2024-30826. Certificates of Compliance  

A. Procedural Comments

Comment 1: Several commenters (Galaxy (90), JPMA (99), NAM (113), RILA (114), and NCBFAA (122)) argue that the SNPR was proposed prematurely, because CPSC assertedly did not benefit from outcomes and feedback from Beta Pilot participants; ( print page 1806) these commenters noted general concern about the impact of eFiling.

Response 1: When drafting the SNPR, CPSC benefited from the outcomes and feedback from comments to the 2013 NPR, the Alpha Pilot conducted in 2016, the Certificate Study conducted in 2017, preparation and development for the Beta Pilot in 2023, and the initial months of the Beta Pilot. Furthermore, CPSC is drawing upon outcomes and feedback from the Beta Pilot participants in the Final Rule, specifically with respect to consideration of the effective date of the Final Rule and finalizing the eFiling burden analysis in sections VII and VIII of this preamble. Finally, while the Beta Pilot tests the mechanics of eFiling and practical considerations, it does not impact the Final Rule's basic requirement to eFile certificates.

Comment 2: Hansen (115) states that the bicycle industry has not received sufficient information about the eFiling proposal, and that the SNPR was sudden, considering the 10-year lapse between the NPR and the SNPR. Hansen complains that no company from the bicycle industry is participating in the Beta Pilot and that it will take many months to set up testing laboratories around the world and hire people to manage the new data requirements.

Response 2: Because more than 10 years have passed since the NPR was published in 2013, the Commission issued the SNPR to provide additional opportunity for notice and comment and to describe proposed requirements for the revisions to part 1110 based on the Commission's efforts since 2013 to advance eFiling. The SNPR recounts such efforts, including the Alpha Pilot in 2016 and a Certificate Study in 2017. 88 FR 85760, 85762-62. The Commission voted in December 2020 to approve staff's recommended four-phased approach to create an eFiling program at CPSC ^[22] and began recruiting for the Beta Pilot on June 10, 2022 (87 FR 35513). CPSC conducted the Beta Pilot with 37 participants from October 2023 to June 2024. Most recently, CPSC announced expansion of the Beta Pilot test on June 4, 2024 (89 FR 47922). CPSC has also conducted extensive outreach via public events, such as a workshop held on October 13, 2022 (87 FR 48162 (Aug. 8, 2022)), and communication with a variety of trade organizations.^[23] CPSC provided industry with a wealth of information about the Beta Pilot and eFiling and provided numerous notices and opportunities for bicycle importers to participate; bicycle importers can still participate in the expanded Beta Pilot. Lastly, the Final Rule requires eFiling of certificates that bicycle importers are already responsible for creating and maintaining; the Final Rule does not add new testing-related data requirements for certificates and does not require the bicycle industry to set up additional testing laboratories or change their testing processes.

B. Effective Date

Comment 3: Many commenters (TSC (87), BV (92), Alta (93), TA (97), ITI (98), JPMA (99), OPEI (100), WCMA (106), NFTC & USCC (108), Newell (110), AAFA (111), NAM (113), RILA (114, 126), Hansen (115), LA (116), Comverex (117), NAFTZ (127), EAA (131), and IKEA (123, 130)) argue that an effective date of 120 days after publication of the Final Rule, as proposed, is inadequate and recommend a longer implementation period, ranging from six to 24 months. The NCBFAA (122) expresses concern about slow participation by importers and potential system bugs in development.^[24] The TA (97) specifically recommends a staggered phase-in period once the effective date has elapsed. Commenters argue that an extended implementation period would allow industry to implement the new changes, including organizing resources, hiring data personnel, integrating internal technological systems, onboarding to the eFiling system, reviewing existing compliance programs, developing internal procedures, and completing additional legal agreements between parties to assign certification responsibilities.

The AAFA (111) states that an interim manual entry process, which CPSC did not propose, is not feasible for most importers, because it would require significant staff time. Commenters recommend that CPSC host additional workshops and training. IKEA (123, 130) claims that to secure a stable and resilient supply chain, message sets need to be ready at least three months prior to import, suppliers require four months to update their systems, each new product requires at least 6 months to mitigate any deviations from eFiling requirements, and one month to correct errors in the data flow. IKEA (130) asserts that eFiling requires many months of preparation with suppliers, vendors, and brokers, recommending a 24-month effective date and a phased approach to implementation. NAFTZ (127) and EAA (131) recommend an effective date of at least one year or longer.

Response 3: Based on CPSC's experience with Beta Pilot, the Commission agrees with the commenters that additional time is warranted for importers and their trade partners to prepare for full implementation of eFiling. Accordingly, the Final Rule provides an effective date of 18 months after publication of the Final Rule, as described in section VI of the preamble, to implement eFiling for all entry types except products entered for consumption or warehousing from an FTZ, which will have a 24-month effective date. This timeline is based on comments received on the SNPR and feedback from Beta Pilot participants and their trade partners. CPSC will also consider hosting additional workshops and trainings before and during implementation of the eFiling requirement and will update guidance materials as needed on CPSC's eFiling document library, available at https://cpsc.gov/​eFiling-Document-Library. Finally, to allow importers and the Commission time to test and plan for full implementation of eFiling, the Commission is expanding the Beta Pilot test to include up to 2,000 additional participants, as described in a June 4, 2024, Federal Register notice. 89 FR 47922. Importers can apply to participate in the expanded Beta Pilot as stated in this notice. Id.

Comment 4: WCMA (106) alleges that the 120-day implementation period in the SNPR conflicts with the American National Standards Institute (ANSI)/WCMA 2022 custom window covering safety standard (effective June 1, 2024) and the approaching conclusion of the Reese's Law discretionary enforcement period (on March 19, 2024). WCMA (106) states that the window covering industry will have to adapt to new compliance requirements, while being unfamiliar with the eFiling system. ( print page 1807)

Response 4: The Commission published 16 CFR part 1263 on September 21, 2023 (88 FR 65274; 88 FR 65296) to implement Reese's Law, 15 U.S.C. 2056e, which required the Commission to issue a rule providing performance and labeling requirements for consumer products that contain button cell or coin batteries, to eliminate or adequately reduce the risk of injury associated with children 6 years old and younger ingesting these batteries. 15 U.S.C. 2056e(a)(1). Some motorized window coverings contain button cell or coin batteries.

The effective date of this Final Rule, as revised, will occur about one and a half years after the effective date of Reese's Law requirements for consumer products containing button or coin cell batteries. As of September 2024, testing and certification of consumer products containing button cell or coin batteries has been in effect for six months. Accordingly, the 18-month effective date of the Final Rule will provide window covering manufacturers and importers with sufficient time to comply with testing, certification, and eFiling requirements.

Comment 5: Comverex (84) expresses concern about the proposed 120-day effective date, believing that test data that is typically valid for 365 days would need to be reconducted in 245 days (365 days−120 days = 245 days) to allow test laboratories to automate test data submission into the Product Registry. Comverex states that a 120-day effective date would require testing to be obtained up to 245 days in advance of publication of the Final Rule, potentially requiring importers to reconduct testing or to coordinate obtaining the necessary data from previously issued test reports.

Response 5: Certificate data entered into the Product Registry are the responsibility of the importer, who can allow a testing laboratory to submit test data into the Product Registry on their behalf. The decision to rely on a testing laboratory for data entry is at the discretion of the importer. The premise of Comverex's concern, that test data must be entered at the time of testing, is incorrect; in fact, importers or their trade partners can enter test data into the Product Registry at any time before importation of the product, including testing conducted before the effective date of the Final Rule. Based on comments and the experience of Beta Pilot participants, the Final Rule now has a 18-month effective date, which also obviates Comverex's concern. Note that if an importer participates in the expanded Beta Pilot, the importer can begin submitting certificate data into the Product Registry before the effective date of the Final Rule.

C. Section 1110.3 Definitions

Comment 6: Several commenters (Alta (93), TA (97), Newell (110), PeopleForBikes (112), and Hansen (115)) oppose expanding the definition of a “finished product” in § 1110.3 to include replacement parts. These commenters argue that replacement parts are effectively covered by certification for the full finished product and are not tracked independently, so it would be burdensome to create and track certificates for replacement parts. Furthermore, a change to any replacement part would be considered a “material change” and trigger retesting under an existing regulation. Lastly, commenters state that component parts are imported in bulk and the importer has no way of knowing whether the parts are intended for domestic assembly, repair shops, or retail customers. Commenters state that this differs from parts sold with the intent that they may be assembled to create some larger item or ensemble, like doll accessories for toys.

Additionally, PeopleForBikes (112) and Hansen (115) write that CPSC's example that a handlebar sold as a replacement part requires a certificate is incorrect, because 16 CFR part 1512 (part 1512) is a complete product standard and the handlebar must meet the requirements in part 1512 after assembly into complete bicycles. PeopleForBikes (112) notes that in response to comment 63 on the 2013 NPR, CPSC indicated that parts of a bicycle could be tested and certified. The commenter states that CPSC provided as an example replacement handbrakes, which the commenter asserts cannot be tested individually, but are covered under 16 CFR 1512.5. Hansen (115) states that importers will not know whether a part, such as handlebars, will be used on a child's bike or not, and requests documentation that CPSC has previously stated that replacement bicycle parts must be tested to part 1512.

JPMA (99) and NAM (113) claim the proposed rule does not clearly define “component parts” and “component part certificates.” These commenters state that CPSC should clarify that certification is only required for component or replacement parts if they are sold as fully independent, finished, packaged consumer products subject to a specific applicable regulation. The OPEI (100) seeks clarity as to whether replacement shields for power mowers (as defined in 16 CFR part 1205.3) require separate testing and certificates if sold to consumers as replacement parts.

Response 6: In the Final Rule, CPSC amends the definition of “finished product” and adds guidance in sections V.B and V.C of this preamble to clarify when a part of a consumer product is considered a finished product. As defined in 16 CFR part 1109 and this revised part 1110, a “component part” is not, by definition, a finished product that requires certification. A component of a consumer product only requires testing and certification if the part itself is: (1) packaged, sold, or held for sale to, or use by, consumers (in which case it is a finished product); (2) regulated by the Commission, meaning the part is specifically regulated and not regulated as a subsection of a final product standard; and (3) imported for consumption or warehousing or distributed into commerce. To be a finished product, components must be sold independently, packaged for a consumer, or intended for use by a consumer.

CPSC incorrectly stated in the SNPR that bicycle handbrakes sold separately would require a certificate. The commenter is correct that 16 CFR part 1512, as applied to non-children's products, is a finished product standard and the individual components are tested as part of the finished product. Imported replacement parts for bicycles, power mowers, or any non-children's product covered by a finished product regulation are not subject to the eFiling requirement unless a regulation applies to the part, as sold. However, a part of a children's product that is sold separately to consumers may be subject to third party testing for CPSC rules such as lead content, lead in paint, or small parts. Lastly, per 16 CFR part 1109, a certifier can use component part testing and certification to certify a finished product, where applicable.

Comment 7: Several commenters (JPMA (99), NFTC & USCC (108), AAFA (111), NAM (113), and RILA (114)) disagree with the proposed expanded definition of “importer” and urge using “importer of record (IOR),” as proposed in the 2013 NPR. Commenters claim that the industry is already familiar with the definition of IOR and the expanded definition will add complexity and ambiguity to who is responsible for eFiling certificate data. Commenters argue that multiple entities may be held responsible, or that retailers may be improperly authorized to certify products. JPMA (99) and NAM (113) assert that the definition of “importer” cannot be changed, because it is already legislatively defined, and the SNPR is contrary to the plain language of the ( print page 1808) CPSA that specifies manufacturers as the required certifier.

Response 7: The 2013 NPR proposed to define “importer” as the “importer of record as defined under the Tariff Act of 1930 (19 U.S.C. 1484(a)(2)(B))” 78 FR 28080, 28107. The 2023 SNPR proposed to broaden the definition to include the importer of record, consignee, or owner, purchaser, or party that has a financial interest in the product or substance being offered for import and effectively caused the product or substance to be imported into the United States. 88 FR 85760, 85789. For the Final Rule, the Commission agrees with the commenters that identifying a specific party responsible for certifying imported, finished products helps to clarify the party responsible for complying with CPSC's certificate requirements and ensures that certificate data is eFiled at entry. Accordingly, the Final Rule clarifies that, as proposed in the 2013 NPR and consistent with the SNPR and the comments received, for purposes of this rule, the “importer” means the importer of record (IOR) eligible to make entry for imported finished products under the Tariff Act of 1930, as amended (19 U.S.C. 1484(a)(2)(B)), who may be an owner, purchaser, or authorized customs broker.

The Final Rule also addresses the concerns of commenters stating that an IOR authorized to make entry for a shipment, such as a broker, may not have sufficient knowledge of the consumer products to be held responsible for testing and certification. Accordingly, the definition of “importer” in the Final Rule provides that an authorized broker may identify the owner, purchaser, or consignee of the finished products who authorized the customs broker to make entry, as the party responsible for compliance with CPSC certificate requirements. A broker would identify such party by eFiling certificate data using CPSC's PGA Message Set, which will identify the finished product certifier responsible for product certification, as required in § 1110.11(a)(3).

If identified as the finished product certifier in the PGA Message Set data, the owner, purchaser, or consignee that authorized the broker to file entry is the party that CPSC would expect to have sufficient knowledge of the finished products being imported and understand that such products must now comply with U.S. laws and regulations, including compliance with CPSC's testing and certification requirements. We note that the party that CPSC holds legally responsible for certificate data does not mean that this party is responsible for submitting such data into ACE, because this party may not be the IOR for the shipment or be another party eligible to make entry under CBP statutes and regulations.

Thus, the Final Rule definition of “importer” is consistent with the parties identified in the NPR and the SNPR and addresses commenters concerns by requiring the IOR to comply with CPSC's certificate requirements, but allowing an IOR who is an authorized broker to identify the owner, purchaser, or consignee of the finished products who authorized the customs broker to make entry, as the party responsible for compliance with CPSC certificate requirements. However, for finished products regulated by CPSC that are required to be accompanied by a certificate, if an authorized customs broker fails to submit a PGA Message Set containing CPSC's certificate data elements to identify the owner, purchaser, or consignee responsible for product certification,^[25] CPSC can hold such a broker legally responsible for certificate data as set forth in § 1110.15.^[26] Practically speaking, a broker will receive from the owner, purchaser, or consignee authorizing entry, either the Unique ID for the Reference PGA Message Set, linking certificate data in the Product Registry with the shipment, or all certificate data elements for submitting the Full PGA Message Set at entry.

The Final Rule also clarifies, for purposes of this rule, the importer who is legally responsible for CPSC's certificate data for finished products that must be accompanied by a certificate that are imported by mail, or for which a de minimis duty exemption under 19 U.S.C. 1321(a)(2)(C) is claimed. These shipments do not have an IOR. The “importer” definition in the Final Rule specifies that for finished products imported by mail, or for which a de minimis duty exemption under 19 U.S.C. 1321(a)(2)(C) is claimed, the importer for purposes of CPSC's certificate requirement is a party eligible to make entry for the merchandise pursuant to CBP statutes and regulations, who may be an owner, purchaser, consignee, or authorized customs broker. The Final Rule defines “owner or purchaser” and “consignee” consistent with the SNPR but simplified. An authorized broker may identify the owner, purchaser, or consignee that authorized entry as the finished product certifier in a PGA Message Set for a de minimis shipment as well. Because a consumer could fall within the definition of a purchaser or consignee, the definition of “importer” continues to state, as proposed, that for purposes of this rule, CPSC will not typically consider a consumer purchasing or receiving products for personal use or enjoyment to be the importer responsible for certification.

The assertion by JPMA (99) and NAM (113) that the plain language of the CPSA specifies a manufacturer as the required certifier is incorrect and comes 16 years after the CPSC first required importers to certify imported consumer products in the existing 1110 rule, effective November 18, 2008. 73 FR 68328. Section 3(a)(11) of CPSA defines a manufacturer as “any person who manufactures or imports a consumer product.” The CPSA does not define “importer,” and, pursuant to the implementing authority in section 3 of the CPSIA, CPSC has the authority to define “importer” for the purposes of this rule, and to effectuate the statutory authority to require electronic filing of certificates in section 14(g)(4) of the CPSA. Moreover, CPSC has the authority to designate the certifier pursuant to section 14(a)(4) of the CPSA, which states that when a product has more than one manufacturer or private labeler, the Commission may by rule designate one or more of such entities as the certifier and exempt the others. 15 U.S.C. 2063(a)(4).

Accordingly, the Commission's 1107 and 1109 rules both rely on the requirement for importers to certify imported consumer products, and these rules have been effective since 2013 and 2011, respectively. 76 FR 69482 (November 8, 2011) (finalizing part 1107); 76 FR 69546 (November 8, 2011) (finalizing part 1109). To address importer concerns, for more than 13 years part 1109 has allowed importers, or any finished product certifier, to rely on another party's testing or certification, such as a manufacturer's, to issue their own finished product certificate, provided the finished product certifier meets the requirements in part 1109.

Comment 8: The NFTC and USCC (108) are concerned that the proposed definition of “importer” would result in a “diffusion of responsibility” across all parties in the transaction of the shipment, resulting in confusion. These commenters propose that the IOR must eFile the certificate, but another ( print page 1809) specified entity could prepare the certificate, which could either be (1) an entity that by mutual agreement is responsible for preparing the certificate, or (2) in the absence of agreement, a hierarchy of entities within the proposed definition of “importer.” Commenters state that in this case, if the IOR does not have the requisite knowledge to prepare the certificate, another specified entity with direct knowledge of the facts underlying the certificate could be responsible for its preparation.

The NCBFAA (122) questions why the definition of “importer” specifically highlights customs brokers, because they are already subsumed in the definition of IOR. They argue that this adds confusion, because the customs broker will rarely assume legal responsibility for certification. The NCBFAA (122) urges CPSC to make it clear that a customs broker or other non-beneficial owner will never be the responsible importer by default merely due to their role in the import process, and to distinguish those roles.

Response 8: As described in response to comment 7 and in section V.B of this preamble, the Final Rule revises the definition of “importer” proposed in the SNPR, agreeing in part with the commenters. The NFTC and USCC (108) request that CPSC identify the IOR as the importer but allow for another specified party to be responsible in case the IOR does not have the requisite knowledge to prepare the certificate. As stated in response to comment 7, the Final Rule specifies that the IOR is the importer responsible for certification of a finished product. However, if the IOR is an authorized customs broker, the broker may identify the owner, purchaser, or consignee that authorized entry, as the party responsible for CPSC's certificate requirements, as part of the eFiled certificate data. If the required certificate data is not eFiled, CPSC can hold the broker legally responsible as set forth in § 1110.15.

The revised definition limits confusion by specifying the IOR as the importer, while also addressing broker concerns about not having sufficient detailed knowledge about the consumer products being imported to issue a certificate, by allowing the broker to specify the owner, purchaser, or consignee that authorized the broker to make entry. Use of the Product Registry will aid brokers in obtaining the requisite certificate information for eFiling. Practically speaking, a broker can identify the finished product certifier responsible for certification either by ensuring complete certificate data is filed in a Full Message Set, including the required “certifying entity” in § 1110.11(a)(3), or when stating the “certifier ID” for the Reference Message Set.

Comment 9: The TA (97) claims that the proposed importer definition does not adequately fulfill CPSC's stated intention to include products that are “imported as a mail shipment.”

Response 9: As proposed in the SNPR, § 1110.13(a)(1) of the Final Rule requires that mail shipments containing finished products that are required to be accompanied by a certificate submit the finished product certificate data elements required in § 1110.11 into CPSC's Product Registry before arrival of the shipment in the United States. Mail shipments do not have an IOR. Accordingly, in response to the TA (97), CPSC adds a clarifying sentence to the definition of “importer” stating that for the purposes of this rule, the importer for purposes of CPSC's certificate requirements is a party eligible to make entry for the finished products pursuant to CBP statutes and regulations, who may be an owner, purchaser, consignee, or authorized customs broker.

Comment 10: The PPAI (119) disagrees with the proposed “importer” definition and claims that the proposed new definition will render distributors primarily responsible for certification, instead of the suppliers as it is today. The PPAI (119) states that the proposed rule would require distributors to retest the same product for individual orders, causing problems for companies with multiple “operating as” or “dba” designations, and uncertainty when a customs broker is involved.

Response 10: The Final Rule does not disrupt CPSC's current testing and certification requirements. As is currently the case, importers are the finished product certifiers that must certify imported finished products. However, since 2011, importers have been able to rely on a supplier's testing or certification to issue their own finished product certificates, as allowed by 16 CFR part 1109. The Product Registry aids in this process by allowing an importer to give a supplier permission to upload certificate data into the Product Registry, and to certify such data, on their behalf. However, as set forth in § 1110.15, the importer, who is the defined finished product certifier in § 1110.7, remains legally responsible for the information in a finished product certificate, including its validity, accuracy, completeness, and availability.

D. Section 1110.5 Products Required To Be Certified

Comment 11: ULS (104) supports CPSC's focus on products required to be certified and the content of the certificates to be eFiled. Specifically, ULS (104) agrees with the proposed language for § 1110.5 and CPSC's efforts to make this process as efficient as possible for users by listing the applicable rules in the eFiling system.

Response 11: CPSC retains the proposed § 1110.5 in the Final Rule.

Comment 12: JPMA (99) agrees with the proposed § 1110.5 clarification that certificates are only required for finished products. However, JPMA (99) also writes that proposed § 1110.5 requires greater definition to reflect that the manufacturing of finished products may involve multiple productions of identical products or variations unique to different customers that rely upon baseline certificates.

Response 12: Finished product certifiers may rely on applicable component part test reports, certification of component parts of consumer products, or finished product testing or certification procured or issued by another party, per 16 CFR part 1109. However, the finished product certifier must still issue its own certificate, either based on their own testing, or by relying on the underlying test reports and certificates from other parties, such as a manufacturer. As described in response to comment 11, the Product Registry aids in this process by allowing an importer to give their trade partners the ability to upload and certify data on their behalf.

E. Section 1110.7 Who Must Certify Products

Comment 13: Two commenters (AAFA (111) and RILA (114)) prefer the language in § 1110.7 of the existing 1110 rule, which requires importers and domestic manufacturers to issue certificates for imported and domestically manufactured products, respectively. The commenters argue that these entities are better suited for compliance than a private labeler, because importers and domestic manufacturers are most knowledgeable of the product design and manufacturing process, including sourcing of materials, rather than the private labeler, even if the private labeler has influence on the product. Commenters further claim that CPSC provided no indication that the existing certification process is not effectively protecting consumers and that the proposed change would improve safety. RILA (114) raises concerns regarding the ( print page 1810) statement in the SNPR that “CPSC can enforce the certificate requirement against an importer or a private labeler, even if neither firm is the entity submitting the required certificate data” (88 FR 85790), because the current allocation of responsibility amongst domestic manufacturers and importers appropriately ensures the products are certified prior to entering commerce.

Three commenters (TA (97), JPMA (99), and NAM (113)) do not support the requirement that each importer is responsible for submitting certificate information for imported products. Instead, these commenters assert that responsibility should fall on the product manufacturer or private labeler, unless unavailable, in which case the importer of record would be reasonably expected to certify. The TA (97) asserts that CPSC is not recognizing the real-world supply chain, where multiple importers may source from the same independent manufacturer, who would ultimately be responsible for product compliance. JPMA (99) cites the CPSA that “every manufacturer [. . .] shall issue a certificate.” JPMA (99) and NAM (113) further request that the rule clearly state that downstream customers of manufacturers and private labelers may rely on such certificates without having to independently file duplicative certificates. JPMA (99) believes that certification should be permitted from a corporate representative.

Response 13: Pursuant to section 3(a)(11) of the CPSA, the term “manufacturer” means “any person who manufactures or imports a consumer product.” To address commenter confusion, the Final Rule restates this statutory definition in § 1110.3. Based on this definition, importers have been responsible for certifying imported products since promulgation of the original part 1110 rule in 2008. 73 FR 68328, 68331 (Nov. 18, 2008). CPSC understands that manufacturers supply products to different importers. Accordingly, since 2011, under 16 CFR part 1109, importers have been able to rely upon testing and certification conducted by another party, including a manufacturer or private labeler, to issue their own product certificates. 76 FR 69546, 69580 (Nov. 8, 2011). Therefore, as explained in section V.D of this preamble, CPSC maintains the existing requirements, and as re-proposed in the SNPR, that the importer be responsible for certifying imported products. Importers are in the best position to certify imported consumer products because importers know when a consumer product is imported into the United States and must comply with U.S. laws and regulations, and importers are responsible for ensuring that imported products comply with all applicable requirements. We note that CPSC generally holds responsible for certification the party responsible for importation, and not an individual representing a certifying party.

For imported privately labeled products, a private labeler can certify a product if the private labeler falls within the definition of “importer,” as defined in § 1110.3. For privately labeled domestically manufactured products, the private labeler either must certify the products, or ensure that the manufacturer has certified the products. Based on commenters' apparent confusion regarding when a product is privately labeled, § 1110.3 of the Final Rule restates the statutory definition of “private labeler,” to reiterate that a privately labeled product has no manufacturer information on the product or packaging. In that case, neither consumers nor CPSC know whether any other party, besides the private labeler, is responsible for manufacturing or distributing the product. CPSC appropriately places testing and certifying requirements on the private labeler in this scenario. However, when a manufacturer's name is on the product or packaging, the product is not privately labeled, and the manufacturer is responsible for certifying.

Lastly, we reiterate that pursuant to 16 CFR part 1109, any party responsible for testing and certification can rely on component part test reports, finished product test reports, certification of component parts of consumer products, or finished product certifications that are procured or issued by another party, such as a manufacturer or private labeler. However, the finished product certifier, such as an importer, must still issue their own certificate. As described in response to comment 11, for importers, the Product Registry aids in this process by allowing an importer to give their trade partners the ability to upload and certify data on their behalf. However, the importer remains legally responsible for the certificate as stated in § 1110.15.

F. Section 1110.9 Certificate Language and Format

Comment 14: JPMA (99) agrees with § 1110.9 of the existing rule, which provides that certificates may be in hard copy or electronic form and must be provided in English, but may also be provided in any other language. JPMA (99) disagrees with proposed format requirements for electronic certificates in § 1110.9(c), stating that a unique identifier that can be accessed online via an URL or other electronic means be identified prominently because the product packaging is already often cluttered.

Response 14: Section 1110.9(c) regarding electronic certificates only applies to domestically manufactured products, not to imported products where eFiling is required. The SNPR did not propose to require that the unique identifier be provided only on consumer packaging. Rather, the SNPR proposed that a unique identifier be identified prominently on the finished product, shipping carton, or invoice. The requirement for a unique identifier that is available via a URL or other electronic means is not a new concept; this option has been in the existing part 1110 since 2008. The Commission maintains § 1110.9(c) of the SNPR in the Final Rule, because the proposal provides three options for certifiers, stating that “an electronic certificate meets the [availability] requirements of § 1110.13(b) and (c) if it is identified prominently on the finished product, shipping carton, or invoice by a unique identifier. . . .” Hard copy certificates, such as PDF and paper certificates, remain an option for domestically manufactured products pursuant to § 1110.9(b).

Comment 15: JPMA (99) requests that CPSC affirmatively allow for password protection in § 1110.9 to maintain the confidentiality of proprietary competitively sensitive information.

Response 15: The SNPR proposed to allow for password protection of certificates in § 1110.9(c), which primarily applies to electronic certificates for domestically manufactured products. CPSC maintains this allowance in the Final Rule, stating “[i]f the electronic certificate is password protected, the password must be provided at the same time as the certificate when requested by CPSC or CBP.”

G. Section 1110.11 Certificate Content

Comment 16: JPMA (99) argues that the unique ID and description required in the SNPR should be permissible and not mandatory, because eFiling should be optional.

Response 16: The Final Rule requires eFiling for imported products that are regulated by CPSC. This is necessary to achieve the objectives of eFiling, including enabling more effective targeting of violative imported products. The Final Rule also maintains the proposal in § 1110.11(a)(1) for the unique ID and product description for all certificates, for domestic and imported products, so that CPSC can better track certificates and match them ( print page 1811) to consumer products, including certificates received in person, through email, through the Product Registry, and through the RAM (Full PGA Message Set).

Comment 17: The AAFA (111) states that the product descriptions on customs documents, which are for clarity of Harmonized Tariff Schedule (HTS) codes, may not match the descriptions on certificates.

Response 17: CPSC recognizes that the product descriptions on customs documents and certificates may not match. HTS codes can be very broad and capture many different products under one code. For this reason, the SNPR proposed that certificates contain “a sufficient description to match the finished product to the certificate.” This requirement, as finalized in this rule, allows staff to determine whether the attached certificate describes the product being examined.

Comment 18: The WCMA (106) writes that custom cordless window coverings historically have not been subject to CPSC rules that require testing and certification, and therefore have not been assigned unique identification codes. To comply with this SNPR and the Reese's Law Direct Final Rule (88 FR 65274 (Sept. 21, 2023)), WCMA states, the window covering industry will need to invest significant resources in upgrading software systems and manufacturing processes to permanently affix or imprint a new unique product identifier.

Response 18: Window covering requirements in 16 CFR part 1120 do not require testing and certification, however, window coverings that contain a button cell or coin battery are required to meet 16 CFR part 1263, which requires testing and certification of the battery compartment. Nothing in the SNPR or this Final Rule requires a product identifier that distinguishes between products that contain a button battery and those that do not, or that products permanently affix or imprint such a product identifier on the product. Existing model numbers that are placed on the certificate and found somewhere on the product, shipping carton, or invoice, that assist CPSC to match certificates with a product, are sufficient. Note that eFiled certificates for imported window coverings will already be matched to the shipment using CPSC's PGA Message Set. Only electronic certificates for domestically manufactured products need to meet § 1110.9(c).

Comment 19: Several commenters (Boppy (109), Newell (110), LA (116), WIMA (118)) disagree with the requirement of providing the manufacturer's name, street address, and contact information, because this information is highly confidential and public disclosure could severely impact business operations. Boppy (109) is further concerned whether eFiled certificates will be placed in a publicly searchable database or available through a Freedom of Information Act (FOIA) request. A commenter states that in the event CPSC requires the name of the foreign manufacturer, then the Commission could always request that the information be provided with a CPSA section 6(a) submission.

Several commenters (AFSL (94), NFA (95), APA (101), FOA (102), APE (105)) argue that the manufacturer email address and phone number should not be provided, because in the fireworks industry, this information is protected by a “middleman” to prevent customers from purchasing directly from the source. By requiring this information, importers risk losing their current relationship.

The AAFA (111) states that the expansion to the full mailing address is unnecessary and duplicative, because the customs documentation already contains the country of origin and foreign manufacturer information on entry documents and the certificate has contact information.

Two commenters (TSC (85 and RILA (114)) argue against including the manufacturer email address and phone number, because those contacts could be unreliable, including potential language barriers, and the contact may change frequently. RILA (114) recommends CPSC first contact the IOR or the Product Registry Business Account Administrator before contacting the manufacturer.

Response 19: As explained in section V.F of this preamble, CPSC maintains the requirement for certifiers to provide the manufacturer's name, street address, email address, and phone number, because this is consistent with section 14(g)(1) of the CPSA, which requires that each certificate contain “each party's name, full mailing address, [and] telephone number.” We also note that section 16(c)(1) of the CPSA (15 U.S.C. 2065(c)(1)), requires that when requested by a “duly designated” CPSC employee, every importer, retailer, or distributor of a consumer product must identify the manufacturer of that product by name, address, or such other identifying information as the officer or employee may request, to the extent that such information is known or can be readily determined by the importer, retailer, or distributor. In this case, the Commission is requesting the manufacturer's name, address, and contact information by rule.

Accordingly, the Final Rule requires certifiers to provide the manufacturer name, full mailing address, phone number, and email to CPSC on the certificate. CPSC should not have to request the information via a section 6(a) submission,^[27] because these data elements are statutorily required and necessary for CPSC's risk assessment and targeting. CPSC cannot conduct effective risk assessments at the ports without all relevant data points. The country of origin and foreign manufacturer information on entry documents is not sufficient, because CPSC has a different definition for “manufacturer” than CBP. CBP's required “Manufacturer Identification Code” or “MID” is a code, not a name, and is not necessarily linked to the name of the foreign manufacturer. For example, a MID can identify a foreign supplier. Compare15 U.S.C. 2052(a)(11) (CPSC's definition of “manufacturer”) with 19 CFR part 102 (explaining how to construct a MID code for entry documents).

The certificate data provided is secured by CPSC and neither the Product Registry nor RAM are publicly searchable databases. The Product Registry has industry-standard security features like encryption and token authorization, as further explained in the response to comment 49. When a FOIA request is filed, importers, domestic manufacturers, and private labelers who are required to issue certificates are first given the opportunity to assert confidentiality before such information is released. Manufacturer information on a certificate would not be released pursuant to a FOIA request as long as the certifier makes out that the information is confidential under section 6(a) of the CPSA.

Certificates must be furnished to retailers and distributors in accordance with section 14(g)(3) of the CPSA (15 U.S.C. 2063(g)(3)). Section 1110.13(b) of the SNPR, which is maintained in the Final Rule, simply restates this statutory requirement. However, the Final Rule does not dictate how a finished product certifier must furnish a certificate to retailers and distributors. Certifiers, retailers, and distributors may decide, based on business relationships and needs, how to proceed. For example, CPSC is aware that some certifiers redact manufacturer information from certificates before providing them to retailers and distributors. As long as ( print page 1812) certificates provided to CPSC are complete and contain all required information, CPSC takes no position at this time on whether manufacturer information must be provided to third parties, unless safety or the testing and certification regime is compromised in some way.

Contact information for test data in § 1110.11(a)(4) may be a generic email address and telephone number, as long as it is actively monitored by a knowledgeable person and the certifying firm is responsive within 24 hours of CPSC's initial contact. Furthermore, staff will primarily contact the finished product certifier (who should be the Business Account Administrator in the Product Registry) first, but may need to contact the manufacturer if the certifier is non-responsive or if staff uncover a greater product issue with the manufacturer. Manufacturers often supply consumer products to more than one importer, retailer, or distributor.

Comment 20: The ASFL (94) states that the “initial date of manufacture” in § 1110.11(a)(5) is unattainable and recommends that the manufacturing date listed on the receipt or similar document should be the date provided.

Response 20: The “initial date of manufacture” means the month and year, at a minimum, for products manufactured over a series of days. Testing is typically conducted for a batch or production lot of products; therefore, the certifier should know which production lot the testing covers when the certifier creates a certificate based off that testing. Accordingly, for the Final Rule, CPSC maintains the requirement in § 1110.11(a)(5) for the “initial date of manufacture” when describing production lots.

Comment 21: The AAFA (111) and RILA (114) recommend eliminating, in § 1110.11(b), the optional data field of a URL or other electronic means to access supporting records, such as test records, because the Product Registry will have all the necessary information to confirm the certificate and many test reports contain out-of-scope and confidential business information. Commenters state that CPSC should instead communicate directly with the importer.

Response 21: Part 1110 applies to certificates for all consumer products, including those that are domestically manufactured. However, only certificates for imported consumer products must be eFiled. Moreover, the information specified in § 1110.11(b) is optional for all certificates. CPSC staff advises that regardless of whether the certificate is hard copy, electronic, or eFiled, having immediate access to test data is more efficient for the agency than having to contact the importer, manufacturer, or broker with additional questions or to request test documentation. Because this information is optional on a certificate, CPSC maintains the test report URL field in the Final Rule.

Comment 22: JPMA (99) supports maintaining the requirement in § 1109.11(a)(6) to provide the date when the finished product was tested for compliance.

Response 22: CPSC agrees and maintains this requirement in the Final Rule.

Comment 23: The AAFA (111) and JPMA (99) agree that generic contact information proposed in the SNPR should be acceptable.

Response 23: CPSC agrees and maintains this concept as proposed in § 1110.11(a)(4) of the Final Rule.

Comment 24: The AAFA (111) asks CPSC to provide clarity as to how eFiling would work in the case of multiple production lots, produced in different months, where the product is being imported at different times with no material change.

Response 24: One certificate can cover multiple production lots subject to the same test results, as long as there is no material change, as defined in guidance found on CPSC's website. Therefore, one certificate can cover many identical products manufactured over an extended period. For that reason, CPSC clarified in the SNPR that the certificate must contain the month and year of the start date of the series of manufacturing.

Comment 25: PPAI (119) asks for clarity regarding the duplicative testing statement in proposed § 1110.11(d). PPAI asks how this requirement applies to separate rules, standards, bans, or regulations and generating certificates for different orders involving identical products.

Response 25: The Final Rule maintains the proposal in § 1110.11(d) regarding duplicative testing, but clarifies that the rule for “duplicative testing” means that the same third party test does not need to be conducted more than once on each sample, when the same test is required by another applicable rule. CPSC included § 1110.11(d) in the NPR and the SNPR because some test laboratories were charging manufacturers to conduct the same test twice, when the test was required by two separate rules applicable to a children's product. To reduce burden, CPSC clarifies in § 1110.11(d) that this type of duplicative testing is unnecessary; one test to the same requirement in overlapping regulations is sufficient. Thus, certifiers are not required to conduct duplicative testing for any rule that refers to, or incorporates fully, another applicable consumer product safety rule or similar rule, ban, standard, or regulation under any other law enforced by the Commission.

The potential for duplicate testing applies primarily to children's products, where CPSC has long-standing requirements, such as lead, phthalate, and small part requirements, but has also established rules for specific products that also may require a chemical or small parts test, such as the rule applicable to toys in 16 CFR part 1250. For example, if a toy is already tested to section 4.6 of the ASTM International (ASTM) F963 Toy Standard for small objects, codified in 16 CFR part 1250, duplicative testing for small parts does not need to be conducted again to meet 16 CFR part 1501. A certificate should list both citations for part 1250 and part 1501, although only one test must be conducted.

The duplicate test clarification in § 1110.11(d) has no bearing on certificates for different orders for the same product. Each product certificate must list all applicable rules, but the same certificate may be used for repeated shipments of the same product, so long as there is no material change to the product. A material change is a change that could affect compliance, such as a different manufacturing facility or source of raw materials. Most certifiers test continually manufactured products at least once a year. CPSC purposely developed the Product Registry to allow a single certificate to be used more than once, every time the same product is imported. Thus, when a product has been tested and certified, and has not undergone a material change, importers eFiling the certificate data can reference the same certificate in the PGA Reference Message Set for the same product, regardless of the shipment's recipient or purchaser.

Comment 26: The TA (97) and JPMA (99) disagree with the requirement for certifiers to specify each applicable section of ASTM F963, which they allege is beyond what is required by the CPSA and 16 CFR part 1110 and further complicates the data set for manufacturers. The TA (97) also states that the “sectional applicability” is specifically directed to toys subject to ASTM F963, but not to any other rule.

IKEA (123) supports identifying individual sections of ASTM F963, because this requirement improves controls on U.S.-bound shipments. However, IKEA (123) requests that the year of adoption be included in the citation code that incorporates an ASTM ( print page 1813) standard by reference ( e.g. ASTM F963-17 or ASTM F963-23), because if revisions occur to the standard, then it would be impossible to determine if the linked test report is issued for the right standard.

Response 26: Through the Product Registry and CPSC's CATAIR and guidance documents, the Final Rule maintains the requirement for finished product certifiers to list on a certificate the citation for each individual section of ASTM F963 to which a toy is tested and certified. This is not a change to the existing procedure; CPSC has long required that certificates identify which sections of ASTM F963 apply to each toy on a certificate, because staff need to know what has been tested to determine product compliance. Certifiers are, and have always been, responsible for knowing which tests for compliance apply to their products and for listing them on their test reports and on their certificates. ASTM F963, as incorporated into part 1250, is broader than other voluntary standards incorporated into CPSC rules, in that the standard and mandatory rule apply to many different types of toys with different associated hazards. Other CPSC regulations generally apply to one product type with characteristic hazards, such as the rules for full-size cribs or strollers. CPSC has addressed the fact that ASTM F963 contains requirements for many types of toys since 2008 when the CPSIA mandated F963 as the mandatory toy standard. Citing only ASTM F963 on a certificate does not provide sufficient information to CPSC about the product or its compliance with the rule, because toys are tested to individual subsections of ASTM F963 and not to the entire standard.

Moreover, toys are required to be third party tested by an International Organization for Standardization (ISO)-accredited laboratory whose accreditation has been accepted by CPSC. These testing laboratories do not conduct every test in ASTM F963 on every toy; manufacturers and testing laboratories must know which tests in ASTM F963 apply to each toy, and such tests are listed on the test reports. Thus, the Final Rule is consistent with current CPSC practice and will allow CPSC to more easily enforce the existing requirement to list all applicable ASTM provisions.

Importantly, the benefits of eFiling for CPSC would be diminished without knowing which tests within ASTM F963 apply to each toy. CPSC will be able to target and assess risk based on the regulatory citations. Also, test laboratories are CPSC-accepted based on the particular provision of ASTM F963 to which they are ISO-accredited, and not generally for all tests within ASTM F963. Therefore, the certificate must identify the relevant ASTM subsection in order for the RAM to audit that citation against CPSC's testing laboratory credentialing information.

Regarding periodic updates to the ASTM standard, CPSC requires compliance with a revised ASTM standard upon the effective date of a rule incorporating the standard, for all products manufactured after the effective date (or as otherwise stated in a rule), unless the revision's effective date occurs by statute. See, e.g.15 U.S.C. 2056b(g). Other regulations will also change over time and incorporate new versions of a voluntary standard as such standards are revised. Any product manufactured after the effective date of a revised rule incorporating a voluntary standard must comply with the updated rule. Therefore, CPSC would expect that a certificate with a product manufacture date on or after the effective date of a rule to comply with the revised mandatory standard, which can be confirmed by reviewing the test date and/or the associated test report. For administrative efficiency and burden reduction, however, CPSC is not mandating addition of the year to the ASTM citations at this time, and will rely on the data points on a certificate for targeting.

Comment 27: Two commenters (TA (97) and JPMA (99)) claim that exemptions and exclusions do not need to be cited on a certificate of compliance, because they are assumed if a citation is not listed on the certificate. Thus, CPSC should not require the citations of exemptions or exclusions. IKEA (124) claims that this requirement of citing exemptions and exclusions increases reporting burdens.

Response 27: The Final Rule retains the proposal that certificates include citations for testing exemptions or exclusions. Section 14(a)(1)(B) of the CPSA states that the certificate “shall specify each rule, ban, standard, or regulation applicable to the product.” Accordingly, certificates must list each rule to which the product is subject. For each rule listed on the certificate, the certifier should list the firm or testing laboratory that conducted such test. However, some rules contain testing exceptions for certain products or product characteristics, and no testing is required. Thus, for completeness and to avoid unnecessary investigations of shipments that are in fact compliant due to an exemption or exclusion, the certificate should either provide the name of the testing laboratory that conducted testing, or state why the product was not tested. All possible testing exemptions and exclusions are codified in a statute or within the applicable regulation. This provision aids CPSC in targeting and enforcing test requirements. CPSC's eFiling Document Library contains a detailed list of CPSC's rules and all associated codes for testing exclusions within each rule that CPSC expects to appear, as applicable, on a certificate.

Comment 28: RILA (114) recommends that CPSC create a list of products subject to exemptions, which importers could reference when determining if they need to create a certificate. IKEA (123, 130) and RILA (126) additionally request that CPSC address the certificate requirements, which they term “reporting logic,” ^[28] on all products in its jurisdiction and publish a clear and publicly available list of flagged HTS codes. IKEA (123) additionally provided several products for which they request clarification of the certificate requirements, and also recommend that CPSC establish a working group with industry to establish clear guidance for eFiling reporting logic. IKEA (130) also recommends that CPSC provide immediate notice of all HTS Codes that CPSC will flag in CBP's Automated Broker Interface (ABI) as part of the eFiling initiative to provide time for industry to design their eFiling systems. IKEA (130) recommends that CPSC finalize the CATAIR guidance on or before finalizing a rule and provide a 6-month implementation period for any subsequent changes to this guidance. ITI (125) states that CPSC has not addressed how eFiling will work with respect to the business relationships involved for products containing button cell or coin batteries.

Response 28: Before the SNPR published, CPSC created and posted on its website a list of HTS codes, citations, testing exclusions, and CPSC's CATAIR guidance.^[29] CPSC will continue to update citations and testing exclusions when promulgating new regulations or adding or changing HTS codes based on updates from the United States International Trade Commission (ITC). Certifiers who believe the lists are missing any HTS code, citation, or testing exclusions should inform CPSC. CPSC will flag HTS codes once the eFiling requirement becomes effective. CPSC's CATAIR contains a “Change ( print page 1814) Log” to identify updates and will include an “effective date” in the Change Log. Stakeholders can submit questions or comments on specific products or testing and certification to CPSC's eFiling support email inbox: eFilingSupport@cpsc.gov.

Comment 29: Several commenters (BV (92), TA (97), AAFA (111), RILA (114, 126), and EAA (131)) state that the requirement to utilize CBP's Disclaimer Message Set for non-regulated products within CPSC's jurisdiction and for products that are regulated, but do not require certification results in “proving a negative.” Commenters claim that this adds workload to industry, because industry does not track when a product does not need a certificate. AAFA (111) claims that this requirement reverses CPSC's 2016 enforcement discretion for adult wearing apparel. NCBFAA (122) disagrees with the requirement of Intended Use Codes for Disclaimer Message Sets, because this differs from other PGAs and brokers would need to track down these codes for shipments not subject to CPSC, which would be time-consuming and costly. EAA (131) states that the disclaim process would negative impact operators that clear de minimis shipments off the manifest and add unnecessary costs in the supply chain.

Response 29: As explained in section V.F of this preamble, as a matter of policy and to reduce burden, CPSC will not require a Disclaimer Message Set for products that do not require a certificate. This includes cases where (1) the product is not within CPSC's jurisdiction; (2) the product or substance is within CPSC's jurisdiction, but no rule, ban, standard, or regulation requiring a certificate applies; (3) the product is a component of a consumer product or substance that is not intended for sale to consumers, but rather for further assembly or manufacturing in the United States; and (4) the product is subject to enforcement discretion and no certificate is required. While importers do not need to submit a Disclaimer Message Set in these situations, they are encouraged to do so because the additional information provided to CPSC will inform the staff as to why a certificate does not accompany the product. Likewise, Intended Use Codes are also optional, but encouraged. Additional guidance on Disclaimer Message Sets and Intended Use Codes is available at https://cpsc.gov/​eFiling-Document-Library.

Comment 30: The CTA (103) and the ITI (98) urge CPSC to exclude products covered by 16 CFR part 1263 (Reese's Law) from the proposed eFiling requirements. They state that the requirement to file a Disclaimer Message Set, coupled with CPSC's new regulations for button cell and coin batteries, would place an unnecessary burden on manufacturers, importers, and CBP. The CTA (103) and ITI (98) express concern that the number of electronic products that do not contain button cell or coin batteries, such as desktop and laptop computers, printers, watches, wireless headphones, calculators, games, and lights, would be captured by broad HTS codes and then require a Disclaimer Message Set. The CTA (103) states that this will result in unnecessary shipment holds and delays, increasing costs for consumers, which would work against the country's efforts to fight inflation. The ITI (98) states that any HTS code changes requested by CPSC should have a 12-months' advance notice.

Comverex (117), however, does not support an exclusion and argues that while the number of associated Disclaimer Message Sets for products with button cell and coin batteries could be large, the Citation Code and Intended Use Code data set is small. Comverex states that, in particular, Reese's Law would include some filers that have no product requiring certificates to disclaim. Comverex asserts that regardless of the software platform, importers can readily identify all products that contain these batteries, which they must now do by law, and as a result identify all products that do not. Comverex believes that for retailers, the ability to know may be a challenge; however, they can utilize their lab testing partners to identify products that contain button cell batteries, and by default which products do not, and update their internal product data accordingly. Comverex states that for large retailers, APIs could be readily developed to eliminate corresponding data entry.

Response 30: As stated in response to comment 29, as a matter of policy and to reduce burden, the Final Rule does not require filing Disclaimer Message Sets not only for products outside of CPSC's jurisdiction, but also for products within CPSC's jurisdiction but not regulated, alleviating CTA (103) and ITI (98) concerns. Regarding products containing button cell or coin batteries subject to 16 CFR part 1263, at CPSC's request, the ITC created additional HTS codes to address these products. Though not required, CPSC encourages importers to file a Disclaimer Message Set when appropriate, to better inform CPSC as to why the product is not accompanied by certificate data.

Comment 31: BV (92) recommends adding a “disclaimer code” to the Product Registry, which will allow for the same information flow for all products, while reporting the needed details.

Response 31: The Final Rule does not require a Disclaimer Message Set. Accordingly, CPSC does not intend to build a “disclaimer code” feature in the Product Registry. At this time, the Product Registry is intended to store certificate data for regulated products, and not to store data associated with products that do not require a certificate.

Comment 32: Many commenters (RILA (114), AFSL (94), AAFA (111), TSC (86), NFA (95), APA (101), FOA (102), APE (105), and WFI (107)) state that the additional manual certification in the Product Registry is a redundant requirement and an unnecessary burden when using API or a CSV template to upload data in bulk. Commenters contend that manual certification requires an individual to go back into the Product Registry and manually certify each certificate with no additional consumer protection.

RILA (114) recommends three alternatives to manual certification in the Product Registry: (1) requiring users to attest that the certificate data is true and correct upon initial access of the Product Registry; (2) requiring users to attest to the certificate data upon each instance of accessing the Product Registry; or (3) requiring importers to periodically (annually or biannually) attest to the certificate data upon login. The ASFL (94) similarly recommends requiring users to review and accept terms each time the company logs into the Product Registry.

Comverex (88) recommends that the attestation requirement be satisfied when a user's software enters certificate data into the Product Registry via an API, because their platform already confirms attestation by their clients regarding the data accuracy requirements of proposed § 1110.11(a)(10).

Finally, several commenters (AFSL (94), TA (97), JPMA (99)) state that additional manual certification is legally unnecessary, because § 1110.15 clearly states the legal responsibility of the certifier and § 1110.11 already requires identification of the certifier and attestation to the truth and accuracy of the information provided. Commenters argue that the Commission is amply protected and has more than adequate ability to enforce against a company with the authorities of 15 U.S.C. 2068(a)(13), 19 U.S.C. 1592, and 18 U.S.C. 1001. Lastly, the AFSL (94) writes that the Commission has not supported the need for additional ( print page 1815) manual certification by identifying an entity that purposely misstated information on a certificate and CPSC acknowledged multiple existing possible enforcement actions.

Response 32: We agree with the commenters. As explained in section V.F of this preamble, CPSC will automate attestations for bulk certificate upload into the Product Registry via API or the CSV template and will not require individual attestation of certificates. Such attestation options will reduce the burden for industry, while also confirming for CPSC that importers are knowledgeable about the certificate information filed. Bulk attestation options will only apply to users with certification permissions. If certificate data is entered into the Product Registry by a user without certification permissions, such as by a third-party user, then a Business Account Administrator will have to manually certify the certificates, although groups of certificates can be certified at one time. Additionally, consistent with the SNPR, § 1110.15 of the Final Rule clarifies the legal responsibility for finished product certifiers, stating that finished product certifiers can rely on the testing or certification of other parties pursuant to part 1109, but remain legally responsible for the information on a finished product certificate, including its validity, accuracy, completeness, and availability.

Comment 33: The PPAI (119) asks which entity is to attest to each certificate.

Response 33: The attestation required in § 1110.11(a)(7) must be made by the entity responsible for product certification identified in § 1110.7, the defined “finished product certifier.” In the Product Registry, the finished product certifier is owner of the Business Account, meaning the importer, that must certify/attest that the information in the certificate is true and accurate. Trade partners entering data on behalf of an importer must also attest to the veracity of the information. Even when an importer allows another party to enter data, or to certify products in the Product Registry, the importer remains accountable for the information on a certificate.

H. Section 1110.13 Certificate Availability

Comment 34: Several commenters (Alta (93), JPMA (99), Boppy (109), Newell (110), and NAM (113)) oppose changes to § 1110.13 regarding the availability of certificates, arguing that the current “upon request” system is sufficient and that CPSC did not show that it is insufficient to justify the eFiling system. JPMA (99) argues that the current system reflects the legislative intent of Congress in enacting the CPSA. NAM (113) further argues that the “upon request” requirement in the CPSA is distinct from a “eFiling” requirement for certificates.

Response 34: As explained in detail in the 2013 NPR, the SNPR, and in section V.G of this preamble, sections 14(g)(3) and 14(g)(4) of the CPSA provide CPSC the authority to require eFiling of certificates for imported consumer products. Certificates that are collected on an ad hoc basis, either as a hard-copy or a PDF copy via email or uploaded via the ACE Document Image System (DIS), are not in a data-usable format that can be processed into CPSC's RAM and risk scored. To implement section 14(g)(4) of the CPSA, § 1110.13 of the Final Rule requires the eFiling of all certificates for regulated, imported finished products, including CPCs and GCCs, at the time of filing entry or entry summary, if both entry and entry summary are filed together. CPSC intends to use certificate data to risk score shipments and enforce its statutes and regulations. An eFiled certificate would meet the “accompany” requirement in section 14(g)(3) of the CPSA and the requirement in § 1110.13(a).

Comment 35: The AAFA (111) disagrees with the SNPR's proposal that each certificate must describe a single product, because in the apparel and footwear industry, one unique identifier is used for a single style that may have many variations that do not affect the overall certification. AAFA argues that no regulatory goal is served by requiring that each certificate describe a single product.

Response 35: CPSC proposed in the SNPR that each certificate describe a single product to improve CPSC's enforcement efforts. If a potential violation were found, then CPSC could take action against that one product. If multiple products appear on one certificate, this may disrupt importation of compliant products that appear on the same certificate as a potentially non-compliant product.

However, regarding apparel and footwear, CPSC clarified in response to comment 53 in the SNPR that multiple models of apparel and footwear that were composite tested together are considered one product for certificate purposes. Therefore, apparel model variations that do not affect certification can appear on one certificate as long as there is no material change, which is defined in 16 CFR 1107.2 as “any change in the product's design, manufacturing process, or sourcing of component parts that a manufacturer exercising due care knows, or should know, could affect the product's ability to comply with the applicable rules, bans, standards, or regulations.”

Comment 36: Two commenters (TA (97) and PPAI (119)) argue that CPSC is doubling the certificate burden by supposedly requiring certificate data to be entered in the Product Registry in one format while requiring certificates be provided to CPSC and furnished to distributors and retailers in another format such as PDF. This would require importers to maintain two parallel sets of effectively identical certificate data. And if manufacturers certify, instead of importers (as proposed by the TA (97)), then manufacturers would have to maintain a third set of certificate data containing the reference identifier to be submitted via ACE.

Response 36: Importers using the Product Registry can download certificates in a PDF format, which can then be furnished to retailers and distributors. Users can also download certificate data in a CSV file, where each row of the spreadsheet is a certificate, which can be furnished to retailers and distributors. This functionality of the Product Registry will eliminate any alleged need for importers to maintain parallel sets of data. Moreover, while manufacturers can enter certificate data into the Product Registry and certify on behalf of an importer, the importer is legally responsible for the certificate data for products they import and must follow the requirements in part 1109, meaning they should exercise due care in reliance on a manufacturer's testing and certification, as required in part 1109.

Comment 37: The PPAI (119) states the SNPR will create a troublesome administrative burden for firms, by increasing the number of certificates, housing the certificates in internal systems, and integrating the certificates with companies' existing shipping software. Requirements of the SNPR will be especially challenging when “kitting” or “bundling” multiple products into one product, such as a gift basket, because each product in the “kitted” box would require a unique certificate. Comverex (89) states concerns about the potential for dozens of applicable test reports from various CPSC-accredited labs for “kitted” children's products and requests confirmation from CPSC that the Product Registry, and the corresponding API, will support this type of data volume.

Response 37: Like the SNPR, the Final Rule does not add any new certification requirements to products that ( print page 1816) previously did not require a certificate. Therefore, the number of certificates an importer must issue and associated records remain the same. And, as it is today, importers may provide one certificate for “kitted” or “bundled” products, covering all individual products, or provide multiple certificates for the product, where each certificate covers an individual product in the “kit” or “bundle.” Furthermore, CPSC is not dictating that importers integrate certificates with existing shipping software. CPSC is providing the Product Registry to make management of certificates and certificate data more efficient for any importer. Certificate data entered into the Product Registry can contain multiple citations and testing laboratories. Therefore, CPSC designed the Product Registry to accommodate the volume of data for “kitted” and “bundled” products.

Comment 38: RILA (114) asks for clarity regarding “up to 24 hours before arrival” and recommends that CPSC clarify that certificate information can be transmitted in a timeframe prior to arrival consistent with CBP's regulations and as late as 24 hours prior to arrival.

Response 38: CPSC interprets “up to 24 hours before arrival” to mean as late as 24 hours prior to arrival, in agreement with the commenter. This means that the PGA Message Set must be filed with the entry or entry summary, if both are filed together, as late as 24 hours prior to arrival.

Comment 39: RILA (114) and AAFA (111) recommend a 48-hour response time to provide additional documentation to align with existing programs using PGA Message Sets. Furthermore, RILA (114) and AAFA (111) question what additional information a paper or electronic certificate could provide, because all the information should be provided via eFiling.

Response 39: CPSC retains a 24-hour response time for additional documentation. The Commission interprets the word “immediately” consistent with other CPSC rules, to mean “within 24 hours.” 78 FR 28080; 28089; 88 FR 85760, 85782. Therefore, CPSC disagrees with extending the response time to 48 hours. Because eFiled certificates replace paper certificates for imported products, CPSC would typically only request supporting documents, such as test reports, from an importer to verify the data on an eFiled certificate. However, CPSC could ask for either a paper certificate or test reports to validate the information on the certificate, or when the required certificate is not eFiled. CPSC and CBP retain the right to request a certificate, but agree that if a certificate is eFiled, the need for an additional certificate is unlikely.

I. Section 1110.15 Legal Responsibility for Certificate Information

Comment 40: JPMA (99) supports the proposed § 1110.15 that another entity may maintain an electronic certificate platform on behalf of the certifier.

Response 40: The Final Rule retains this provision.

J. Section 1110.17 Recordkeeping Requirements

Comment 41: The JPMA (99) writes that the proposed § 1110.17 maintains the recordkeeping requirement from the 2013 NPR. CPCs already have a five-year record retention period.

Response 41: Pursuant to 16 CFR part 1107, CPCs and supporting records already have a five-year record retention period. The Final Rule retains the proposal that GCC's and supporting records also be maintained for five years. We note that for imported products, a five-year record retention period is consistent with CBP's recordkeeping requirement.

K. Special Use Case: De Minimis and International Mail Shipments

Comment 42: Two commenters (TA (97) and NAM (113)) request that CPSC revise the scope of the proposed rule to explicitly exclude any noncommercial consumer import of products into the United States, whether or not for personal use or enjoyment, and expressly state a lowered de minimis level. By not doing so, they assert that any gift sent as a mail shipment from outside the United States would require a certificate, imposing a burden on a consumer sending the product. Furthermore, the commenters claim that CPSC would have no way of determining non-conformance to the eFiling requirement for international mail shipments that may arrive before CPSC could review them, resulting in an increased burden to the United States Postal Service (USPS) and penalizing those entities who do comply. Furthermore, the NCBFAA (122) states that importers of de minimis shipments are unlikely to be able to manage the Product Registry process and will rely on the Full Message Set, which they assert will be a costly and unrealistic undertaking for low-valued shipments. NCBFAA encourages CPSC to work with the trade industry to overcome these challenges.

Response 42: The CPSA does not provide a de minimis exemption for certificates. eFiling requirements apply to regulated finished products, regardless of value. Importers of regulated finished products requiring a certificate that are eligible for the de minimis duty exemption under 19 U.S.C. 1321(a)(2)(C) must use ET 86 to file CPSC's Message Set at entry. However, the Final Rule does not require eFiling of a certificate for noncommercial products sent from one consumer overseas to another consumer in the United States, such as a gift. CPSC agrees that the consumer sending the shipment will not have the ability to obtain the certificate. Brokers or carriers facilitating these shipments may, but are not required to, file a Disclaimer Message Set, based on the guidance provided by CPSC, to inform CPSC that the shipment does not require a certificate. For non-gift shipments sent via international mail, the sender will need to file a certificate into the Product Registry before the shipment arrives in the United States. Lastly, CPSC is committed to working with the trade industry, including those who primarily import de minimis shipments. CPSC continues to develop improvements to the Product Registry to make entering data for mail shipments more efficient.

Comment 43: PeopleForBikes (112) supports the expanded definition of “importer” that clarifies that, in the case of a direct-to-consumer shipment, the importer is responsible for certification and not the end consumer. The commenter states that too many low-quality and inadequately tested products, such as lithium-ion batteries, are currently being imported into the United States under the de minimis exemption, creating unreasonable and unacceptable safety risks for consumers.

Response 43: CPSC agrees with the commenter but notes that lithium-ion batteries used in micromobility products are not subject to a CPSC mandatory safety rule at this time. However, the definition of “importer” in the Final Rule will impose the eFiling requirement for CPSC regulated finished products on the importer, as defined in the rule, even for de minimis shipments. For de minimis shipments, the importer for purposes of CPSC's certificate requirements is a party eligible to make entry for the finished products pursuant to CBP statutes and regulations, who may be an owner, purchaser, consignee, or authorized customs broker. Also, because a consumer could fall within the definition of purchaser or consignee, the definition of “importer” continues to state that for the purposes of this rule, CPSC will not typically consider an end consumer purchasing or receiving products for personal use or enjoyment ( print page 1817) to be the importer responsible for certification.

L. Special Use Case: Foreign Trade Zones (FTZs)

Comment 44: Three commenters (RILA (114), NAFTZ (96, 121, 127), and IKEA (123, 130)) state importers who import products via an FTZ will need additional time to build out infrastructure and troubleshoot issues prior to implementation. RILA (114) states that the FTZs' “first in first out” (FIFO) method can only attach the latest certificate that is associated with an article/supplier combination and not the specific certificate at an actual inventory layer level. The NAFTZ (96, 121, 127) and IKEA (123) state that the FIFO method (including the FTZ Inventory and Recordkeeping System) uses a Unique Identifier (UIN) for virtual inventory and has no relationship to the compliance data being reported. RILA (114) claims that CPSC conflates the use of FIFO as accounting methodology and virtual inventory practice. The commenters claim that FTZ importers will require significant changes to their current software to comply with the SNPR.

IKEA (123) further states that the requirement to file certificates at entry summary is not compatible with FTZ procedures, because those goods would have already been shipped to stores and possibly sold, negating CPSC's ability to place the goods on hold. IKEA (123) adds that the eFiling requirement undermines Congress's intent of FTZs and many global companies may be forced to stop using FTZs for CPSC regulated products, resulting in millions of dollars of costs and increased prices for consumers. IKEA states that CPSC is preventing companies from storing non-compliant goods inside an FTZ in order to bring them into compliance. IKEA (123) encourages CPSC to work with the CBP Border Interagency Executive Council (BIEC) to build a single window concept inclusive of FTZs and provide a transition period of 24 months to implement eFiling for FTZ products.

The NAFTZ (96 & 121) proposes three alternatives for goods imported via an FTZ: (1) CPSC accepts the data elements associated with the latest certificate of the UIN associated with the weekly entry summary Customs Form 7501; (2) specifically for manufacturing/production in FTZs, allow the importer to register the certificate with a location for exam at the time of manufacture and use a Disclaimer Message Set on entry type 06; (3) delay eFiling requirement for FTZs until CBP has the capability to accept the certificate on the FTZ admission (CBP Form E214), which is the only opportunity to match a certificate with the physical items.

Response 44: The Final Rule retains the proposal in the SNPR that FTZ importers must provide the actual certificate for the shipment but provides a 24-month effective date for entries for consumption or warehousing from an FTZ. Section 14(g)(3) of the CPSA states that “every certificate required under this section shall accompany the applicable product or shipment of products covered by the same certificate.” Therefore, FTZ importers should already be tracking the actual certificate of the product and providing those certificates upon request to CPSC. For eFiling to fulfill its purpose, CPSC requires the actual certificate data so that the agency can effectively use such data for targeting in CPSC's RAM.

IKEA (123) is incorrect that the certificate must be filed with entry summary. The Final Rule requires eFiling certificates for imported consumer products with CBP at the time of filing the CBP entry, or the time of filing the entry and entry summary, if both are filed together. Moreover, nothing in the Final Rule prevents a company from admitting non-compliant goods into an FTZ for the purpose of bringing those goods into compliance. Finished product certificates are only required when entering goods for consumption or warehousing into United States customs territory from an FTZ. Moreover, regarding IKEA's observation that products entered from an FTZ might already be sold, all entered merchandise that is released from CBP custody is released conditionally, meaning that CBP has 30 days in which to demand redelivery if an applicable requirement, including a PGA Message Set requirement, has not been satisfied.

Of the three options for FTZ imports suggested by the NAFTZ (96 & 121), the third option appears to present the best solution. The first option is not compliant with section 14(g)(3) of the CPSA, which requires the actual certificate to accompany the shipment. The second option does not allow for effective risk assessment and targeting. CPSC's RAM needs the data input from the certificate for risk assessment of the entry. A Disclaimer Message Set for entry type 06 would inform CPSC that a certificate was entered in the Product Registry, but CPSC would not be able to match a certificate to the entry and could not use the data for automated risk assessment.

The third option suggested by the NAFTZ, to delay eFiling for FTZ imports until CBP has the capability to accept certificates for FTZ admissions, may present a solution, because eFiling of certificates on the CBP Form 214 at the time of admission, which is before entry, meets the requirement of section 14(g)(4), “the electronic filing of certificates [. . .] up to 24 hours before arrival of an imported product.” Accordingly, the Final Rule provides a 24-month effective date for consumer products imported into an FTZ and subsequently entered for consumption or warehousing. CPSC understands that the primary delay for eFiling associated with entries from an FTZ is related to software solutions. Based on CPSC's experience with eFiling for all other entry types, technical solutions involving software are feasible. Accordingly, this longer effective date provides a significant amount of time for CPSC, CBP, and industry to identify technical solutions and develop the necessary software to bring entries from an FTZ into compliance with the Final Rule, as further explained in section VI of this preamble.

M. Technical, Information Security, Enforcement

Comment 45: JPMA (99) claims that CPSC is creating its own unique “ACE-independent” system different from an integrated system with CBP and asserts that an “eFiled certificate” should align with an electronic certificate that is submitted via ACE. JPMA (99) argues that the Commission should not substitute its requirements for those of the Commissioner of Customs and nullify the requirement that certificates be available “upon request” by CPSC and CBP.

Response 45: CPSC is not creating a unique “ACE-independent” system. CBP developed the PGA Message Set specifically to implement the “single window” for collecting all trade-related data required by partner government agencies. At least 13 other PGAs have already worked with CBP to implement their own Message Sets and CPSC continues to work with CBP to implement eFiling.^[30] CPSC has been developing its Message Set alongside CBP, during the Alpha Pilot, Beta Pilot, the expanded Beta Pilot, and in preparation for this Final Rule.

CPSC also is not substituting its PGA requirements for those of the Commissioner of Customs. CPSC consulted CBP at every stage of rulemaking, as required by section 14, and conducted pilots in collaboration with CBP. The Product Registry is an optional database for managing ( print page 1818) certificate data that supplements the PGA Message Set. Stakeholders asked for a Product Registry in 2013 after publication of the NPR. CPSC has spent the last 11 years working with CBP and industry to develop an eFiling solution consistent with CBP systems and procedures and less burdensome for the trade.

Comment 46: Galaxy (90) asks whether their company will be required to acquire new software to send the GCC information to their broker.

Response 46: The Final Rule does not require businesses to change software. Some businesses will choose to use the Product Registry to enter certificate data, and then provide a certificate reference number to their broker upon importation of regulated consumer products, while larger companies with more complicated import procedures will likely choose to update their software to automate data transfer. Accordingly, each importer should decide with their broker whether to use the Full Message Set or the Reference Message Set when filing certificate data with an entry, and whether providing this information would be more efficient with new software to send certificate information to their broker.

Comment 47: Hansen (115) states that most testing of bicycles takes place in Asia and asks whether foreign testing laboratories will be given access to the Product Registry or ACE to upload data.

Response 47: The Product Registry is based on Business Accounts created by the importer, who may invite any third party (including foreign testing laboratories) to enter certificate data into the Product Registry on their behalf. Therefore, testing laboratories can have access to upload data into the Product Registry if invited by an importer. Testing laboratories will not enter data into ACE on behalf of importers.

Comment 48: ITI (125) remarks that the import-centric registration methodology in the Product Registry will create a “logistics nightmare” for U.S. companies that use information and communications technology (ICT) equipment and finds the functioning of the tool unclear. ITI (125) asks whether a broker that is importing another manufacturer's laptop for business use or independent sale would be able to freely search the Product Registry or would have to be granted viewing rights.

Response 48: The Product Registry functions on Business Accounts created by the importer, who could invite other users from trade parties, such as brokers, to collaborate. The Product Registry is not publicly searchable; an importer would need to grant permission to other users to view a data collection. The importer is responsible for providing certificate identifiers to a broker for Reference Message Sets associated with every imported shipment. CPSC's website contains a Product Registry Guide, along with other important background materials on eFiling, at https://www.cpsc.gov/​eFiling-Document-Library.

Comment 49: The TA (97) asserts that CPSC should ensure that the Product Registry and all data systems used in support of the rule maintain an appropriate level of data security. The TA states that only a few entities have accessed the Product Registry and these programs do not reflect the complex scenarios that will occur when the program is fully rolled out. The TA (97) also states that CPSC did not adequately respond in the SNPR regarding the security of the Product Registry, when CPSC wrote that it does not prohibit “password protection for certificates furnished to retailers and distributors.”

Response 49: The Product Registry uses a range of data security techniques and best practices to protect user and business information. Some notable security features include:

• All eFiled certificate data is encrypted at rest (encrypted storage) and in flight (Secure Sockets Layer and other secure protocols).
• Authentication to the Product Registry is handled by a web access management platform that requires verified ownership of a valid email address, which includes standard intruder detection and account recovery protocols.
• The Product Registry utilizes a token-based authorization scheme and access controls for accounts and roles. These determine level-of-access permissions for application components and for individual data requests.
• Data is segregated by Business Account and by Product Collections. Only users authorized by the Business Account Administrators can access the collection-specific data.

Comment 50: The TA (97) notes that CPSC does not address in the SNPR how the risk score is compiled, maintained, and notified, and requests more information on the framework to allow for review, understanding, and comment. The AFSL (94) writes that confidentiality about the factors that the CPSC uses to target shipments for examination is counterproductive. The ASFL argues that if CPSC publicizes and demonstrates that consistent compliance with certification and other requirements yields fewer examinations and detentions, this will better meet the Commission's mission of a more compliant marketplace. Similarly, RILA (114) and NCBFAA (122) recommend CPSC develop a trusted trader program, such as the CBP/CPSC Importer Self-Assessment Product Safety Pilot (ISA-PS) program, so trusted partners are not unduly targeted and could be exempted from eFiling, and so that CPSC resources can be directed to higher risk shipments.

Response 50: The RAM risk scores shipments using a logarithmic model based on data received from sources including the entry document and, once fully implemented, from the PGA Message Set. CPSC does not share how the risk score is calculated or the risk score itself. This information is for official use only, because it is directly related to CPSC's targeting and enforcement. CPSC disagrees that confidential treatment of this information is counterproductive, because its publication could allow nefarious actors to avoid compliance with CPSC regulations.

Importers should consistently file accurate certificate data to avoid unnecessary examination holds for compliant products. With use of the certificate data, CPSC can improve its targeting models to more effectively target shipments with potentially significant violations. CPSC will be able to review the certificate data prior to shipment arrival, instead of needing to place a shipment on hold to examine it for an administrative violation. Certificate data will be one aspect of risk scoring. Staff anticipate that importers who consistently provide compliant certificate data will see a reduction in their risk scores, which may result in fewer holds for exams, fewer warehouse charges, and a greater facilitation of trade. At the moment, CPSC is not developing a trusted-trader program, because compliant importers may experience benefits, such as lower risk scores, from filing compliant certificate data.

Comment 51: The AFSL (94) states that the conclusion of the Certificate Study aligns with AFSL's own research, conclusions, development of voluntary standards, and testing. The AFSL (94) strongly supports the eFiling program and the CPSC's RAM program and strongly encourages CPSC to focus its enforcement activities more specifically and aggressively on those companies with a history of non-compliance or on those companies without an established history of providing a certificate within 24 hours of a CPSC request. ASFL argues that established and proven testing and certification programs should be considered as a “mitigating factor” in a company's RAM risk profile. ( print page 1819)

Response 51: CPSC will use results from the Certificate Study and Beta Pilot to improve its risk scoring in the RAM and to more effectively target non-compliant importers. Certificate data will be one aspect of risk scoring. Staff anticipate that companies and organizations with established and proven testing and certification programs will benefit from lowered risk scores by consistently providing compliant certificate data.

Comment 52: The AAFA (114) and RILA (126) request that CPSC clarify whether eFiled certificate data will be a condition of admissibility or whether errors will cause shipment delays. The commenters state that if eFiling errors will cause delay, this could dramatically disrupt the free movement of trade and increase burden on importers.

Response 52: The lack of a required eFiled certificate, or the presence of a false or misleading certificate, will affect a shipment's risk score, resulting in a higher likelihood of the shipment being held for an exam. CPSC has the authority to refuse admission of products that are not accompanied by a certificate or are accompanied by a false or misleading certificate. 15 U.S.C. 2066(a)(2). As a matter of enforcement discretion, at least in the initial stages of eFiling, CPSC in general does not intend to request that CBP deny entry of products into the United States solely based on a failure to provide eFiled certificate data; however, CPSC fully intends to enforce eFiling requirements by taking enforcement action, such as requesting that CBP initiate seizure of noncompliant products.

N. Costs, Burdens, the Regulatory Flexibility Act (RFA) and Paperwork Reduction Act (PRA)

Comment 53: Commenters TA (97), JPMA (99), Boppy (109), and NAM (113) express concerns about the cost of technology needed to implement the Final Rule, including costs to update technology, programing to the PGA Message Sets, and setting up API connections.

Response 53: Commenters are concerned about costs, but they do not offer estimates of what the technological costs would be. CPSC built the Product Registry to reduce costs for importers, who are not required to update software to eFile certificates. The SNPR estimated that a portion of mainly larger firms may opt to use API integration with the Product Registry for their data systems and the Initial Regulatory Flexibility Act Analysis (IRFA) provided an estimate of building such a system as $9,750 plus $2,880 in annual maintenance. CPSC also queried software developers, who plan to develop an API integration with the Product Registry, which would be covered through broker fees. Larger importers may still choose to build and maintain an API integration to interface with the Product Registry. This is, however, not a requirement, as the Product Registry enables users to upload a single certificate at a time and multiple certificates via a bulk upload. Additionally, the Final Regulatory Flexibility Analysis (FRFA) in section VII of this preamble presents an analysis of startup costs—the initial labor and technology investments small firms need to make to prepare for eFiling—that estimates an average cost per firm of $1,086 or an equivalent burden of 20 hours, which CPSC deems as non-significant for the typical small firm. The Commission solicited comments on the number of firms that may choose to invest in new technology due to the SNPR and estimates of the size of those investments, but responses offered no specific data. As such, CPSC retains its estimates of technology investments per firm.

Comment 54: Commenters Alta (93), AFSL (94), Boppy (109), and PPAI (119) allege increased costs associated with additional staff. Boppy (109) states an additional $150,000 in costs for technology, staff training, fees, and manually filing certificates, but offers no itemization of these costs.

Response 54: Without a breakdown of the costs, CPSC cannot offer a more specific response. However, CPSC estimates that importers will bear the burden for the staff hours comprising certificate creation, disclosure, and recordkeeping, which are already required by statute and regulation. Importers would also bear the burden of staff time for entering and transmitting certificate data to their brokers. CPSC estimates that the average eFiling-related activity, including entering every type of message set and the bulk upload of certificates to the Product Registry, will take 0.37 minutes (22 seconds) per filing, on average. CPSC estimates that importers will conduct 57.5 million total filings annually.^[31]

We concur that the overall burden to importers can be considered significant if presented in the aggregate, for two main reasons: first, the large number of filings; and second, the potentially elevated one-time start up investments in technology, organizational changes, and staff training. However, individual importers will only bear the burden for the certificates they file. On average, an importer will conduct 217 certificate filings per year, which will take about 1.34 hours to enter and transfer (217 × 22 seconds/3,600 seconds = 1.34 hours).^[32] At an hourly rate of $33.12 for office and admin wages, this represents a cost of $44.29 per year per importer in staff hourly burden. Additional startup investments are not an annual cost, but an investment that will last for many years. After annualizing this one-time investment, CPSC expects the average firm to incur out of pocket cost that represents a non-significant share of the annual revenue of a typical firm.

Comment 55: Commenters Alta (93), JPMA (99), Boppy (109), and PPAI (119) state that the burden of additional staff, technology, and broker charges would impact small importers. JPMA (99) states that the number of responses in the IRFA would be many times greater, while Alta (93) states that increased cost from using customs brokers would cause undue financial hardship for small firms.

Response 55: Since 2008, testing and certification of products regulated by CPSC has been required under section 14 of the CPSA. The CPSA does not exclude small businesses from certification requirements. New requirements in the Final Rule include extended recordkeeping for GCCs and eFiling certificates for imported, regulated products, which CPSC estimated in the 2023 SNPR, and has updated in section VII of this Final Rule preamble. The Commission's SNPR analysis provided an estimate of the number of responses that result from a detailed list of data-driven assumptions. Without additional information from the commenters showing the inaccuracy of the assumptions used, CPSC cannot produce a different estimate of the number of responses.

The FRFA in section VII of this preamble shows that the impact on small firms may not be as large as indicated by the commenter; instead, the cost impact is not significant because it is well below one percent of the revenue of a typical small firm and represents a fraction of one percent of the average value of shipments imported that require eFiled certificates.

Comment 56: The Commission requested in the SNPR that firms comment on filing fees that importers may bear from eFiling certificates with CBP using the Full or Reference PGA Message Set. JPMA (99), Boppy (109), ( print page 1820) and NAM (113) express concern that eFiling certificates would require additional filing fees. Only JPMA (99) provides estimates of filing fees, asserting that a small manufacturer would have to pay $75,000 in filing fees, but did not indicate the number of message sets that the small business would file annually. JPMA (99) also wrote that CPSC did not adequately model the cost of using third-party service providers or customs brokers to comply with the rule.

Response 56: CPSC does not expect to charge filing fees for use of the Product Registry. Brokers typically charge a fee per entry or per entry line that is filed, and each entry line may contain one or more product certificates. Staff contacted less than 10 brokers involved in the Beta Pilot and inquired about fees that brokers would charge for eFiling. Most brokers charge a maximum fee per entry which reduces the filing fees per certificate for firms that file multiple certificates per entry. We assume that most firms would choose to file as many product certificates as possible per entry, and this action will significantly lower the cost per individual product certificate filed. CSPC estimates that the average fee per filing under these conditions will be $0.77.

CPSC does not know how many message sets the small manufacturer mentioned by JPMA (99) would file to reach the estimated filing fees, but on average, the filing volume of most small importers would comprise a relatively small number of Full and Reference Message Sets in total. CPSC's analysis assumes that small importers would file 10 percent of the responses ( i.e. message set filings) the average importer files. Additionally, CPSC expects that the impact of filing fees as a percentage of the overall value of the shipment will be very small. Thus, CPSC expects that filing fees will not create a significant burden on the average small importer.

Comment 57: Commenters TA (97) and Boppy (109) state that CPSC underestimates the burden of startup staff training required to implement the rule. For example, TA (97) urges that CPSC reassess the estimated cost burden for implementation of the eFiling Product Registry, to include an accurate representative set of values that properly reflects the cost to implement eFiling to manufacturers, retailers, distributors and other entities who fall within the scope of part 1110.

Response 57: CPSC conducted a Beta Pilot between October 2023 and June 2024. Staff observed startup hours for participation in the eFiling Beta Pilot and the initial organization required to eFile. Staff observed a median startup time of about 60 staff hours per importer. While observing variability in startup times across participants, CPSC expects that as more importers and third-party service providers become adept in the eFiling process, the startup hours for remaining importers will decrease over time. CPSC expects a similar experience for firms that did not participate in the pilot but are required to eFile. CPSC notes the startup burden is a one-time investment that would allow importers to conduct eFiling operations for many years. To produce a more accurate accounting of costs, CPSC annualizes the startup burden over the useful life of the investments. Additionally, the Final Rule has an effective date of 18 months for most imported products (and 24 months for products entered for consumption or warehousing from an FTZ), a period over which the burden will be effectively spread. CPSC also expects that improvements derived from process learning will reduce the cost per firm over this period.

Comment 58: Two commenters, Alta (93) and NAM (113), suggest that CPSC underestimates the eFiling burden for each importation. NAM (113) states that a 20-second burden per Reference Message Set and a 1-minute burden per Full Message Set is not realistic given the large number of certifications for every product.

Response 58: Staff revised eFiling burden estimates, in part based on information from Beta Pilot participants. The revised estimate is 15.3 seconds per Reference Message Set and 4.75 minutes per Full Reference Message Set. Reference Message Sets are simplified messages (primarily composed of a Unique ID) that link products being imported to certificate data already uploaded into CPSC's Product Registry. The eFiling estimate is based on the time it takes to enter and transmit a Reference Message Set, applying a learning curve to data provided by Beta Pilot participants. This learning curve enables staff to assess the impact of learning efficiencies in processing times. Sections . and VIII of this preamble contain additional detail on the revised eFiling burden analysis for the Final Rule. Staff's analysis applies a similar learning curve to Full Message Sets, which results in a higher processing time of 4.75 minutes per message (increased from one minute in the SNPR), which is consistent with NAM's (113) assessment.

Comment 59: Hansen (115) states that CPSC underestimated the burden of putting certificate data into the Product Registry using a CSV spreadsheet, citing an example of bike distributors that carry tens of thousands of bicycle parts.

Response 59: As stated in response to comment 6, the bicycle standard is a finished product standard that does not regulate individual parts of bikes sold separately. However, other CPSC regulations, such as limits on lead content, lead in paint, and small parts, could apply to children's bikes and parts of children's bikes sold separately. Certificates can be entered in bulk into the Product Registry via a CSV spreadsheet. During the Beta Pilot, importers demonstrated that they could enter numerous certificates into the Product Registry using the CSV spreadsheet, resulting in uploads of a fraction of a second per certificate. Staff conservatively estimate that it takes 8.7 seconds per certificate to upload multi-certificate data into the Product Registry.

Comment 60: JPMA (99) states that no statistically validated record exists to justify the burden assumptions for filing Message Sets. The commenter states that the assumptions are not realistic. JPMA (99) also writes that one small-business member advised that they would accrue an extra $30,000 for document preparation and $40,000 for document prep full headcount at factory.

Response 60: The Commission's economic analysis is based on available information and states the basis for each assumption. Most recordkeeping in this information collection is mandated by sections 14(a) and 16(b) of the CPSA and within CPSC's regulations in part 1107, 1109, and the existing part 1110 rule. Typically, non-children's product regulations contain a three-year recordkeeping requirement; children's products require a 5-year record retention period pursuant to part 1107. The Final Rule increases record retention to five years for general use products, as proposed. Both the SNPR and the Final Rule address the additional two years of recordkeeping, as well as record keeping for additional data items. Note that for eFiled certificates, CBP already has a 5-year record retention requirement for import documentation.

Comment 61: Alta (93) states that the manual nature of submitting data entry into ACE could lead to human errors and delays. The commenter alleges that repeated filings of certificates via ACE would be complex, expensive, and labor-intensive for a business such as theirs with a small staff. The commenter also states that expensive automation and time-consuming processes would cause undue hardship to small businesses such as theirs. ( print page 1821)

Response 61: The Final Rule does not require repeated filing of the same certificate data into ACE. CPSC built the Product Registry at the request of importers to reduce repetitive data entry. Thus, importers have the option of loading certificate data into CPSC's Product Registry once before filing an entry, either manually or through batch uploads, and then filing a short PGA Reference Message Set that links to the certificate data in the Product Registry each time the product is imported thereafter. Using a Reference Message Set allows importers to reference the same certificate data multiple times, each time the product is imported. CPSC estimates that over 96 percent of importers will use the Product Registry and Reference Message Sets. Accordingly, using the Product Registry will simplify import filings, reduce costs, and reduce filing errors. In practice, most importers file entries and PGA Message Sets through a customs broker, who would only need to be supplied with the Unique ID for the Reference Message Set that links the imported product with certificate data in the Product Registry. Use of the Product Registry is free of charge. Importers may also use a Full Message Set that does require entering all certificate data for each regulated, imported consumer product. Importers that want to gain eFiling experience before the effective date of the Final Rule can participate in the expanded Beta Pilot, as discussed in section II of this preamble.

Comment 621: JPMA (99) states that that no “one size fits all” solution should be proposed and that CPSC should create a less burdensome integrated system with CBP.

Response 62: CPSC did not propose, nor is it testing, a one-size-fits-all approach. Importers have two options for eFiling certificates, a Full Message Set or a Reference PGA Message Set and use of the Product Registry. As described in the SNPR and in this Final Rule, CPSC has worked on eFiling solutions with CBP and with industry for over ten years. CPSC undertook creation of the Product Registry at the request of importers who specifically asked for an IT solution that would reduce burden, the need for duplicate data entry, and errors. The IT solutions for CPSC are now ready to be implemented. CPSC's solutions are integrated with CBP systems, and CBP has participated in the Alpha and Beta Pilots, and has been specifically consulted regarding the NPR, SNPR, and the Final Rule.

Comment 63: RILA (126) asserts that the burden estimate in the June 4, 2024, Federal Register notice (June 4 notice) regarding the expanded Beta Pilot test (89 FR 47922) does not account for the full time to support gathering and submitting data elements and only reflects the burden of gathering and submitting data for a limited quantity of products and their corresponding fillings. RILA states that their members' approximations of the burden hours per importer are nearly double or more of the Commission's estimates, depending on the overall size of the retailer and volume and variety of imported goods. RILA references two members that participated in the Beta Pilot; one estimated an annual burden of approximately 500 hours and another estimated an annual burden of 15,700 hours.

Response 63: One purpose of the eFiling Beta Pilot was to gain experience with the burden that importers may incur. CPSC gained useful information from the limited quantity of products and filings made during the Beta Pilot. Staff advise that the burden of gathering and submitting data elements during the Beta Pilot only reflects the burden for a limited quantity of products and corresponding filings; most participants did not choose to eFile certificates for all of their imported, regulated products. Additionally, staff observed significant variation in the burden expressed by Beta Pilot participants and in the number of certificates that participants filed.

For the Final Rule, CPSC provides revised burden estimates in sections VII and VIII of this preamble, in part using information learned from the Beta Pilot. This revised analysis demonstrates that the burden of the Final Rule is not large on a per importer basis. However, even if the burden of the Final Rule was much greater than the inputs used in the revised analysis, burden estimates per firm would still be non-significant.

O. Legal Comments

Comment 64: Boppy (109) alleges that the SNPR is unconstitutional, asserting that the manner in which the rule is being promulgated violates the U.S Constitution's Separation of Powers and Appointments Clause because the CPSC Commissioners' for-cause removal protections are unconstitutional. Boppy states that the Supreme Court has recognized only two limited exceptions to the President's otherwise “unrestricted” removal power: (1) an exception for inferior officers with limited duties and no policymaking or administrative authority, Seila Law v. CFPB, 140 S. Ct. 2183, 2199-2200 (2020), and (2) an exception for principal officers who do not exercise executive power, id. 2198-99 (discussing Humphrey's Executor v. United States, 295 U.S. 602 (1935)). Boppy argues that neither the inferior-officer exception nor the “ Humphrey's Executor exception” applies because CPSC's Commissioners are principal (not inferior) officers who exercise substantial, “quintessentially executive power [that was] not considered in Humphrey's Executor.” Seila Law, 140 S. Ct. at 2200.

Response 64: Federal Courts of Appeals have recently rejected the same Constitutional arguments made by Boppy. See Consumers' Rsch. v. CPSC, 91 F.4th 342 (5th Cir. 2024), petition for cert. filed, (Consumers' Rsch. v. Consumer Prod. Safety Comm'n, No. 23-1323 (petition for cert. denied Oct. 21, 2024)), and Leachco, Inc. v. CPSC, 103 F.4th 748 (10th Cir. 2024), petition for cert. filed, (Leachco, Inc. v. CPSC, No. 22-7060 (petition for cert. filed on Aug. 9, 2024)). Consistent with those decisions and the Supreme Court's holding in Humphrey's Executor v. United States, 295 U.S. 602 (1935), we reject Boppy's constitutional arguments.

Comment 65: The Toy Association (97) states that requiring each importer of a product, instead of the manufacturer, to submit a separate certificate, would be redundant and potentially a Technical Barrier to Trade (TBT) as defined by the World Trade Organization (WTO). The JPMA (99) argues that the eFiling requirement in the SNPR is arbitrary and needlessly burdensome, which may also be a TBT.

Response 65: The Final Rule does not constitute a technical barrier to trade. The purpose of section 14 of the CPSA, and part 1110, is to protect the health and safety of U.S. consumers from noncompliant consumer products. Article 2.2 of the TBT Agreement states that technical regulations “shall be no more trade-restrictive than necessary for the achievement of a legitimate objective, including . . . the protection of human health and safety.” Additionally, the preamble to the TBT Agreement recognizes that “no country should be prevented from taking measures necessary . . . for the protection of human, animal or plant life or health.”

CPSC's requirements are within the scope of the health and safety provisions of the TBT Agreement. The Toy Association and JPMA appear to ignore CPSC's long-standing and statutorily required testing and certification regime. Since 2008, testing and certification requirements apply to all products subject to a CPSC rule, ban, standard, or regulation, regardless of the place of manufacture, if those products ( print page 1822) are imported for consumption or warehousing or distributed in U.S. commerce. The purpose of section 14 of the CPSA, and part 1110, is to protect the health and safety of U.S. consumers from noncompliant consumer products.

Commenters also ignore the lengths to which CPSC has gone since 2008 to streamline requirements for testing and certification. For example, manufacturers and importers may rely on any other party's testing or certification pursuant to 16 CFR part 1109. That rule has been in place for more than 10 years and allows importers that want to rely on a manufacturer's testing and/or certification, the ability to do so. Moreover, as described in section II of this preamble, CPSC has spent the last 10 years working with the industry on two pilots, a study, building an eFiling program, and developing the Product Registry, to address importers' concerns about burden and cost. Sections VII and VIII of this preamble and the experience of Beta Pilot participants demonstrate that the Product Registry is easy to use and reduces burden. In fact, CPSC developed the Product Registry in response to industry's 2013 request to reduce burden, data entry errors, and potential duplication of effort, for all importers of regulated products.

It bears repeating that the eFiling requirement does not create new testing or certification requirements for importers. Since 2207, importers have been required to provide certificates and the test reports on which they are based to CPSC and CBP upon request. CPSC is now requesting this information at the time of entry, as specifically provided in section 14(g)(4) of the CPSA. This requirement modernizes the certificate requirement in a manner that does not create undue burden to importers or create a barrier to trade, and instead assists compliant importers. CPSC's economic analysis demonstrates that for compliant importers, the PGA Message Set requirement will not have a significant impact on small (or large) importers, and thus the requirement should not create an obstacle to trade.

Finally, as a matter of enforcement discretion, at least in the initial stages of eFiling, CPSC in general does not intend to request that CBP deny entry of products into the United States solely based on a failure to provide eFiled certificate data. However, CPSC will continue to enforce certificate requirements, for example by refusing admission under section 17(a)(2) of the CPSA, 15 U.S.C. 2066(a)(2), or requesting CBP to initiate seizure of noncompliant products. Further, CPSC intends to increase or decrease risk scores based on eFiled data, which should reduce holds and examinations of compliant products and better focus resources on non-compliant products.

Comment 66: JPMA (99) asserts that Congress did not plainly set forth a requirement that certificates be available by eFiling and that the language in section 14(g)(3) of the CPSA is a distinct requirement. Therefore, providing a certificate “upon request” even in an electronic format should be maintained as an option.

Response 66: We disagree. Section 14(g)(4) of the CPSA provides CPSC specific authority to require eFiling for imported consumer products. Interdicting noncompliant products before they are distributed in U.S. commerce is an important safety mission of the Commission. Accordingly, as set forth in response to comment 34, to allow the Commission to focus limited resources on imported products that are not in compliance with CPSC regulations, the Final Rule retains the SNPR's eFiling requirement for all regulated, imported consumer products. The Final Rule retains the “upon request” certificate option for products manufactured in the United States, and for imported products, to the extent certificate data is not filed at entry, as required, or is potentially false or misleading.

P. Out of Scope Comments

Comment 67: Hansen (115) opines that the SNPR did not adequately address the 2013 comments filed by the Bicycle Product Suppliers Association (BPSA; now PeopleforBikes). Hansen discussed the bicycle regulation in 16 CFR part 1512 and particularly electric bicycles.

Response 67: The Final Rule is not about the substantive safety requirements for bicycles. Note, however, that CPSC issued an advance notice of proposed rulemaking in 2024 related to eBikes, 89 FR 18861 (Mar. 15, 2024), and staff anticipate sending the Commission a proposed rule related to lithium-ion batteries used in micromobility products, including eBikes, in the coming months.

The remaining comments primarily discuss technical features of the eFiling Product Registry. The procedural aspects of data entry and the user interface of the Product Registry are not addressed in the regulation text of this Final Rule. Accordingly, if not already addressed above, CPSC will endeavor to address technical questions in the guidance materials on our website. Additionally, any firm using the Product Registry can report software issues, ask questions, or send suggestions to: eFilingSupport@cpsc.gov.

V. Description and Explanation of the Final Rule

Below we describe and explain the basis for the Final Rule's requirements. Because of the number of changes to part 1110, the Commission proposes to strike and replace the existing 1110 rule in its entirety, as described below.

A. Purpose and Scope (§ 1110.1)

The Commission finalizes the purpose and scope in the Final Rule as proposed in the SNPR, which states that the rule specifies certificate content, form, and availability, and requires eFiling certificates for imported finished products that are required to be certified. The Commission did not receive any adverse comment on the SNPR's proposal.

B. Definitions (§ 1110.3)

The 2013 NPR added to part 1110 13 new definitions to introduce concepts and terms used in the 1107 and 1109 rules and to clarify the requirements of part 1110. 78 FR 28080, 28081-82. The SNPR maintained the additional terms proposed in the 2013 NPR, added several more terms, and revised several definitions. Newly defined terms included: “eFiled certificate,” to differentiate an electronic certificate, primarily used for domestically manufactured products, from a certificate for an imported product that is entered via ACE in a PGA Message Set, and “Product Registry,” to describe the CPSC-maintained repository for certificate data for imported products. The SNPR revised several definitions to better describe the types of merchandise under CPSC's jurisdiction, which includes not only consumer products, but also hazardous substances.

The SNPR also proposed to broaden the definition of “importer” as that term is used in part 1110, beyond the IOR, to allow a party familiar with the products with a beneficial ownership in the goods to be the importer responsible for testing and certification. Thus, the SNPR proposed that the definition of “importer” include any entity that could make entry for consumer products, and qualify as the importer under the Tariff Act (19 U.S.C. 1484(a)(2)(B)). Proposed § 1110.3 also defined additional terms to develop the revised definition of “importer” in the SNPR, such as “importer of record,” “consignee,” and “owner or purchaser.”

Based on the comments, the Final Rule adds two statutory definitions for “manufacturer” and “private labeler” and clarifies several other definitions ( print page 1823) proposed in the SNPR. For example, the Final Rule modifies the definition of ACE in a manner consistent with the SNPR, but better aligns with CBP's characterization of their authorized electronic data interchange system and any successor systems.

Commenters also continued to demonstrate confusion about the difference between a component part and a finished product, and when a part of consumer product is a finished product that must be accompanied by a finished product certificate. By definition, a “component part” is not a “finished product.” Component part certificates are allowed by 16 CFR part 1109 but are voluntary. Component part testing or certification can be relied upon to issue a finished product certificate, but only finished product certificates must accompany finished products and be eFiled pursuant to § 1110.13(a)(1). Component part certificates are not required and should not be eFiled. Accordingly, to add clarity to the definition of “component part certificate,” the Final Rule adds to the definition that a component part certificate is voluntary, and, to further reduce confusion, the Final Rule moves all requirements for component part certificates into § 1110.19 at the end of the rule.

Relatedly, based on commenters' concerns, the Final Rule also clarifies the definition of a “finished product” by removing the phrase “replacement parts,” as the phrase appears to have a different and broader meaning to industry than CPSC intended for this rule. The Final Rule now explains the three criteria required for a product to be considered a “finished product” that must be accompanied by a finished product certificate—namely, that the product must be: (1) subject to a CPSC-enforced rule, ban, standard, or regulation; (2) imported for consumption or warehousing, or distributed in commerce; and (3) packaged, sold, or held for sale to, or for use by, consumers. To address comments regarding the role of a “finished product certifier,” the Final Rule adds to the definition the three parties in section 14 of the CPSA that can be a finished product certifier. These are the manufacturer and private labeler, as defined in the CPSA, and the importer, as defined in this rule. See15 U.S.C. 2052(a)(11) and (a)(12).

The Final Rule also modifies the definition of “importer” in response to comments 7 through 10 in section IV of this preamble and simplifies related definitions of “owner or purchaser” and “consignee.” The definitions for “importer,” “owner or purchaser,” and “consignee” in the Final Rule are intended to harmonize with the Tariff Act and CBP's implementing regulations that govern importation procedures but are solely for purposes of this Final Rule. These definitions do not change CBP requirements for parties eligible to make entry and are specifically limited to implementation of CPSC's eFiling requirement and the party CPSC will hold legally responsible for issuing a finished product certificate for imported, CPSC regulated finished products. Moreover, these definitions may not reflect the full scope of the relevant terms under the CPSA or other statutes implemented by CPSC.

The Final Rule clarifies that, as proposed in the 2013 NPR and consistent with the SNPR comments, for purposes of this rule, the “importer” means the IOR eligible to make entry for imported finished products under the Tariff Act of 1930, as amended (19 U.S.C. 1484(a)(2)(B)), who may be an owner, purchaser, or authorized customs broker. The Final Rule addresses the concerns of commenters stating that an IOR authorized to make entry for a shipment, such as a broker, may not have sufficient knowledge of the consumer products to be held responsible for testing and certification. Accordingly, the definition also provides that an authorized broker may identify the owner, purchaser, or consignee of the finished products who authorized the customs broker to make entry, as the party responsible for compliance with CPSC certificate requirements. A broker would identify such party by eFiling certificate data using CPSC's PGA Message Set, which identifies the finished product certifier responsible for product certification, as required in § 1110.11(a)(3).

If identified as the finished product certifier in the PGA Message Set data, the owner, purchaser, or consignee that authorized the broker to file entry is the party that CPSC would expect to have sufficient knowledge of the finished products being imported and to understand that such products must now comply with U.S. laws and regulations, including compliance with CPSC's testing and certification requirements.^[33] A broker identifying an owner, purchaser, or consignee as the party responsible for certification should receive from that party, either the Unique ID for the Reference PGA Message Set, linking certificate data in the Product Registry with the shipment, or all certificate data elements for submitting the Full PGA Message Set at entry. If an authorized customs broker fails to submit a PGA Message Set containing CPSC's certificate data elements to identify the owner, purchaser, or consignee responsible for product certification, CPSC can hold such a broker legally responsible for certificate data as set forth in § 1110.15.

The Final Rule also clarifies, for purposes of this rule, the importer who is legally responsible for CPSC's certificate data for finished products that must be accompanied by a certificate that are imported by mail, or for which a de minimis duty exemption under 19 U.S.C. 1321(a)(2)(C) is claimed. These shipments do not have an IOR. The “importer” definition in the Final Rule specifies the importer for purposes of CPSC's certificate requirement for these shipments is a party eligible to make entry for the merchandise pursuant to CBP statutes and regulations, who may be an owner, purchaser, consignee, or authorized customs broker. An authorized broker may also identify the owner, purchaser, or consignee that authorized entry as the finished product certifier in a PGA Message Set for a de minimis shipment filed using ET 86.

The Final Rule defines “owner or purchaser” and “consignee” in a way consistent with the SNPR, but simplified. The Final Rule definitions now clarify that these definitions are only for the purposes of this rule and explain who CPSC may hold responsible for certificate data, particularly for de minimis and mail shipments that lack the required certificate data. For this rule, a “consignee” means a party who takes custody or delivery of CPSC regulated finished products for which CPSC certificate data is required. For this rule, an “owner or purchaser” means a party who has a financial interest in the finished products for which CPSC certificate data is required, to include the actual owner of the merchandise. Because a consumer could fall within the definitions of purchaser or consignee, the definition of “importer” continues to state, as proposed, that for the purposes of this rule, CPSC will not typically consider an end consumer purchasing or receiving products for personal use or enjoyment to be the importer responsible for certification..

The Final Rule changes a defined term from “eFiled certificate” to “eFile” because the term “eFiled certificate” is not used in the rule, but the term “eFile” or “eFiled” is used nine times throughout the regulation. The ( print page 1824) definition of “eFile” is consistent with the SNPR definition of “eFiled certificate,” and means to electronically file the required data elements on a finished product certificate, as described in § 1110.11, into ACE, in the format required in § 1110.13(a)(1). Minor edits were also made to the definition of “electronic certificate.” An “electronic certificate” is not an eFiled certificate. An electronic certificate contains the same certificate information as an eFiled certificate, but is primarily used to provide an electronic certificate to CPSC for domestically manufactured products, in the format described in § 1110.9(c).

Finally, the Final Rule clarifies the definition of “Product Registry” by stating that the finished product certifier that is required to issue the finished product certificate, as specified in § 1110.7(a), and who is also required to eFile the certificate data as set forth in § 1110.13(a)(1), enters finished product certificate data into the Product Registry. Note that pursuant to § 1110.15, a finished product certifier can rely on other parties to maintain records, test, or certify products, or enter data into the Product Registry, but remains legally responsible for the validity, accuracy, completeness, and availability of finished product certificates.

C. Finished Products Required To Be Certified (§ 1110.5)

The Commission finalizes § 1110.5 as proposed, except for two minor clarifications. First, § 1110.5 clarifies that finished products also include “substances,” which are regulated under the Federal Hazardous Substances Act (FHSA). Second, the title of this section revises “Products” to “Finished products,” and changes the phrase “GCC or CPC, as applicable” to “finished product certificate” (which encompasses GCCs and CPCs), to more clearly convey that only finished products are required to be certified. Accordingly, § 1110.5 explains that a certificate is required only when: (1) the product is a finished product or substance; (2) the product or substance is subject to a consumer product safety rule under the CPSA, or similar rule, ban, standard, or regulation under any other law enforced by the Commission; and (3) the product or substance is imported for consumption or warehousing, or is distributed into commerce.

D. Who Must Certify Finished Products (§ 1110.7)

The SNPR required that, unless a specific rule states otherwise, only importers, as defined in the rule, must issue a certificate for imported products. However, a private labeler could assume responsibility for certifying an imported product under the SNPR, if the private labeler falls within the definition of an importer in § 1110.3.

For domestically manufactured finished products, the SNPR maintained the 2013 NPR proposal that, unless otherwise required in a specific rule, the manufacturer must issue the certificate, except for consumer products or substances that are privately labeled. When a product is privately labeled, a manufacturer name does not appear on the product. Accordingly, for such products, placing responsibility on the private labeler is both pragmatic and appropriate. However, the SNPR proposed to allow private labelers to continue to rely on a manufacturer's testing or certification if they choose to do so. Importantly, if a manufacturer's name appears on a product, the product is not privately labeled under the definition in section 3 of the CPSA, 15 U.S.C. 2052(a)(12), and the manufacturer would be required to test and certify the product.

The SNPR moved the requirement regarding the availability of certificates for imports and domestic products, found in § 1110.7(c) of the existing rule, to § 1110.13.

The Commission finalizes § 1110.7 as proposed in the SNPR with a clarification specifying that the required certifier is the “finished product certifier.” The terms “finished product certifier” and “finished product certificate” are used throughout the regulation to explain certificate responsibilities and content requirements. The Final Rule is consistent with section 14(g)(1) of CPSA, which requires that the manufacturer (defined as any person who manufactures or imports a consumer product) or private labeler must test and certify products. For domestically manufactured products that are privately labeled, the private labeler must certify or ensure that a manufacturer certifies the product. Also, pursuant to the 1109 rule, a private labeler can rely on a manufacturer's testing or certification to issue their own finished product certificate. Section 3(a)(12)(B) of the CPSA defines a privately labeled product as a product with no manufacturer information on the product or packaging. Therefore, CPSC is unable to identify any other party to hold responsible for a noncompliant product. For clarity, the Final Rule adds the statutory definitions of “manufacturer” and “private labeler” in 15 U.S.C. 2052(a)(11)-(12) to the list of defined terms in § 1110.3.

E. Certificate Language and Format (§ 1110.9)

The Final Rule maintains § 1110.9 as proposed in the SNPR, with the addition of “finished product certificate” in place of “certificate,” to clarify that the requirements apply to finished products. Section IV.E of this preamble contains comments and CPSC's responses regarding § 1110.9. We describe each section of § 1110.9.

The SNPR § 1110.9(a) proposed that an eFiled certificate must be in English, which is consistent with the statutory requirement and is necessary for CBP and CPSC IT systems. Proposed § 1110.9(a) provided that a hard copy or electronic certificate must be in English, but may also contain the same content in any other language. The Commission finalizes § 1109.9(a) without substantive change.

Proposed § 1110.9(b) clarified the formats for eFiled and for hard copy and electronic certificates. The SNPR proposed that an eFiled certificate must meet the requirements in proposed § 1110.13(a), and that certificates furnished to retailers, distributors, or to CPSC pursuant to § 1110.13(b) and (c) may be provided in hard copy or electronically. The Commission finalizes § 1109.9(b) without substantive change.

Proposed § 1110.9(c) described the format for the electronic certificates described in § 1110.13(b) and (c), which are used to furnish a certificate to retailers or distributors, or to CBP or CPSC upon request. The SNPR proposed to allow password protection of certificate information, so long as the password is provided to CPSC or CBP at the same time as a certificate. This provision applies to domestic manufacturers and to other certifiers when providing a password protected electronic certificate to CPSC or CBP; the password must be provided to the relevant agency at the same time. The Commission finalizes § 1109.9(c) without substantive change.

F. Certificate Content (§ 1110.11)

The 2023 SNPR proposed to require the seven statutory certificate data elements in the existing rule, and to include only one of the three additional requirements proposed in the 2013 NPR—attestation. However, the SNPR provided additional detail on the required data elements. Below we describe each data element proposed in § 1110.11(a) of the SNPR. Except for a clarifying change to the attestation requirement, and addition of the terms ( print page 1825) “finished product certificate” and “finished product certifier” in place of “certificate” and “certifier,” the Final Rule retains the requirements as proposed in the SNPR.

Product Identification (§ 1110.11(a)(1)): The Final Rule retains the SNPR proposal to identify the finished product covered by the certificate, including at least one unique ID from a list of seven options, and a sufficient product description so that CPSC can match the finished product to the certificate. Finished product certificates may contain optional additional IDs to assist with product identification. The SNPR clarified that “identification” means a unique ID is necessary for eFiling, so that certificates can be better tracked in the Product Registry and RAM. The SNPR explained that CPSC expects it would be easier for importers to provide a unique ID that already exists for the product, instead of having certifiers manage an additional identifier assigned by CPSC.

The Final Rule also retains the SNPR proposal to expand the term “description” as it relates to products to mean a “sufficient description to match the finished product to the certificate.” Currently, the product description in a certificate is sometimes insufficient to enable CPSC staff to determine whether the certificate describes the product being examined.

List of Applicable Rules (§ 1110.11(a)(2)): Although CPSC received adverse comments regarding listing applicable subsections of the ASTM Toy Standard, codified in 16 CFR part 1250, CPSC is maintaining this requirement as proposed, as further explained in response to comment 26, to align with sections 14(a)(1) and 14(g) of the CPSA. The underlying requirement to list applicable rules is statutory; certificates must provide a list of all applicable rules to which the product is being certified. The eFiling system makes this requirement easier for certifiers because CPSC provides a standardized list of all rules, each assigned a code. When eFiling certificate data, the certifier will only need to select from these codes, either in the Full Message Set or in the Product Registry. Additionally, certifiers of domestically manufactured products, and those certifying using a Full Message Set, have access to the list of all rule citations and testing exclusions, which is updated and stored on CPSC's website, available at: https://www.cpsc.gov/​eFiling-Document-Library.

Identification of Certifier (§ 1110.11(a)(3)): The Final Rule retains the SNPR proposal to identify the party certifying compliance of the finished product(s), including the party's name, street address, city, state or province, country or administrative region, electronic mail (email) address, and telephone number. Adding a more specific street address interprets the statutory requirement for a “full mailing address,” and will assist staff in distinguishing facilities or locating certifiers for site visits. If a certifying party's physical location does not have a street address, then a location identification typical of the country of origin, or a Global Positioning System (GPS) coordinate, is also permissible. The Final Rule also retains the SNPR proposal to include an email address, which will improve communication between CPSC and the certifying party, particularly across time zones. Note that for imported finished products, the finished product certifier should be the Business Account Administrator if using the Product Registry to eFile certificate data.

Contact for Records (1110.11(a)(4)): The Final Rule retains the SNPR's proposal to provide the identity and contact information for the individual maintaining records of test results. As with the certifier's contact information, the Final Rule includes more detail regarding the concept of a “full mailing address,” which includes “street address, city, state or province, country or administrative region, electronic mail (email) address, and telephone number.” For clarity, and because this data element requires a name and contact information, the Final Rule moves the bulleted list of recordkeeping requirements in sections of the CFR that apply to GCCs and CPCs to the recordkeeping requirement in § 1110.17 of the Final Rule.

The Final Rule maintains the SNPR clarification that the individual maintaining records may be a position title, provided that this position is always staffed and responsive to CPSC's requests. Allowing a position title instead of an individual is in response to public comments concerned that the individual maintaining the records of test results may leave the company or otherwise be unavailable, and that a position title would provide continuity.

Manufacture Date and Place (1110.11(a)(5)): The Final Rule retains the SNPR proposal to provide the date when the finished product(s) were manufactured, produced, or assembled, as further explained in response to comment 19. The first date of a batch run is the date of manufacturing. The Final Rule also retains the statutory requirement to provide the place where the finished product(s) were manufactured. Section 14(g)(1) of the CPSA requires that each certificate contains “each party's name, full mailing address, [and] telephone number.” Therefore, the Final Rule aligns with the statute and with the other data elements requiring contact information, which includes a name, street address, city, state or province, country or administrative region, email address, and telephone number. For this data element, the contact information must state where the finished product(s) were manufactured, produced, or assembled. The Final Rule requires this manufacturer detail, for eFiling in particular, because staff have experienced situations where it is difficult to distinguish between multiple firms with similar addresses and contact the correct manufacturer. If a location does not have a street address, a location identification typical of the country of origin or a GPS coordinate is permissible.

Test Date and Place (1110.11(a)(6)): The Final Rule retains the SNPR proposal, which is also in the existing rule, to provide the date when the finished product(s) were tested for compliance. The SNPR amended this requirement to clarify that the required date is the most recent date of testing. The Final Rule retains this change, which aids CPSC in assessing the validity and integrity of a certificate, and promotes consistency across certificates for CPSC and certifiers, particularly where laboratory testing is done over several days.

The Final Rule also maintains the SNPR proposal, which is in the existing rule, to provide the place where the finished product(s) were tested for compliance. As proposed, the Final Rule standardizes the contact information required, including the name of each third-party conformity assessment body or other party on whose testing the certificate depends, and the street address (or locally comparable location identification), city, state or province, country or administrative region, email address, and telephone number. The Final Rule also requires an email address, as proposed, so staff have another means of contacting the testing laboratory.

Attestation (§ 1110.11(a)(7)): The SNPR proposed to include an attestation by the certifier that the certificate information is true and accurate and that the certified product complies with all rules, bans, standards, or regulations applicable to the product under the CPSA or any other Act enforced by the Commission. The Final Rule retains the attestation requirement for certificates provided to CPSC or CBP in hard copy ( print page 1826) or in electronic format, as provided in § 1110.9(c), and clarifies that the finished product certifier is responsible for the attestation. For imported products that require an eFiled certificate, the Final Rule requires an attestation, but clarifies that the eFiling requirements for both the Full Message Set and the Reference Message Set already include an attestation. The Full Message Set contains a check box data element for the attestation. Importers using the Product Registry must periodically attest to the veracity of the data, depending on the user's permissions. For eFiled certificates, even if the importer allows another entity to enter certificate data into the Product Registry on their behalf, or to certify products on their behalf, the importer/finished product certifier remains responsible for the information provided to CPSC, as stated in § 1110.15 of the Final Rule. Thus, the Product Registry includes built-in, simplified attestation requirements.

Electronic access to records (§ 1110.11(b)): The Final Rule retains the SNPR proposal in § 1110.11(b) for a certificate to optionally include a URL or other electronic means, along with the identification of the custodian of records, to allow for electronic access of supporting records, such as test records. If certifiers provide this information, staff can more easily confirm the veracity of the certificate.

Statutory or regulatory testing exclusions (§ 1110.11(c)): Although CPSC received adverse comments regarding the inclusion of testing exclusions on certificates, claiming that exclusions are self-effective, as explained in response to comments 27 and 28 the Final Rule requires identification of testing exclusions that are codified in a statute or regulation. CPSC's algorithm will expect either a certificate citing a CPSC-accepted testing laboratory for each rule, or reliance on a testing exclusion. Accordingly, as proposed, § 1110.11(c) of the Final Rule requires finished product certifiers to list all claimed testing exclusions, instead of providing the date and place where the finished product was tested for compliance.

The requirement to list testing exclusions on a finished product certificate does not apply to Commission enforcement discretion for adult wearing apparel or for refrigerator doors. This requirement only applies to consumer products that are subject to testing and certification, where a statute or regulation allows for a testing exclusion for certain products subject to a rule. The Product Registry lists all available exclusions for each rule, streamlining and standardizing how to record these exclusions on a certificate. These exclusions are also updated and maintained on CPSC's website for use in a Full PGA Message Set and for domestically manufactured products and CPSC will continue to maintain the list of CPSC rules (citations) and any associated testing exclusions. CPSC is currently updating and finalizing this list for use in the expanded Beta Pilot and this Final Rule. Some finished product certifiers already list testing exclusions on a certificate and CPSC's website provides guidance on how to do so; the Final Rule standardizes this requirement for all finished product certifiers. Note that no certificate is required if a product is not subject to a safety rule or similar rule, ban, standard, or regulation, or if the product is subject to enforcement discretion (such as adult wearing apparel relying on 16 CFR 1610.1(d) and household refrigerators subject to 16 CFR part 1750).

For the Final Rule, CPSC also clarifies that, as a matter of policy and to reduce burden, importers are not required to file a Disclaimer Message Set for: (1) products that are not within CPSC's jurisdiction, (2) non-regulated products within CPSC's jurisdiction; or (3) products that are regulated but do not require certification. Although the Commission has authority to require a Disclaimer Message Set for all consumer products within CPSC's jurisdiction, based on the comments, and to reduce burden for products that do not have a certificate requirement at the time of import, CPSC will not require a Disclaimer Message Set. CPSC updated the CATAIR guideline to reflect this change. However, CPSC encourages importers to file Disclaimer Message Sets, where appropriate, meaning when a certificate may be expected, because this additional information will inform CPSC staff as to why a certificate does not accompany the shipment, reducing the possibility of a hold at the port for further inspection.

Duplicative testing not required (§ 1110.11(d)): To reduce burden for certifiers, the Final Rule retains the SNPR proposal in § 1110.11(d) regarding duplicative testing, but provides more clarity regarding when this provision applies, based on a comment. The Final Rule clarifies that finished product certifiers are not required to conduct the same third party test more than once on each sample when a rule references, or incorporates fully, another applicable consumer product safety rule or similar rule, ban, standard, or regulation under any other law enforced by the Commission, that contains the same requirement. This provision is applicable primarily to children's products that are more likely to have overlapping requirements, such as those for lead content or small parts that apply specifically to children's products but also may be required within a product level safety rule, such as the toy rule or rules for bassinets, strollers, or other durable infant or toddler products.

G. Certificate Availability (§ 1110.13)

Although CPSC received adverse comments regarding the availability of certificates, arguing that the current “upon request” system is sufficient, section 14(g)(4) of the CPSA specifically provides the Commission with the authority to, by rule, require eFiling of certificates for imported consumer products. Moreover, the Commission has been explaining and demonstrating the benefits of eFiling since at least 2012, in the Alpha Pilot, Beta Pilot, in establishing the eFiling program in 2020, and in the SNPR and this Final Rule.

Section 14(g)(3) of the CPSA establishes several requirements regarding the availability of certificates, which must: “accompany the applicable product or shipment of products covered by the same certificate;” “be furnished to each distributor or retailer of the product;” and be furnished to the Commission upon request. By codifying the eFiling requirement, an eFiled certificate meets the “accompany” and “upon request” requirements of section 14(g)(3).

As explained in response to comments 34, 45, and 65, the Final Rule retains § 1110.13(a) as proposed in the SNPR. Now that IT solutions are developed, available, and being tested, the Final Rule points to a CPSC-specific CATAIR and Product Registry that contain the IT solutions for eFiling. For example, the Final Rule does not retain a separate “accompany” requirement for imported finished products that are delivered directly to a consumer in the United States, but rather provides for collecting these certificates through eFiling. However, finished product certifiers must still provide a finished product certificate when asked by CPSC or CBP, especially in cases where a required certificate has not been eFiled or contains false or misleading information.

The final § 1110.13(a) explains that a finished product certificate must accompany each finished product or finished product shipment required to be certified pursuant to § 1110.5. Additionally, § 1110.13(a) requires that each certificate describe a single product. One product per certificate allows the RAM to conduct risk analysis ( print page 1827) on unique products in a shipment, which allows better targeting of potentially violative products and avoids delaying delivery of shipments that do not warrant examination.^[34]

Final § 1110.13(a)(1) states the requirements for finished products manufactured outside the United States that are offered for importation into the United States for consumption or warehousing, including products offered for consumption or warehousing from a Foreign Trade Zone, or products eligible for the de minimis duty exemption under 19 U.S.C. 1321(a)(2)(C). As proposed, finished product certificate data elements required in § 1110.11 must be eFiled at the time of filing the CBP entry, or entry summary, if both are filed together, into ACE as provided in CPSC's CATAIR and any revisions of the CATAIR. CPSC's most recent CATAIR is provided in Tab B of the Staff Final Rule Briefing Memo.

Section 1110.13(a)(1) of the Final Rule contains minor clarifications related to international mail shipments, stating that for products imported by mail, the finished product certifier must enter the required finished product certificate data elements into CPSC's Product Registry before the shipment arrives in the United States.

Section 1110(a)(2), stating requirements for domestically manufactured products that are required to be certified pursuant to § 1110.5, is finalized as proposed. The finished product certifier for these products must issue the required certificate on or before the finished product is distributed in commerce, and they must make the finished product certificate available for inspection immediately, meaning with 24 hours of CPSC's request.

Final § 1110.13(b) maintains the statutory requirement to “furnish” a required finished product certificate to each distributor or retailer, and final § 1110.13(c) maintains the statutory requirement to make certificates available for inspection immediately upon request by CPSC or CBP. To be clear regarding the expectation, the term “immediately” means within 24 hours, as explained in the NPR and the SNPR.

H. Legal Responsibility of Finished Product Certifiers (§ 1110.15)

CPSC did not receive adverse comments on this section of the SNPR; however, the Final Rule provides further explanation, consistent with the SNPR and with the 1109 rule, regarding how a finished product certifier may rely on other parties to maintain data, test or certify component parts or finished products, or enter data into the Product Registry. The Final Rule continues to state, as proposed, that a finished product certifier remains legally responsible for the information in a finished product certificate, including its validity, accuracy, completeness, and availability. The Final Rule is intended to accommodate diverse relationships between finished product certifiers and their trade partners to better facilitate trade. However, the Final Rule places accountability for certifications and submitted data on the finished product certifiers, who are ultimately responsible for ensuring that imported products comply with applicable U.S. law, including CPSC's required testing and certification. Finished product certifiers, meaning importers for imported products, will have the ability in the Product Registry to manage permissions for trade partners to enter data and/or to certify products, including managing the roles of specific individuals who enter data or certify products on the finished product certifier's behalf. Finished product certifiers should exercise due diligence if they allow another entity to submit data into the Product Registry or to certify on their behalf.

I. Recordkeeping Requirements (§ 1110.17)

CPSC did not receive adverse comments on proposed § 1110.17 in the SNPR. However, the Final Rule modifies § 1110.17 by moving into this section the bulleted list of potential certificate-related records previously in § 1110.11(a)(4). The listed records are the same as those stated in the SNPR, but they are formatted differently and with additional explanation. The Final Rule states that finished product certificates, which include CPCs and GCCs, and related records, must be maintained for five years, as proposed.

J. Component Part Certificates (§ 1110.19)

The Final Rule is consistent with the SNPR proposal; however, based on continued confusion regarding component part certificates, the Final Rule adds the purpose of the 1109 rule, explaining that component part certificates are voluntary, but may be relied upon by a finished product certifier to issue a finished product certificate. The Final Rule further explains that component part certificates must not be eFiled into ACE. The Final Rule continues to set forth the content, form, and availability requirements for component part certificates.

VI. Effective Dates

The Administrative Procedures Act (APA) generally requires that the effective date of a rule be at least 30 days after publication of the Final Rule. 5 U.S.C. 553(d). In the SNPR, the Commission proposed that a Final Rule revising 16 CFR part 1110 become effective 120 days after publication in the Federal Register , to provide importers time to onboard with CPSC's Product Registry and upgrade software to send PGA Message Sets to their broker for eFiling. Based on the public comments and Beta Pilot participant feedback, CPSC will finalize a longer effective date of 18 months after a Final Rule publishes in the Federal Register , except for consumer products and substances that are imported into an FTZ and subsequently entered for consumption or warehousing. For products and substances entered for consumption or warehousing from an FTZ, the Final Rule is effective 24 months after publication of the Final Rule in the Federal Register .

A. 18-Month Effective Date—Domestic and eFiled Certificates

The Final Rule provides an 18-month effective date for regulated, domestic products and substances that are required to be certified. Domestic certificates should not be eFiled. However, the Final Rule includes three primary changes for domestic certificates:

• § 1110.7—Unless otherwise stated in a specific rule, the manufacturer is the finished product certifier that must issue a certificate. However, for privately labeled products, the private labeler is the finished product certifier that must issue a certificate, unless the manufacturer issues the certificate.
• § 1110.11(a)(7)—Include an attestation of compliance.
• § 1110.11(c)—Unless otherwise provided by the Commission, if a finished product certifier is claiming a statutory or regulatory testing exclusion for an applicable rule, then in addition to listing all applicable rules, and in lieu of providing the date and place of testing, the certificate must list the applicable testing exclusion.

If a product is privately labeled, the Final Rule shifts the responsibility of certification onto the private labeler, who becomes the finished product certifier that must certify the product or ensure that the manufacturer certifies the product. A privately labeled product ( print page 1828) is one that is branded and does not contain the name of a manufacturer. Currently, CPSC's website advises that firms list testing exclusions on certificates; the Final Rule will require certificates to list such exclusions. Thus, when a rule applies, but a certifier does not test to the rule because a testing exclusion within a rule or statute applies, the Final Rule requires that such testing exclusion be listed on the certificate instead of the name of the testing laboratory. CPSC's website contains a list of all testing exclusions to include on a certificate, where applicable.^[35] This additional information will require certifiers to review the requirement, assess their products, and align their certificates accordingly. Because domestic manufacturers and private labelers must reassess their business relationships and responsibilities, and certificates will now be required to identify testing exclusions, the Final Rule's effective date for domestically manufactured products is 18 months after publication in the Federal Register .

With regard to eFiled products, CPSC surveyed Beta Pilot participants to gauge their preparation time for eFiling.^[36] On average, Beta Pilot participants took five weeks to prepare for the Beta Pilot and create their Business Account in the Product Registry. This preparation included attending meetings, reviewing and understanding CPSC's guidance documents, communicating internally and externally with trade partners, and organizing certificate data in an electronic format. Furthermore, Beta Pilot participants stated that their customs brokers needed to concurrently update their software to enable transmission of the PGA Message Set into ACE via the Automated Broker Interface. Several brokers who assisted importers in the Beta Pilot estimated that this update (either in-house or from a software developer) takes three to 12 months, with an average of nine months. Based on this feedback, as well as public comments, the Final Rule is effective for all imported, products regulated by CPSC 18 months after publication of the Final Rule in the Federal Register for all entry types, except for products entered for consumption or warehousing from an FTZ.

B. 24-Month Effective Date—Products Entered for Consumption or Warehousing From an FTZ

For regulated products imported into an FTZ and subsequently entered for consumption or warehousing, the Final Rule is effective 24 months after publication of a Final Rule in the Federal Register . Based on discussions with the National Association of Foreign Trade Zones (NAFTZ) and other importers, updating processes and software to meet this Final Rule will be particularly challenging for importers using FTZs. Importers can use FTZs in various ways before entering consumer products into customs territory for consumption or warehousing. For example, importers can use an FTZ to: hold products prior to making entry into the United States; assemble components of products from various manufacturing sites into finished products; bring products into compliance with CPSC rules; manufacture components or finished products; or test and certify finished products. Although products and materials admitted into an FTZ are accounted for on CBP Form 214, when products are imported into the United States, CBP allows for entry to occur on a weekly basis, including estimation of the number of products removed from an FTZ for entry for consumption. If this estimate is exceeded, entry must be made for the excess quantity prior to its removal from an FTZ into customs territory.

CBP's current FTZ import procedure does not allow accurate CPSC PGA Message Sets to be attached to CBP entries. Commenters (Comment 44), including the NAFTZ, state that FTZ importers require additional time before eFiling implementation to build the necessary infrastructure to accommodate accurate CPSC PGA Message Sets and to troubleshoot issues. Commenters explain that the First-In-First-Out inventory accounting method applicable to fungible merchandise within an FTZ uses a Unique Identifier (UIN) for inventory control and recordkeeping which has no relationship to the compliance data CPSC requests. Commenters explain that currently, FTZ imports can only attach the latest certificate associated with an article/supplier combination and cannot attach a specific certificate at the inventory level that CPSC's Message Set requires. Commenters state that FTZ importers will require significant changes to their current software to comply with an eFiling requirement. Moreover, commenters allege that FTZ procedures are incompatible with a requirement to file certificates at entry summary, because goods imported from an FTZ may have already been shipped to stores and possibly sold, negating CPSC's ability to place such goods on hold for examination.

Commenters encourage CPSC to work with the CBP Border Interagency Executive Council (BIEC) to build a single window concept inclusive of FTZs and provide a transition period of at least 24 months. CPSC staff further informs that CBP processes for FTZ imports would also need to be updated to accommodate an eFiling requirement, but 24 months is likely necessary for full implementation of eFiling for FTZ-imported products and substances.

CPSC intends to work with the trade and with CBP in the coming months, to initiate conversations on software solution(s) that would best allow compliance with CPSC's Message Set. Once a software solution is identified, meeting the eFiling requirement will involve software development, testing, implementation, and troubleshooting. Based on CPSC's experience with developing and testing IT solutions for the Beta Pilot, for products entered for consumption or warehousing from an FTZ, the effective date is 24 months after publication of the Final Rule in the Federal Register .

VII. Final Regulatory Flexibility Analysis

The Regulatory Flexibility Act (RFA), 5 U.S.C. 601-612, requires agencies to prepare a regulatory flexibility analysis unless the head of the agency certifies that the proposed rule will not have a significant economic impact on a substantial number of small entities. In the SNPR, the Commission certified that the proposed rule would not have a significant impact on a substantial number of small businesses. 88 FR 85760, 85783. The Commission received additional information during the SNPR comment period and the eFiling Beta Pilot regarding: (1) initial startup burden for eFiling; (2) filing fees; (3) Disclaimer Message Sets (disclaims); and (4) de minimis entry filings. Based on these comments, the Commission has prepared a final regulatory flexibility analysis (FRFA) that includes an analysis of this additional information. The conclusion of this FRFA is that the cost of the Final Rule is likely less than one percent of the revenue for a small firm, and therefore does not impose significant costs to a substantial number of firms. ( print page 1829)

A. Need for Agency Action and Objectives of the Rule

Sections I and II of the preamble describe the need for agency action and objectives of the Final Rule.

B. Issues Raised by Comments and Resulting Changes

Several SNPR commenters provided additional information regarding costs to importers and eFilers, including technology and staff-related costs from initial startup activities for eFiling, filing fees, disclaims, and de minimis entries. See Comments 53-63 in section IV.N of this preamble.

C. Small Entities to Which the Rule Will Apply

The Final Rule applies to all importers and domestic manufacturers ^[37] required to issue certificates for products or substances subject to a CPSC rule, ban, standard, or regulation, that are imported for consumption or warehousing into the United States or are distributed in commerce.^[38] The Initial Regulatory Flexibility Analysis (IRFA) estimated the number of small businesses impacted by the rule. 88 FR 85760, 85783. This FRFA uses these same estimates, which are displayed in Table 2.

Table 3 presents an estimate of the number of certificates produced annually by small firms impacted by the Final Rule. These estimates assume small firms produce 10 percent of the number of certificates the average firm in their industry produces:

D. Compliance, Reporting, and Recordkeeping Requirements of the Rule

1. Potential Impact on Small Firms

This FRFA assesses the economic costs that will be incurred by small U.S. firms impacted by the Final Rule. Typically, CPSC considers costs that exceed one percent of gross revenue to be an economically significant cost impact. This FRFA estimates the cost impact of the Final Rule on small firms arising from both extended recordkeeping of GCCs ( i.e., the burden associated with the increasing the recordkeeping period for GCCs from three to five years) and eFiling (which includes (i) the hourly burden and (ii) the out-of-pocket costs from electronically filing certificate data for regulated, imported consumer products).

Small firms face an hourly burden related to uploading or submitting information via;

• The CPSC Product Registry,
• Full Message Sets to CBP through a broker,
• Reference Message Sets (of certificates uploaded into the Product Registry) with simplified filings with CBP, and
• Disclaimer Message Sets (for products or substances that do not require a certificate).

In addition to the hourly burden, small importers will face out of pocket expenses that include: Startup costs, and Filing fees to eFile certificates.

(a) Extended Recordkeeping of GCCs

The Final Rule requires firms to maintain records of all certificates for five years. CPC's records are already required to be kept for a period of five years pursuant to part 1107. Currently, however, for non-children's products, firms are either required within specific rules to maintain records for three years or follow the guidance in the existing part 1110 to maintain records for three years. Thus, firms supplying non-children products will have to hold certificates and supporting documentation, such as test reports, for two additional years after the Final Rule becomes effective.

To estimate this additional burden, the FRFA takes the difference of the total burden under the current requirements ( i.e., baseline) and total burden with the Final Rule requirements. To estimate the number of non-children's product certificates that additionally require recordkeeping with the Final Rule, the FRFA conservatively uses the number of active certificates and multiplies by five (years). The FRFA estimates the number of certificates requiring recordkeeping in the baseline by multiplying the total number of certificates issued annually by the current recordkeeping period of three (years). The hourly burden of additional recordkeeping is the difference between active certificates and baseline certificates ( i.e., the increase in the number of active certificates) multiplied by the estimated 3 seconds it takes to ensure that records of active certificates are kept in a safe virtual storage location and the provision of routine maintenance of ( print page 1830) records. The estimated total cost is equal to the number of burden hours multiplied by the hourly compensation of office and administrative support occupations ^[39] of $35.56.^[40]

Table 4 presents staff's estimate of the additional routine annual recordkeeping burden of the Final Rule to domestic manufacturers and importers. The total cost of maintaining GCC records for two additional years is $7,079; of this total $2,041 is a burden to manufacturers and $5,038 a burden to importers.

(b) eFiling of Certificates

Small firms required to eFile finished product certificates, either a GCC or CPC, are likely to face an hourly burden due to eFiling activities. Importers will have two methods of filing certificate data with CBP: a Full Message Set, or a Reference Message Set. While the Final Rule does not require the use of the Product Registry, CPSC expects that most small importers will use the Product Registry to enter and maintain certificate data. The use of Reference Message Sets along with the Product Registry will likely reduce the time for storing, transmitting, and eFiling certificates. Full Message Sets are more burdensome than Reference Message Sets because they require repeated data entry, maintained by the importer or broker, rather than relying on CPSC's IT solution, the Product Registry, and a shortened Reference Message Set.

To achieve compliance with the Final Rule's eFiling requirements, small importers of products requiring either a GCC or CPC may also incur out-of-pocket costs from several activities including startup costs (consisting of the one-time cost of updating technology and training staff for eFiling) and filing fees. The following sections present estimates for the hourly burden and out-of-pocket cost for eFiling.

(i) eFiling Hourly Burden

The burden of eFiling is only a burden on importers. Domestic manufacturers are unaffected by eFiling.^[41] Within the category of eFiling, this FRFA considered the hourly costs of entering records in the:

• CPSC Product Registry,
• Full Message Sets,
• Reference Message Sets, and
• Disclaimer Message Sets.

Most importers will upload product certificate records for products regulated by CPSC into the Product Registry; 96.4 percent of eFilings by importers will likely use Reference Message Sets to submit certificate data already stored in the Product Registry based on data from the eFiling Beta Pilot. The FRFA uses this share for small importers. The FRFA assumes the remaining 3.6 percent of eFiled certificates to use a Full Message Set, which requires users to enter all data fields on a certificate every time a product is imported.

Aside from Reference and Full Message Sets, some importers will file Disclaimer Message Sets for products or substances that do not require a certificate. Disclaimer Message Sets are not required but can be filed for finished products or substances under CPSC's jurisdiction that would otherwise require a certificate, but do not require one under the circumstances. Based on data from the Beta Pilot, the FRFA estimates that Disclaimer Message Sets will account for 14.4 percent of the total number of Reference and Full Message Sets.

The Beta Pilot participants provided estimates for this FRFA regarding the time it would take importers to submit each type of Message Set. This FRFA assumes that eFilers would become more efficient over time as eFiling becomes widespread and learning takes place. Accordingly, this FRFA uses a learning curve ^[42] that helps assess the impact of learning efficiencies in the processing time of Message Sets. Using this approach, the FRFA estimates that it would take participants an average of 15.3 seconds ^[43] to file a Reference Message Set; half that amount of time, or 7.6 seconds,^[44] to file a Disclaimer Message Set; and 4.75 minutes ^[45] to file a Full Message Set. Additionally, each certificate filed in the Product Registry as part of a multi-certificate data upload would take an average of 8.7 seconds.

This FRFA assumes, conservatively, that all importer certificates will be filed once in the Product Registry. Based on import surveillance data, this FRFA estimates that 20 Reference Message Sets will be filed annually per certificate.^[46] Then, using the number of Reference Message Sets per certificate, this FRFA estimates that 0.7 ^[47] Full Message Sets and 3 ^[48] Disclaimer Message Sets will be filed annually per certificate.

The annual creation of certificates is industry dependent. Firms in some industries produce a low number of new annual certificates per year, usually due to lower levels of innovation or product turnover, while other industries produce a larger number of annual certificates. Therefore, the cost per firm in some industries may be larger than in others. For instance, high certificate turnover industries of small importers include Vinyl Plastic Film (43 annual certificates), Furniture (25 annual certificates), Special Packaging or PPA (23 annual certificates), and Clothing and Apparel (13 annual certificates)

Table 5 presents staff's estimate of the number of annual GCC and CPC filings by importers, under the assumptions discussed earlier.

Aggregating the processing times per type of certificate filing with the number of annual filings per certificate, the annual burden of the Final Rule per certificate would be 9.1 minutes.^[49]

Table 6 shows the hourly burden on small importers.

Given the hourly burden and the $35.56 hourly compensation rate for each hour of burden, the average annual cost of eFiling per small importer at high turnover industries will be between $70 and $232, while in low turnover industries the hourly burden will be as low as $1.^[50] Given these small amounts, it is unlikely for the cost of the hourly burden of eFiling to exceed 1% of revenue for the typical small firm.^[51] Tables 7 shows the estimated annual cost of such burden on small importers.

Staff expect small importers to incur a total cost of $1.16 million, which approximates $4.71 per small importer. The estimated average hourly burden of eFiling for small importers of children's and non-children's products would be $3.33 and $13.03. These amounts are unlikely to exceed one percentage of the annual revenue of a typical small importer.

(ii) eFiling Out-of-Pocket Costs

Startup Costs: eFiling may require some firms to invest in a combination of new technologies,^[52] as well as training and/or hiring staff to conduct eFiling activities. Large firms may be able to build these new technologies themselves. Third-party service providers may develop tools that large or small firms may use.^[53] Firms are also likely to train staff on the use of these new technologies and the updated processes that support eFiling of certificates, including participating in meetings with their brokers, reading guidance documents, and communicating and distributing information.

A survey conducted among Beta Pilot participants indicated that firms invested roughly the equivalent of 60 staff hours in preparation for their participation in the Beta Pilot, including getting trained, understanding and communicating the guidance, gathering product information, and coordinating with their brokers. However, most firms that participated in the Beta pilot are of significant size, which likely implies the startup times for the average firm may not be as large. Also, the potential introduction of third-party tools or third-party support to perform these duties will likely reduce the number of hours required for setting up the logistics of the average firm to conduct eFiling activities. Accordingly, the FRFA assumes that the average firm will invest the equivalent of only one-third of the value of startup activities, or the monetized equivalent of 20 hours,^[54] in all startup activities. Many firms could likely hire third parties that benefit from economies of scale, instead of devoting as many staff hours to startup tasks; or will use a combination of third-party vendors and staff to set up eFiling.

This FRFA converts the 20 hours of startup time into an average cost per firm of $1,086 using an average compensation rate for managerial and administrative occupations.^[55] This startup cost per firm does not exceed one percent of revenue of the typical small firm in each of the industries impacted by this Final Rule, as discussed later in this section.

Filing Fees: Many importers use import brokers to facilitate customs filings and reporting with the U.S. government. Brokers typically charge a fee per entry or per entry line that is filed, and each entry line may contain one or more product certificates. During the eFiling Beta Pilot in 2024, brokers had made or were making technological investments needed for eFiling, and the fees that brokers would charge for eFiling would cover these investments. This FRFA includes these broker fees as a cost for importers. While it is uncertain what changes, and the magnitude of changes, firms would choose to make to their technology, brokers will likely seek to recover their investments through fees. Use of the Product Registry will reduce the ( print page 1833) complexity of Message Sets by allowing importers to supply only a Unique ID for each product certificate, which may result in less complex entries and reduced brokers fees.

The fees that brokers charge vary with the complexity of the Message Set and with the number of Message Sets filed. Most brokers charge a maximum fee per entry, which reduces the filing fees per certificate for firms that file multiple certificates per entry. This FRFA assumes that the majority of importers will choose to file as many product certificates as possible per entry, and this action will significantly lower the cost per individual product certificate filed. The estimated average fee per filing under these conditions is $0.77.^[56]

As discussed, the eFiling burden depends on the number of filings, the number of annual certificates generated by each small importer, and the frequency of product imports. This FRFA assumes that each certificate will generate a total of 23.7 annual filings,^[57] out of which 20.7 require broker fees ^[58] for a total of $15.97 per certificate. Accounting for the number of certificates filed annually per NAICS code, the range of fees for an average small importer would fluctuate between $2 and $686 depending on the industry. This range is unlikely to exceed one percent of revenue for most small importers.

2. Overall Cost to Small Importers

CPSC estimates the cost to small importers ^[59] of CPSC regulated products by summing the costs and sub costs from:

• recordkeeping,
• eFiling of certificates,

○ filing hourly burden,

○ eFiling out-of-pocket cost,

startup costs, and

filing fees.

Table 8 shows the cost from the additional recordkeeping and eFiling requirements on small importers. Small importers, a total of 35,290 small firms, will have to maintain records of GCCs and their supporting information for two additional years, which generates an additional annual cost of $5,038.^[60] Additionally, these 35,290 small importers ^[61] will eFile GCCs at a burden of 12,930 hours, which is a cost of $459,778, and another 211,148 small importers will eFile CPCs with CBP at a total additional burden ^[62] of 19,744 hours, which is a cost of $702,110. In total, this is 32,674 hours per year and a total estimated cost of $1.16 million for eFiling's hourly burden.

In addition to the hourly burden, small importers of CPSC regulated products will also bear monetary costs that include total startup costs of $267.58 million and eFiling fees of $3.43 million for a total out-of-pocket cost burden of $271.01 million. The total overall cost of the Final Rule on small importers reaches $272.18 million in the first year of the Final Rule of which $232.04 are linked to children's product certificates and $40.14 are linked to non-children product certificates.

Table 9 presents the corresponding annualized costs of the Final Rule to small importers. As opposed to Table 8 that shows the total startup cost, Table 9 presents the annualized startup cost to small importers over a time span of 30 years at a 2 percent discount rate.^[63] The total annualized cost to small importers is $16.54 million; $3.53 million for small importers of general use products and $13.01 million for small importers of children's products.

Table 10 presents the average costs of the Final Rule per small importer. Small importers will incur an average cost of $1,104 per firm ($272.18 million/246,438 small importers) in first-year costs in connection with the Final Rule's new requirements. The cost per small importer of non-children's products will be on average $1,137, while the cost per small importer of children's products will be $1,099. The difference between these two estimates is mainly driven by a larger number of certificates created by small importers of non-children's products.

3. eFiling Impact as a Percent of Filed Certificate Value

The Final Rule requires importers to eFile certificates with CBP at entry, at which point the import value of the shipment is tabulated. This FRFA compares the burden of the eFiling requirements to the average sales value per certificate filed ^[64] for imported products subject to the Final Rule's eFiling requirement. This approach provides a pragmatic assessment of the Final Rule's impact on small firms. Table 11 shows the burden cost per certificate filed and its relative cost impact as a percentage of expected revenue per certificate.

Table 11 shows that small importers of general use products will bear an estimated burden of $19.09 per eFiling and a total initial cost of $40.14 million during the first year of implementation of the Final Rule. Small importers of children's products will bear an estimated $72.28 burden per eFiling for a total initial cost of $232.04 million.^[65] During the first year of implementation of the Final Rule, the average burden of the Final Rule across importers of all products regulated by CPSC is $51.24, which represents 0.43 percent of the average revenue per certificate filed. If these initial cost estimates are annualized over a 30-year lifespan at a 2 percent discount rate, small importers will bear an annualized cost of $3.11 per certificate filing ($1.68 per GCC filing and $4.05 per CPC filing). These equate to $16.54 million in annualized cost to small importers: $3.53 million to small importers of general use products and $13.01 million to small importers of children products. The estimated impact per eFiling for both importers of general use products and importers of children's products is well under one percent of the estimated revenue from selling the imported products associated with each eFiling.

4. Net Impact on Small Businesses

CPSC uses the threshold of one percent of revenue to estimate whether a given rule will have a significant impact on the small businesses the rule covers.

Table 12 shows the average revenue for firms smaller than the largest 50 firms in a given NAICS code.^[66] This segment is characteristic of smaller firms. The Final Rule impact does not exceed the threshold of one percent of the average revenue of this subset of small firms because the overall cost impact of the Final Rule is minimal. Several NAICS industries have an ( print page 1835) average revenue of slightly under $1 million for firms smaller than the top 50. However, the one percent threshold (in this case, roughly $10,000) is greater than both the cost of the Final Rule of $1,137 per small importers of nonchildren's products, and $1,099 per small importers of children's products.

In the SNPR the Commission requested comments on the average annual revenues of small businesses within the impacted industries and alternative industry classifications for SBA purposes, but did not receive any comments.

5. Impact on Importers of De Minimis Shipments

Merchandise imported by one person on one day that is accorded a duty exemption under 19 U.S.C. 1321(a)(2)(C), for which the aggregate fair retail value in the country of shipment does not exceed $800, is commonly known as a de minimis shipment. Such merchandise may be entered under the “release from manifest” process or via the ACE Entry Type 86 Test (89 FR 2630 (Jan 16. 2024)). Merchandise subject to PGA requirements, such as CPSC's PGA Message Set or certification requirement for regulated consumer products, is ineligible for entry under the “release from manifest” process. Accordingly, the Final Rule requires that importers file a type 86 entry for de minimis shipments to submit CPSC's PGA Message Set. Staff estimate that a significant number of small importers would need to file type 86 entry for de minimis shipments containing a product subject to a CPSC rule, ban, standard, or regulation. These small businesses ship thousands of units of products through de minimis entries. Staff considered current entry type 86 shipments in HTS codes that could fall within CPSC's jurisdiction, although CPSC has no way to determine whether these shipments contain consumer products or whether such products are regulated by CPSC. As shown in Figure 1, the median value of a de minimis shipment is about $30; after applying a direct-to-consumer markup, staff estimates the sales value is $48.^[67]

Under current shipping conditions, importers of parties eligible to file a type 86 entry would likely eFile a single certificate per entry; this would increase the filing fees per certificate to the point that it might represent a significant portion (greater than one percent) of the value of each shipment.

CBP reports that they process approximately 4 million de minimis shipments a day.^[68] In 2022, CBP reported 685.1 million total de minimis shipments, which are also called section 321 shipments.^[69] Until this Final Rule is in effect, importers of regulated consumer products claiming a de minimis exemption are not required to submit CPSC's PGA Message Set using entry type 86. Accordingly, CPSC currently does not know how many de minimis shipments per day contain finished products within CPSC's jurisdiction, nor how many of those finished products are subject to a rule, ban, standard, or regulation enforced by CPSC.

The RFA requires consideration of the impact of the Final Rule on U.S. small businesses. Importers can be either foreign ^[70] or domestic firms and firms of varying sizes. CBP does not classify importers by size. Accordingly, without additional data on de minimis and mail shipments, and who uses this mode of importation, CPSC does not have sufficient information to estimate the number of small U.S. firms that would be impacted by the Final Rule requirements. To the extent that de minimis entries are primarily caused by foreign companies, for example, such costs would not be included in the FRFA impact assessment.

Moreover, as a result of the Final Rule, some firms may choose to cease using entry type 86 if this importation route becomes more costly, and may choose to bundle shipments using another entry type, such as an 01 entry for consumption or warehousing. However, CPSC does not have enough information to determine what percentage of the impacted firms would be able to structure their import transactions in a manner to avoid a substantial increase in fees. Additionally, CPSC does not know whether some of these firms may have other sources of revenue offsetting the type 86 entry filing requirement or whether some of these firms are actually subsidiaries of larger firms. Accordingly, CPSC is currently unable to estimate the impact of the Final Rule on small U.S. importers of de minimis shipments.

E. Alternatives for Reducing the Adverse Impact on Small Businesses

CPSC considered three alternatives to the Final Rule:

(1) Make eFiling of certificates voluntary, instead of mandatory;

(2) Require PDF submissions of certificates rather than eFiling certificates; and

(3) Extend the effective date of the Final Rule to 36 months for all products, regardless of their origin.

Alternative 1 to the Final Rule would allow, rather than require, certificate data for imported products to be eFiled at entry. If the Commission adopted this alternative, the certificate would still have to be available for examination upon request, as it is now. Allowing, instead of requiring, certificates to be eFiled at entry could reduce the burden on small businesses, but it would not meaningfully enhance the Commission's ability to target shipments for examination by using the additional certificate data elements collected via eFiling, nor to enforce and verify the accuracy of certificates. This alternative would largely maintain the status quo, because it is likely that only a few firms would choose to eFile certificates; therefore, unlike mandatory eFiling, this alternative would not reduce costly delays at the ports.

Alternative 2 to the Rule would require PDF submissions of certificates. For imported products, the importer could upload a PDF to CBP's Document ( print page 1837) Image System. Similar to Alternative 1, this alternative would not enhance the Commission's ability to target shipments for examination by using the additional certificate data elements collected via eFiling. Not only are PDF files not useful for targeting, but CBP is also unlikely to allow the collection and maintenance of a large volume of PDFs in ACE, because PDF files require a relatively large amount of storage space.

Alternative 3 would delay implementation of the Final Rule by changing the effective date from 18 months for all consumer products subject to a CPSC rule, ban, standard, or regulation not entered from an FTZ and 24 months for products and substances entered for consumption or warehousing from an FTZ, to 36 months for all CPSC regulated products regardless of their origin. This would allow small firms importing from non-FTZ areas 24 additional months to implement any new technology and organizational changes needed for eFiling, train staff, communicate with partners, and perform quality controls, among other activities. Alternative 3 did not receive any substantive comments from small firms importing from non-FTZs indicating a need for such an extension. The Commission has already extended the 120-day effective date to 18 months, providing small firms with an ample amount of time for preparation and implementation activities.

VIII. Paperwork Reduction Act

The Final Rule contains information collection requirements that are subject to public comment and review by the Office of Management and Budget (OMB) under the PRA. 44 U.S.C. 3501-3521. The PRA requires an agency to publish the following information:

a title for the collection of information;

a summary of the collection of information;

a brief description of the need for the information and the proposed use of the information;

a description of the likely respondents and proposed frequency of response to the collection of information;

an estimate of the burden that will result from the collection of information; and

notice that comments may be submitted to OMB.

44 U.S.C. 3507(a)(1)(D).

The Final Rule creates a new collection of information for certificates for non-children's products and expands the existing collection for Third Party Testing of Children's Products, OMB Control No. 3041-0159. The Children's Product OMB control number would expand to include eFiling certificates for imported children's products that are subject to a CPSC rule requiring certification. We update and summarize that information here.

In accordance with OMB's requirement, the Commission provides the following information:

Title: (1) Certification of Non-Children's Products; (2) Amendment to Third Party Testing of Children's Products, approved previously under OMB Control Number 3041-0159.

Summary, Need, and Use of Information: Sections I and II of this preamble contain this information.

Respondents and Frequency: For products manufactured outside of the United States, respondents include importers of consumer products subject to a CPSC-enforced regulation. For products manufactured within the United States, respondents include manufacturers and private labelers of consumer products subject to a CPSC-enforced regulation.

Estimated Burden: CPSC has estimated the respondent burden in hours and the estimated labor costs to respondents.

Estimate of Respondent Burden: Below we categorize and estimate the burden created by both the statute and the Final Rule for children's and non-children's regulated products as follows:

Certificates: The burden associated with the creation of certificates (GCCs and CPCs). This can be considered a general recordkeeping burden.

Disclosure: The burden derived from disclosing certificate information and from furnishing the certificates to these third parties (distributors and retailers).

Recordkeeping: The burden associated with the initial storage and routine maintenance of records, including records of the certificates and any supporting and testing documentation, for a period of five years.

eFiling: The initial burden from electronically filing the certificates, using either the CPSC-maintained Product Registry or the systems provided by the brokers that support importers' activities, as well as the routine burden on importers submitting associated Full or Reference PGA Message Sets.

A. Hourly Burden for GCCs

CPSC estimates that there may be 49,364 non-children's products firms subject to the Final Rule. On average, these firms are expected to create 27 certificates per year, for a total of 1,333,982 certificates.^[71] CPSC assumes each certificate will require 5 minutes of labor per certificate, which equates to 111,165 hours spent on their creation.

These same firms must keep the records supporting the certificates for a period of five years. CPSC assumes recordkeeping will take, on average, 1 minute for record creation and initial storage and an additional 15 seconds for the routine annual maintenance of the certificate record. This annual burden comes to 27,791 hours (1.25 minutes/60 × 1,333,982 certificates).

The firms must also disclose each certificate to retailers and distributors of the product upon request; thus, staff estimates an additional 0.25 hours (15 minutes) burden for third-party disclosure. This sums to 333,495 hours (15 minutes/60 × 1,333,982 certificates).

CPSC estimates the number of responses for eFiling as 23,491,168. The average filing takes roughly 22 seconds across filing modes. This adds to an estimated eFiling burden of 144,487 hours (22 seconds/3,600 × 23,491,168).^[72]

The aggregate burden of the Final Rule for suppliers of non-children's products is 616,939 hours and has a total cost of $26,102,580. This estimate includes the burden imposed by statute, which non-children's products suppliers would bear in absence of the Final Rule. The net burden from the Final Rule—excluding the statutory burden—is 146,710 hours ^[73] and the net cost is $5,217,007. Table 13 shows that importers of general use products requiring a GCC bear most of both the statutory burden and the additional burden from the eFiling requirement.

CPSC expects that 82 percent of the firms supplying non-children's products subject to the Final Rule will be importers with the remaining 18 percent as manufacturers. As shown in Table 13, staff estimate the statutory burden borne by importers is 480,905 hours (78%) and the expected burden to manufacturers as 136,034 hours (22%). The net annual burden of the Final Rule of 146,710 hours can be broken into a ( print page 1838) burden of 146,070 hours borne by importers (99.6%) and 640 hours borne by manufacturers (0.4%).

B. Hourly Burden for eFiling CPCs

Section 14 of the CPSA requires third-party testing of children's products that are subject to an applicable children's product safety rule to ensure compliance with such rules. Based on this testing, manufacturers, including importers, are required to certify compliance of their products to the applicable standards. The burden associated with certificate production, recordkeeping, and disclosure is already subject to an OMB control number, 3041-0159, for children's product testing, as set forth in 16 CFR parts 1107 and 1109. The Final Rule adds a certificate eFiling requirement for importers of finished children's products and estimates the reporting burden for this requirement.

Table 14 presents CPSC's estimate that there are 224,000 small importers supplying children's products. Commission staff estimates an average of 152 certificate filings per firm based on assumptions supported on data from the Division of Import Surveillance and the Beta Pilot, which means that 34,055,116 shipments related to imported children's products would be annually required to eFile certificates, with an estimated eFiling burden of 209,462 hours.^[75] This number only includes burden imposed by the Final Rule, so the net burden from the Final Rule is also 209,462 hours, and the cost of this additional burden from the Final Rule is $7,448,474.

C. Burden Estimate Breakdowns by Imported and Domestically Manufactured Products

Table 15 provides a summary of the analysis for imported products, and Table 16 provides a summary of this analysis for domestically manufactured products.

D. Additional Recordkeeping Costs

Public comments stated there were additional eFiling costs not considered in the SNPR. In response to these comments, agency staff analyzed survey responses and data from the eFiling Beta Pilot participants and queried import brokers to assess additional potential out-of-pocket expenses imposed by the Final Rule. As a result of this assessment, staff conducted an analysis of three additional annual cost burden categories: (1) startup costs to account for the burden of organizational meetings, staff training, and setting up accounts and a data storage system to house the certificate data; (2) fees charged by brokers to file message sets with CBP; and (3) de minimis filings. However, for the reasons stated in section VII.D.5 of this preamble, CPSC has insufficient information for a substantive burden analysis involving de minimis filings impacted by the Final Rule. Therefore, the following sub-sections discuss startup costs and filing fees.

1. Startup Burden Cost

eFiling of certificates may require some importers to invest in a combination of new technologies and training or hiring staff to conduct eFiling activities. These new technologies may be built in-house by larger firms. Also, third-party service providers may develop tools and services that large or small importers could use.^[77] Firms are also likely to train their staff on the use of these new technologies and the updated processes that support the eFiling of certificates, including participating in meetings with their brokers, reading guidance documents, and communicating and distributing information.

Firms that participated in the Beta Pilot indicated an average of 60 hours of startup time ^[78] for training, understanding and communicating eFiling guidance, gathering product information, and coordinating with brokers. However, most firms that participated in the Beta Pilot are of significant size, which implies the startup times for the average importer likely are not as large. Also, the potential introduction of third-party tools or third-party support to perform these duties will likely reduce the number of hours required for setting up the logistics of the average importer to conduct eFiling activities. Consequently, CPSC assumes that the average firm would invest the equivalent of only one-third the time, or 20 hours,^[79] in all startup activities. More than 264 thousand importers will be involved in eFiling, so ample room exists for learning and cost improvements.

The 20 hours of startup time converts to an average cost per firm of $1,086 using the average wage rate of management and administrative occupations.^[80] Annualizing the average startup cost per firm at a 2% discount rate over 30 years, the estimated annualized cost equivalent per firm is $48.48. Table 17 presents a summary of estimated startup costs.

2. Filing Fees

Many importers use import brokers to facilitate customs filings and reporting with the government. Brokers typically charge a fee per entry or per entry line that is filed, and each entry line may contain one or more product certificates. The fees that brokers charge vary with the complexity of the Message Set and with the number of Message Sets filed. Most brokers charge a maximum fee per entry which reduces the filing fees per certificate for firms that file multiple certificates per entry. CPSC assumes that a majority of firms would choose to file as many product certificates as possible per entry, and this action will significantly lower the cost per individual product certificate filed. CPSC estimates the average fee per filing under these conditions to be $0.77.^[81] Importers are only expected to pay a filing fee for Reference Message Sets and Full Message Sets.

Table 18 presents an estimate of filing fees. CPSC estimates importers of non-children's products will file 19,697,612 annual message sets (Full and Reference Message Sets) for a fee. At the average filing fee per certificate of $0.77, the expected fees for all GCCs are $15,167,162 in total. CPSC also estimate that importers of children's products will file 28,555,603, annual message sets for a fee, and expect filing fees for CPCs to total $21,987,815 annually. The estimated annual total filing fees paid by all filers is $37,154,976. These totals exclude de minimis filings.