This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Technical Notices
Panama Flag | Circular MMC-359 Instructions and Procedure for the implementation and certification of the ISPS Code.
Starting from April 1st, 2018 all the Companies Operators and Recognized Security Organizations shall follow present PMA circular.
For your easy reference we have included below the main points of the circular, however in any case reference should be made to the original circular itself.
RESPONSIBILITY OF THE COMPANY OPERATOR
Company Security Officer (CSO) has already the Declaration of the CSO duly endorsed by the Panama Maritime Authority
For ships to enter the Panamanian registry as of January 1st, 2018, they must schedule the first SSAS TEST through the use of the new platform, which must be verified by their RSO during the initial verification and from that date onwards, every 12 months the CSO should program the next SSAS test.
If for a special circumstance the ISPS verification cannot be completed within the window established in the ISPS Code Part A/19.1.1, the company operator must request an ISPS authorization issued by this Administration to postpone the ISPS verification prior to the expiration of the interim ISSC or prior to the expiration of due date of intermediate or renewal verifications window.
Every Company shall develop, implement, and maintain a functional SSP aboard its ships that is compliant with SOLAS Chapter XI-2 and the ISPS Code.
The company operator must apply for the Full Term ISSC, after completed the initial or renewal verification, and submit all the requirements of the MMC-205, prior to expiration of the ISSC interim or short term ISSC.
RESPONSIBILITIES OF THE COMPANY SECURITY OFFICER (CSO)
The Company Security Officer (CSO) is the direct contact point between the company and this Administration in cases of matters related to the ISPS Code.
The name of the Company Security Officer (CSO) and contact details shall be identified in the Ship Security Plan (SSP).
Apply for the Declaration of Company Security Officer (CSO) duly endorsed by the Panama Maritime Authority, prior any RSO verification.
Coordinate timely initial, Intermediate and Renewal verifications.
RESPONSIBILITIES OF THE RECOGNIZED SECURITY ORGANIZATIONS (RSOs)
The recidivism of overdue certificates or overdue verification audit windows will be considered mal practice by the RSO, if not notified in a timely manner.
All Recognized Security Organizations (RSOs) must verify:
- Verify that the CSO has the Declaration of Company Security Officer duly endorsed by PMA, and the auditor shall indicate the full name of the CSO in the Audit Report, prior to issue or endorsement of any certificate.
- Verify that the ship has a Continuous Synopsis Record (CSR) updated, prior to complete the ISPS verification and the auditor must indicate the number and date of issuance of the Continuous Synopsis Record (CSR) in the Audit Report. In case there is no CSR on board, the auditor must raise an observation in order for the company operator to request the CSR, according to the (MMC-183).
- The RSO who carried out the interim verification must verify during the initial verification that the SSAS system is working properly, and shall performing a real TEST and sending it to threat@amp.gob.pa, and the Maritime Ships Security Department will confirm the reception of the same in the date scheduled in the Electronic Platform, according to the instruction of the (MMC-133) and from that date onwards, every 12 months the CSO should program the next SSAS test.
- The Ship Security Plan must be approved before carrying out the initial verification. This Administration does not specify minimum implementation period, however, the company shall insure that the security measures included in the (SSP) have been in place on the ship a sufficient period of time for the Ship Security Officer to develop sufficient evidence documenting implementation before the verification audit is carried out.
- When the companies’ operator decides to change their Recognized Security Organization (RSO), the new RSO must inform immediately the Administration at the following email address: isps@amp.gob.pa, prior to re-initiate the ISPS process and issue the interim ISSC or endorse the Full Term ISSC.
- The RSO which carried out the intermediate verification must submit as soon as possible and no later than 30 days from the date of the audit report, a copy of the ISSC duly endorsed at the following email: isps@amp.gob.pa
- When an interim ISSC is suspended or withdrawn by the Recognized Security Organization (RSO) it must inform the Administration at the following email address: isps@amp.gob.pa, and the RSO must indicate the reasons why the certificate was invalidated, in order for this Administration to update the information in our system.
- For invalidation of the Full Term ISSC, the Recognized Security Organization (RSO) must send us a notification of invalidation at the following email address: isps@amp.gob.pa, in order for the Panama Maritime Authority to proceed to cancel the Full Term ISSC in our system.
RESTRICTIONS OF THE RECOGNIZED SECURITY ORGANIZATION (RSOs)
All Recognized Security Organization (RSO) acting on behalf of the Panama Maritime Administration should not by any circumstance:
- Set the applicable security level
- Issue a consecutive interim ISSC
- Issue a short term certificate after carried out the initial verification
- Issue the Full Term ISSC
- Issue the Interim ISSC if any ISPS deficiency was found during the ISPS verification and compromises the ship´s ability to operate at security levels 1, 2 or 3.
THE ISPS AUDIT REPORT AT LEAST SHOULD TO CONTAIN THE FOLLOWING INFORMATION
The report should include at least the following information:
- Place and date the verification
- Identification of the audit team
- Type of verification (interim/initial/intermediate/renewal/ additional)
- Audit plan
- Company security officer (CSO) name
- Identification of SSO
- Number and date of issuance of the CSR
- Any observations and possible required action
- Recommendations
- Conclusion
The INSB Form 1215225 SEC5 “Shipboard Security Audit Log” Rev.03 covers all the above requested inputs.
Interim verification
The RSO must verify during the interim verification the following items:
- The Company Security Officer (CSO) has already the Declaration of company security officer duly endorsement by the PMA, according to the (MMC-206).
- The name of the Company Security Officer (CSO) must be identified in the ISPS Audit Report.
- Verify if the vessel has a Continuous Synopsis Record (CSR) updated on board.
In case the company operator decides to change RSO during the validity of the ISSC interim, the ISPS process must re-initiate again with the interim verification and the new RSO which will carry out the interim verification, should have previous authorization of the Administration and must carry out the Initial verification during the validity of the interim ISSC.
Initial Verification
The Administration does not authorize the issuance of a SHORT TERM CERTIFICATE or a consecutive interim ISSC after having carried out the Initial Verification.
A Full term ISSC will NOT be issued when:
- When the SSP has not been approved before to carry out the Initial Verification
- When the technical equipment specified in the SSP is not 100% operative
- When there is sufficient objective evidence found through the verification audit that the ship is not operating in accordance with the provisions of the approved SSP
- If the Company Security Officer (CSO) designated by the company, does not have already the Declaration of company security officer duly endorsed by the Panama Maritime Authority.
- If the name of the Company Security Officer was not identified in the ISPS audit Report 6. If the interim ISSC or Short Term has not been identified with the correct nomenclature
- When the ship does not comply with all the Requirements of the MMC-205
Intermediate verification
In case a Ship-owner or Company Operator decides not to use the RSO that carried out its initial verification (for the purpose of getting in intermediate verification), it will be necessary that the new Recognized Security Organization (RSO) contacts the Administration and request an authorization to carry out the intermediate verification with scope of an initial verification.
The RSO carrying out the intermediate verification must submit as soon as possible but no later than 30 days from date of verification to the Maritime Security Department the following documents at: isps@amp.gob.pa
- Copy of the Full Term ISSC duly endorsed in the corresponding space.
- Audit Report
Renewal verification
- Short Term ISSC: A certificate issued after renewal verification audit. This certificate must be identified with the nomenclature “Short Term” when applies and the validity should not exceed more than five (5) months.
- The renewal verification audits shall take place at intervals not exceeding five (5) years, if the renewal verification is completed within three months before the expiry date of the existing certificate, the new certificate shall be valid from the date of completion of the renewal verification to a date not exceeding five years from the date of expiry of the existing certificate.
- When the renewal verification is completed after the expiry date of the existing certificate three months audit is carried out later than the three (3) months prior to the expiry date, the new certificate shall be issued from the completion date of the renewal verification audit.
- When the renewal verification is completed more than three months before the expiry date of the existing certificate, the new certificate shall be valid from the of completion of the renewal verification to date not exceeding five years from the date of completion of the renewal verification.
- This Administration authorizes only the issuance of a Short Term ISSC after carried out the Renewal Verification and the company operator must apply for the Full Term ISSC, before the expiration of the Short Term ISSC.
NON-CONFORMITIES AND ADDITIONAL VERIFICATIONS
An ISSC will not be issued if there are any ISPS Code deficiencies. Deficiencies identified during the verification audit shall be documented and reported to the CSO and to the Maritime Ship Security Department at isps@amp.gob.pa
Any failure of security equipment or systems, or suspension of a security measure that does compromise the ship’s ability to operate at security levels 1 to 3 shall be reported without delay to the Maritime Ship Security Department with details of the equivalent alternative security measures the ship is applying until the failure or suspension is rectified together with an action plan specifying the timing of any repair or replacement.
The Additional verifications shall be conducted with previous authorization of the Administration in the following cases, and it must be requested at the following email isps@amp.gob.pa
- PSC detention
- Flag State detention
- Security Incident (Stowaways)
- When substantial modifications have been made to the Shipboard SMS or SSP.
- To verify effective corrective actions were taken regarding any major nonconformity.
- When the Administration considers it necessary to request an additional audit in view of the nature of any Non-conformity regarding of the SSP.
For the following cases, the Recognized Security Organization (RSO) may carry out the following verification:
- For Change of tonnage (verification on board or documentary verification)
- For Change of vessel name (verification on board or documentary verification)
PROCEDURES TO POSTPONE ISPS VERIFICATION AUDIT
If for a special circumstance the ISPS verification cannot be completed within the windows as indicated in the ISPS Code Part A/19.1.1, the Company Operator may request a Flag authorization to postpone the ISPS verification prior to the expiration of the interim ISSC or prior to the expiration of due date of the intermediate or renewal verifications window.
The following documents shall be submitted at isps@amp.gob.pa, in order to evaluate the ISPS request and proceed with the issuance of ISPS authorization.
- Email or letter issued by the RSO indicating the reason for not having carried out the verification and stating the exact date and place where the ISPS Verification will take place.
- Interim ISSC only if the extension requested is due to the initial verification.
- ISSC Full term if the extension requested is due to the intermediate or renewal verification.
This authorization will be granted for a period no longer than 3 months, and during the period requested the Recognized Security Organization (RSO) must carry out the ISPS verification.
If the extension was granted to postpone the initial verification, the Company Operator must apply immediately for the Full term ISSC, prior to the expiration of the ISPS authorization granted through the online platform in the website link: http://certificates.amp.gob.pa/certificates.
If the extension was granted to postpone the intermediate verification, the RSO must endorsed the Full term ISSC and shall indicate the ISPS authorization number granted, which authorizes them to carry out the intermediate verification out of the window.
If the ISPS extension was granted to postpone the Renewal Verification, the RSO may issue a short term certificate, valid for 5 months, after having carried out the renewal verification.
The ISPS authorization granted by this Administration must be kept on board at all time together with the ISSC (interim or Full Term), for reference of the maritime authorities.
TRANSFER OF SECURITY MANAGEMENT SYSTEM CERTIFICATION
This Administration recognizes the IACS agreement for the transfer of the ISPS certification (PR-18).
CHANGES DURING THE VALIDITY OF THE INTERIM ISSC
The RSO shall issue an interim ISSC with the same validity as the existing certificate if the vessel changes any of the following information:
- When the name of vessel changes
- When the tonnage changes
- When the physical address of the operator company changes
- When the name of the operator company changes
- When the type of vessel changes
CHANGES DURING THE VALIDITY OF THE FULL TERM ISSC
If the vessel changes any of the following information below described during the validity of the Full Term ISSC the RSO shall issue a short term ISSC valid for (5) months and afterwards this Administration will issue the Full Term ISSC with the same validity as the existing certificate. When the following conditions are given:
- When the name of vessel changes
- When the tonnage changes
- When the physical address of the operator company changes
- When the name of the operator company changes
- When the type of vessel changes
SHIP MORE THAN SIX (6) MONTHS OUT SERVICES
If the ship is out of service for more than six months, the Recognized Security Organization (RSO) must re-initiate the ISPS certification process with the interim verification as required by the ISPS Code A/19.4.2 and issue an interim ISSC, with previous notification of the Administration.
OVERDUE ISPS VERIFICATION
If the ISPS verification is not carried within the established window, the certificate will be invalid and the RSO shall inform to the Flag Administration immediately at the following email: isps@amp.gob.pa, in order to cancel the Full Term ISSC in our data base and the ISPS process needs to be re-initiate with the interim verification, with previous authorization of this Administration.
EXPIRED CERTIFICATE PRIOR TO REQUEST THE FULL TERM ISSC
In those cases where the RSO has completed the ISPS verification within the established windows of the ISPS Code and the company operator applies for the full term ISSC, after the expiration of the interim ISSC or short term; the Administration will issue the Full Term ISSC with a validity of less than 5 years, taking as reference the expiration date of the interim ISSC with the date of issuance of the Full Term ISSC.
From April 1st, 2018 the following Merchant Marine Circular (MMC) 145, 207 and 326 will be cancelled.
PMA Circular MMC-359 – open online –
Instructions and Procedure for the implementation and certification of the ISPS Code.