Cbsa Csa Pack
Source: docs/compliance/cbsa-csa-pack.md
# CBSA CSA Jurisdiction Pack
## Overview
The Canada Border Services Agency (CBSA) **Customs Self Assessment (CSA)** program is a trusted-trader initiative that allows pre-approved importers, carriers, and drivers expedited clearance at the Canadian border. Unlike commodity-based programs (such as APHIS CORE), CSA eligibility is determined by **entity status** -- whether the importer, carrier, and driver each meet program requirements -- not by the commodity being imported.
**Key characteristics:**
- **Jurisdiction:** CA
- **Model:** Entity-based (importer + carrier + driver eligibility)
- **Authority:** CBSA
- **Program code:** CSA
- **Source data version:** `2024-Q4`
## Key Difference from APHIS CORE
| Dimension | APHIS CORE | CBSA CSA |
|-----------|-----------|----------|
| **Matching model** | Commodity-based (HS prefix, origin, product category) | Entity-based (importer, carrier, driver status) |
| **Input** | HS code, origin country, product category | TenantComplianceProfile fields (module-level) |
| **Obligations** | Regulatory declarations per product type | Eligibility criteria per entity type |
| **hsPrefixes / productCategories** | Populated | Empty (not used) |
| **criteria column** | null or importerBondingStatuses | `{ entityType, requirements[] }` |
| **Evaluation function** | `evaluateObligations()` | `evaluateCsaEligibility()` |
## Eligibility Criteria
### IMPORTER (3 obligations)
| Code | Name | Requirements | Required Documents |
|------|------|-------------|--------------------|
| `CBSA-CSA-IMPORTER-BONDING` | Importer Customs Bond | `importerBondingStatus` equals `ACTIVE`, `importerBondingExpiry` after `NOW` | `CBSA_D120`, `CUSTOMS_BOND_CERTIFICATE` |
| `CBSA-CSA-IMPORTER-COMPLIANCE` | Importer Compliance History | `complianceHistoryScore` >= `75` | (none) |
| `CBSA-CSA-CARM-LINKAGE` | CARM Account Linkage | `carmAccountLinked` equals `true` | `CARM_REGISTRATION` |
### CARRIER (1 obligation)
| Code | Name | Requirements | Required Documents |
|------|------|-------------|--------------------|
| `CBSA-CSA-CARRIER-REGISTRATION` | Carrier CSA Registration | `carrierRegistrationStatus` equals `ACTIVE` | `CARRIER_CSA_REGISTRATION`, `CARRIER_BOND` |
### DRIVER (1 obligation)
| Code | Name | Requirements | Required Documents |
|------|------|-------------|--------------------|
| `CBSA-CSA-FAST-CARD` | FAST Card (Free and Secure Trade) | `fastCardStatus` equals `ACTIVE` | `FAST_CARD` |
### Overall Eligibility
CSA eligibility requires **all three entity types** (importer, carrier, driver) to pass **all** of their respective checks. If any single check fails for any entity, overall CSA eligibility is `false`.
## Touchpoints
CSA integrates with several CBSA digital systems:
| System | Description |
|--------|-------------|
| **CARM** | CBSA Assessment and Revenue Management -- revenue collection and trade data |
| **ACI** | Advance Commercial Information -- pre-arrival data submission (eManifest) |
| **eManifest** | Electronic submission of cargo/conveyance data before arrival |
The CARM account linkage obligation (`CBSA-CSA-CARM-LINKAGE`) verifies that the importer has connected their CARM account, which is a prerequisite for CSA participation.
## TenantComplianceProfile
Entity-based eligibility is evaluated against the `app.tenant_compliance_profiles` table. One row exists per tenant + jurisdiction + program combination.
| Field | Type | Purpose |
|-------|------|---------|
| `importerBondingStatus` | `VARCHAR(20)` | Bonding status: `ACTIVE`, `LAPSED`, `NONE` |
| `importerBondingExpiry` | `TIMESTAMP?` | Bond expiration date (checked against `NOW`) |
| `carrierRegistrationId` | `VARCHAR(100)?` | Carrier's CSA registration identifier |
| `carrierRegistrationStatus` | `VARCHAR(20)?` | Carrier registration status: `ACTIVE` or null |
| `carmAccountLinked` | `BOOLEAN` | Whether the CARM account is linked (default: `false`) |
| `carmAccountId` | `VARCHAR(100)?` | CARM account identifier |
| `fastCardStatus` | `VARCHAR(20)?` | Driver FAST card status: `ACTIVE` or null |
| `complianceHistoryScore` | `DECIMAL(5,2)?` | Trailing 12-month compliance score (0-100) |
| `lastEvaluatedAt` | `TIMESTAMP?` | When eligibility was last computed |
| `lastEvaluatedBy` | `VARCHAR(100)?` | Who triggered the last evaluation |
The profile is scoped by `(tenantId, jurisdictionCode, programCode)` with a unique constraint, so each tenant has at most one CSA profile for jurisdiction `CA`.
## Source Data
Source data files live in `data/sources/cbsa-csa/`:
| File | Purpose |
|------|---------|
| `cbsa-csa-eligibility.json` | Structured eligibility criteria (5 criteria across 3 entity types), program metadata, and touchpoint definitions |
| `cbsa-csa-meta.json` | Metadata: source URLs, version, SHA-256 checksum, extraction date |
## Ingestion
Run the ingestion script from the repository root:
```bash
# Dry-run (validate + print actions, no DB writes)
npx tsx scripts/ingest-cbsa-csa.ts --dry-run
# Full ingestion
npx tsx scripts/ingest-cbsa-csa.ts
```
### CLI Flags
| Flag | Description |
|------|-------------|
| `--data <path>` | Path to eligibility JSON (default: `data/sources/cbsa-csa/cbsa-csa-eligibility.json`) |
| `--meta <path>` | Path to metadata JSON (default: `data/sources/cbsa-csa/cbsa-csa-meta.json`) |
| `--dry-run` | Validate and print actions without writing to the database |
### What the Ingestion Script Does
1. Reads the eligibility JSON and meta JSON.
2. **Validates checksum**: computes SHA-256 of the eligibility file, compares against `meta.sha256`. Fails on mismatch.
3. **Validates structure**: checks for required fields (`program.code`, `eligibilityCriteria[]`), non-empty `obligationCode` and `sourceSection`, and that each criterion has at least one requirement.
4. Wraps all writes in `prisma.$transaction()`:
- Upserts `DataSource` (code: `CBSA-CSA`)
- Upserts `DataRelease` with version and checksum
- For each eligibility criterion: computes `contentHash`, upserts `ComplianceObligation` (with `hsPrefixes`, `productCategories`, and `originCountries` all empty, and criteria JSON containing `entityType` + `requirements`), creates `DataChangeLog` entry
- For each criterion: upserts a corresponding `RuleDefinition` with rule code `<obligationCode>-RULE`, creates `DataChangeLog` entry
## Eligibility Evaluation
> **Note:** CSA eligibility evaluation is currently available as a **module-level function** (`evaluateCsaEligibility()` in `packages/modules/trade/src/compliance/cbsaCsaEligibility.ts`). It is not yet wired into the `POST /api/compliance/check` API route, which currently only runs `evaluateObligations()`. A dedicated CSA eligibility API endpoint is planned as a follow-up.
The `evaluateCsaEligibility()` function performs the eligibility check.
### Inputs
- **`profile`**: A `TenantComplianceProfileInput` (or `null` if no profile exists)
- **`obligations`**: All `ComplianceObligation` records for the CSA program
### Algorithm
1. Filter obligations to those with `programCode === 'CSA'`.
2. Parse the `criteria` JSON on each obligation to extract `entityType` and `requirements[]`.
3. Group obligations by entity type (IMPORTER, CARRIER, DRIVER).
4. For each entity group, evaluate each requirement against the profile:
- **`equals`**: Direct equality check (e.g., `importerBondingStatus === "ACTIVE"`)
- **`after`**: Date comparison (e.g., `importerBondingExpiry > NOW`)
- **`gte`**: Numeric comparison (e.g., `complianceHistoryScore >= 75`)
5. If no profile exists, all checks fail with reason "No compliance profile configured".
6. Collect results into `EntityEligibilityResult[]` and build `gapAnalysis[]` for any failed checks.
7. **Overall eligibility**: `true` only if all entity types have all checks passing.
### Response Shape
```json
{
"programCode": "CSA",
"jurisdiction": "CA",
"overallEligible": false,
"entityResults": [
{
"entityType": "IMPORTER",
"eligible": true,
"checks": [
{
"obligationCode": "CBSA-CSA-IMPORTER-BONDING",
"obligationName": "Importer Customs Bond",
"met": true,
"field": "importerBondingStatus",
"expected": "ACTIVE",
"actual": "ACTIVE",
"requiredDocuments": ["CBSA_D120", "CUSTOMS_BOND_CERTIFICATE"]
}
]
},
{
"entityType": "DRIVER",
"eligible": false,
"checks": [
{
"obligationCode": "CBSA-CSA-FAST-CARD",
"obligationName": "FAST Card (Free and Secure Trade)",
"met": false,
"field": "fastCardStatus",
"expected": "ACTIVE",
"actual": null,
"requiredDocuments": ["FAST_CARD"]
}
]
}
],
"gapAnalysis": [
{
"entityType": "DRIVER",
"obligationCode": "CBSA-CSA-FAST-CARD",
"obligationName": "FAST Card (Free and Secure Trade)",
"reason": "fastCardStatus: expected equals ACTIVE, got null",
"requiredDocuments": ["FAST_CARD"]
}
],
"evaluatedAt": "2026-02-26T12:00:00.000Z"
}
```
## Source Citations
CSA obligation source sections reference the CSA Program Guide and FAST Program Guide:
| Obligation | Source Section |
|------------|---------------|
| `CBSA-CSA-IMPORTER-BONDING` | CSA Program Guide, Chapter 3 -- Importer Requirements |
| `CBSA-CSA-IMPORTER-COMPLIANCE` | CSA Program Guide, Chapter 3 -- Compliance History |
| `CBSA-CSA-CARM-LINKAGE` | CSA Program Guide, Chapter 4 -- CARM Integration |
| `CBSA-CSA-CARRIER-REGISTRATION` | CSA Program Guide, Chapter 5 -- Carrier Requirements |
| `CBSA-CSA-FAST-CARD` | FAST Program Guide -- Driver Eligibility |