Civil aviation security: new regulations take effect

Introduction

Air transport has revolutionised the way in which people travel and trade over the past century. With the increasing movement of people and cargo across borders, global aviation security has become a focus of the International Civil Aviation Organisation and the 193 contracting states to the Convention on International Civil Aviation (Chicago Convention). As one of the contracting states, Malaysia introduced the Civil Aviation (Security) Regulations 2019 (Security Regulations) on 29 March 2019. The Security Regulations came into operation on 30 March 2019.

This article highlights some of the key matters addressed by the Security Regulations.

New aviation security authorities

National Civil Aviation Security Authority

The Security Regulations established the National Civil Aviation Security Authority, which is responsible for:

safeguarding civil aviation against any act of unlawful interference; and
regulating the security of civil aviation in compliance with Annex 17 to the Chicago Convention.

'Acts of unlawful interference' constitute any act which jeopardises the safety of civil aviation, including:

unlawful seizures of aircraft;
the destruction of aircraft in service;
hostage taking on board an aircraft or in aerodromes;
forcible intrusion on board an aircraft, at an airport or on the premises of an aeronautical facility;
the introduction of a weapon or hazardous device or material intended for criminal purposes on board an aircraft or at an airport;
the use of an aircraft in service for the purpose of causing death, serious bodily injury or serious damage to property or the environment; and
the communication of false information to jeopardise the safety of an aircraft, a passenger crew, ground personnel or the general public at an airport or in a civil aviation facility.

The functions of the National Civil Aviation Security Authority include:

establishing and reviewing civil aviation security policies;
monitoring the implementation of the Security Regulations;
conducting a review of the national security programmes;
approving and reviewing a security programme;
defining and allocating tasks and coordinating civil aviation security activities between various entities;
conducting a review on the level of threat to civil aviation;
conducting regular security risk assessments for civil aviation security;
re-evaluating security control and procedures on civil aviation security; and
responding to any increased threat to civil aviation security.

National Civil Aviation Security Committee

The Security Regulations also established the National Civil Aviation Security Committee, whose functions include:

advising the National Civil Aviation Security Authority on matters relating to the implementation of the Security Regulations;
facilitating the coordination of civil aviation security activities between various entities responsible for implementing the National Civil Aviation Security Programme (NCASP); and
considering the recommendations of airport security committees in relation to civil aviation security and, where appropriate, recommending to the National Civil Aviation Security Authority any change to the civil aviation security policies.

New national security programmes

The CEO of the Civil Aviation Authority (CAA) is responsible for establishing and implementing national security programmes, which will include the following:

the NCASP (as defined above) to safeguard civil aviation operations against any act of unlawful interference;
the National Civil Aviation Security Training Programme (NCASTP) to ensure that security awareness and function specific trainings are provided to all persons involved in or responsible for the implementation of the NCASP; and
the National Civil Aviation Security Quality Control Programme (NQCP) to determine compliance with and validate the effectiveness of the NCASP.

The Security Regulations:

impose an obligation on all operators (including aerodrome operators), ground handlers and other persons as may be determined by the CAA CEO to comply with the national security programmes; and
require all government entities responsible for implementing the national security programmes to cooperate with and assist one another to ensure the proper implementation of said programmes.

The Security Regulations require operators (including aerodrome operators), ground handlers and any other persons as determined by the CAA CEO to establish a civil aviation security programme, a civil aviation security training programme and a civil aviation security quality control programme in accordance with the NCASP, NCASTP and NQCP, respectively. This must be approved by the National Civil Aviation Security Authority, and such approval must be renewed within a period determined by the CEO.

In addition, aerodrome operators must establish a contingency plan (ie, a proactive plan which includes measures to be implemented in the event of an act of unlawful interference) in accordance with the NCASP, which must be approved by the National Civil Aviation Security Authority.

Operators (including aerodrome operators), ground handlers or any other persons as determined by the CAA CEO must comply with the approved security programmes. In addition, aerodrome operators must also comply with their approved contingency plans.

The CAA CEO may decide to vary any of the national security programmes and direct any person to adjust any approved security programmes established by such person to comply with the adjustments made to the national security programmes.

The National Civil Aviation Security Authority may conduct a review of any approved security programme and direct the person who established the programme to adjust it accordingly. The National Civil Aviation Security Authority may also require a person who establishes any approved security programme to conduct a review of the programme.

Security and screening controls

The Security Regulations require operators (including aerodrome operators), ground handlers and any other person to:

use security equipment that is approved by the National Civil Aviation Security Authority;
permit only a person who acts as a security screener to hold a certificate issued by the National Civil Aviation Security Authority; and
ensure that a security screener complies with the method and manner of screening as determined by the CAA CEO.

In addition, an aerodrome operator must, with the approval of the CEO, designate an area on the airside of an aerodrome as a 'security restricted area' (ie, a priority risk area where, in addition to access control, other security controls are applied).

The expression 'security equipment' refers to a device of a specialised nature for use, individually or as part of a system, in the prevention or detection of any act of unlawful interference with civil aviation or its facilities, including CCTV, hand-held and walk-through metal detectors and body scanners.

Screening of persons

The Security Regulations:

prohibit any person from entering a security restricted area or an aircraft in a security restricted area unless that person undergoes a screening process by a security screener; and
require operators (including aerodrome operators), ground handlers and any other person responsible to provide a screening process to ensure that the foregoing is complied with.

However, these requirements do not apply to:

transit passengers who remain on board an aircraft;
transit or transfer passengers who do not mix with an unscreened person from the transiting or transferring airport, as the case may be; and
transit or transfer passengers who arrive from a contracting state to the Chicago Convention where the security standards are recognised as being equivalent to the requirements determined by the CAA CEO.

Screening of baggage

The Security Regulations:

prohibit a person from taking or causing to be taken on board an aircraft, or delivering or causing to be delivered for loading or carriage on an aircraft, any baggage unless it undergoes a screening process by a security screener; and
require aerodrome operators to ensure that the foregoing is complied with.

However, the requirements above do not apply to any cabin baggage that is carried by a transit passenger or transfer passenger.

Screening of cargo, mail and stores

The Security Regulations:

prohibit a person from taking or causing to be taken on board an aircraft, or delivering or causing to be delivered for loading or carriage on an aircraft, any cargo or mail unless the cargo or mail undergoes a screening process by a security screener; and
prohibit a person from carrying or causing to be carried in a security restricted area or on board an aircraft within a security restricted area any stores unless the stores undergo a screening process by a security screener.

The expression 'stores' refers to any goods other than cargo or mail, including those which are:

intended for consumption by a passenger or crew on board an aircraft;
used for the operation and maintenance of an aircraft, including fuel and lubricants; and
sold to a passenger or crew on board an aircraft or in a security restricted area.

Screening of vehicles

The Security Regulations:

prohibit a person from using or operating, or causing to be used or operated, a vehicle in a security restricted area unless the vehicle undergoes a screening process by a security screener; and
require aerodrome operators to ensure that the foregoing is complied with.

Aircraft security

An operator can fly its aircraft for the purpose of commercial air transport only if the operator has conducted a security search and checks on the aircraft in accordance with the NCASP.

The Security Regulations prohibit a person from entering or being in a flight deck of any aircraft flying for the purposes of commercial air transport unless:

that person is a crew member on duty and authorised by the operator;
that person is, with the authority of the CAA CEO, performing any regulatory functions under the Civil Aviation Act 1969 or for the purpose of the Civil Aviation Authority of Malaysia Act 2017; or
that person is authorised by the CEO.

Operators must ensure that:

their aircraft are protected from any unauthorised interference from the time of the security search and the checks referred to above are carried out until the departure of the aircraft;
they supervise their aircraft to prevent any unauthorised access by a person or vehicle to or from the aircraft;
no person other than those referred to above enters or is in a flight deck of any of their aircraft; and
any items left behind in their aircraft by disembarking passengers from any flight (including transit flights) are removed from the aircraft.

The Security Regulations require operators to ensure that their civil aviation security programmes contain measures and procedures for retaining passengers in the lawful custody of any law enforcement agency in accordance with the NCASP's requirements.

Moving forward

In line with the introduction of the Security Regulations, Part XXIV (Regulation 168) of the Civil Aviation Regulations 2016, which charges the CAA CEO with the responsibility for safeguarding civil aviation acts of unlawful interference, has been deleted by the Civil Aviation (Amendment) Regulations 2019 (Amendment Regulations) with effect from 30 March 2019. The Amendment Regulations provide that:

national civil aviation security programmes or any other security programme established under Part XXIV before 30 March 2019 is deemed to have been established under the Security Regulations and continues to have effect until reviewed, varied or substituted under the Security Regulations; and
any notice issued under Part XXIV before 30 March 2019 will remain effective until amended or revoked.

In light of the saving provisions described above, all security programmes established and any directions issued under Part XXIV will remain in force until they are varied, amended or revoked.

Moving forward, companies will have to comply with the procedures for applying for any approval, certificate or authorisation required under the Security Regulations (as set out in Regulations 29 to 32) and and must pay fees prescribed by the Civil Aviation (Fees and Charges) (Amendment) Regulations 2019 (which came into effect on 30 March 2019). Companies and other persons with an approval, certificate or authorisation issued under the Security Regulations cannot transfer or assign them, on risk of a fine of up to RM200,000 if convicted.

It would be prudent for passengers, operators, including aerodrome operators, ground handlers and other persons to comply with the Security Regulations, as conviction of an offence entails a fine of up to:

RM200,000 or up to five years' imprisonment (or both) for an individual; and
RM400,000 for companies, limited liability partnerships, firm, societies or other bodies of persons.

This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.

Register now for your free, tailored, daily legal newsfeed service.

Civil aviation security: new regulations take effect

Filed under

Organisations

Popular articles from this firm

At a glance: termination of employment in Malaysia *

At a glance: employers' health and safety responsibilities in Malaysia *

Malaysian Government to introduce Cash Transaction Limit *

Money Services Business (Amendment) Bill 2024 *

Q&A: Labour & Employment Law in Malaysia *

Related practical resources PRO

Related research hubs