December 2020 to May 2022 covering the period 2015-16 to 2019-2020. The audit scope intended to examine the functionalities of import and export modules, interface with other IT applications viz. DGFT, SEZ, Bank, RBI etc. and IT Governance issues such as – Organisation and management, IT governance and management, and effectiveness of Change Management.
For the examination of functionalities, the audit focus was more on major changes/new functionalities added in the ICES application during 2015 to 2020.
Action taken on the previous audit findings reported in the CAG’s Report on ICES 1.5 (No. 11 of 2014) was re-examined in this audit and it was noticed that the Department had taken remedial action to address many of the earlier audit observations/recommendations. Audit also noticed that some of the previous audit findings/recommendations had lost their relevance and thus rendered redundant due to change in the Customs Act and allied Acts, Rules and Regulations.
(i) Audit reviewed the Customs EDI System for the first time in the year 2000-01 (Report No. 10 of 2002-Customs). The review was focused on procurement and software development.
(ii) ICES 1.0 was again reviewed in the year 2008 (PA Report No. 24 of 2009-10 Customs), primarily to verify whether it had mapped the processes & provisions of the Customs Act and allied rules & regulations effectively.
(iii) ICES 1.5, an upgraded version of the original ICES 1.0 was rolled out in a phased manner across various Customs locations from June 2009. The audit of the upgraded version i.e., ICES 1.5 was done in 2013 and its finding reported in CAG’s Report No.11 of 2014 (Performance Audit).
The previous audits pointed out some systemic issues and issues involving deficiencies in designing various business rules in the system, as per the rules/Acts in force at that time.
The details of previous audit findings with the action taken/current status are given in Annexure I.
Structure of the Report
This report is divided into four chapters. Chapter 1 present an overview of Indian Customs EDI System (ICES) and indicates the audit objectives, scope, sample, audit criteria and audit methodology used for conduct of this ‘IT Audit of ICES 1.5’. Chapters 2, 3 and 4 cover the audit findings, conclusions and recommendations pertaining to this IT Audit. This report contains 24 audit observations, including sub-paragraphs, and 16 recommendations. Responses were received for 20 observations, out of which 15 have been Report No. 14 of 2023 – Union Government (Indirect Taxes – Customs) fully/partially accepted and five have not been accepted. No response was
received in respect of four audit observations.
Summary of Audit Findings
Chapter 2: Core ICES
Audit noticed that:
(a) Lack of certain validation controls in ICES Import module resulted in (i) Late fee wrongly levied, collected and waived off, (ii) Short/excess levy of duty under Notification 46/2011-Customs, (iii) Working of Risk Management System for Import, (iv) Lack of control in ICES regarding levy of duty in the case of BE filed prior to date of entry inwards and (v) Country of Origin not identical at BE level and Item level,
(b) Lack of validation in ICES Export module caused (i) Non – alignment of DBK Serial number with RITC (Export validation) (ii) Acceptance of negative FOB value of exported goods,
(c) Partial automation of Shipping Bills and drawback claims under Section 74 of the Customs Act 1962,
(d) Delay in implementation of Post Clearance Audit for RMS Export module,
(e) Non-Automation of closure of IGM,
(f) Non-automation of Refund process,
(g) Non- auto reversal of duty in case of double payment,
(h) Responses on the status of the implementation of the recommendations of the Time Release Study (TRS) Committee Report 2022 were awaited.
Chapter 3: Interfaces with other applications
The Interfaces of ICES with other stake holders IT applications is not fully implemented to address their requirements with regard to Linking of ICES with Banks, Sharing of RBI Export Outstanding Statement (XOS) data/ Caution list with ICES and Integration of SEZ Online with Customs ICES.
Chapter 4: IT Governance and Management
Audit noticed gaps in the governance and management of the ICES application especially (i) updation of Software Requirements Specification (SRS) and Software Design Document (SDD), (ii) Non-updation of User Manuals, (iii) Directory Change Management, (iv) Structural Change Management and (v) Help desk and end-user support system.
