Staying Ahead of the Curve: 7 Key Regulatory Changes Impacting Global Transportation
As transportation regulations increasingly emphasize transparency and timely information, staying informed is key. Here are seven critical regulatory updates—including de minimis rule changes, new international data requirements, and cyberattack reporting—that will significantly impact shippers and demand proactive compliance strategies.
The current regulatory environment in logistics feels like walking through a construction zone in New York City, says Sam Agyemang, vice president of business development and sales with ITF Group, a transportation solutions provider.
“There’s constant activity, shifting frameworks, and new rules being installed while freight is still moving,” he says. Over the past year, the emphasis on transparency, environmental compliance, and security—both in the United States and abroad—has increased.
One sign of these shifts is how the standards about knowing one’s customers that traditionally applied to financial services institutions now encompass logistics-related companies, says Michael Kaye, U.S. lead of the commodities and shipping group and a partner in the international trade and foreign investment practice with Squire Patton Boggs.
For years, regulators have said banks have a duty to ensure that the transactions they facilitate comply with relevant regulations. But over the past 18 months, regulators have focused on other types of service providers that facilitate international trade, including freight forwarders, logistics providers, and warehouse operating companies, among others.
For instance, the Quint-Seal Compliance Note issued in December 2023 by the Departments of Commerce, Treasury, Justice, State, and Homeland Security stated that the complexity and global nature of today’s supply chains present opportunities for nefarious actors to evade U.S. sanctions and export control laws—say, by disguising the true origin, destination, or nature of their cargo.
To avoid potentially illicit conduct, entities participating in the global transport of goods have to take responsibility for assessing their risk profiles and implementing rigorous internal compliance programs. While the guidance wasn’t a regulation, it was “a bold-faced reminder” that these organizations have an obligation to comply with the rules and know their cargo, Kaye says.
U.S. Customs and Border Protection (CBP) has signaled in some of the executive orders that it will enforce customs duties and attempts to evade, as well as customs compliance, to the fullest extent of the law, says Jonathan Todd, vice chair, with the transportation and logistics practice group with national law firm Benesch. And when evasion is suspected, the agency’s policy today is to give less weight to mitigating factors.
Other changes also appear likely. Environmental, social and governance (ESG) mandates likely will move from voluntary reporting to regulated enforcement, especially around emissions, sourcing, and packaging, predicts Tracy Meetre, chief commercial officer with Sunset Transportation. Traceability and safety standards also will continue to tighten for food and pharmaceutical cargo.
As the regulatory environment has shifted from periodic updates to a state of continual evolution, compliance no longer is just a box to check, says Lindsay Conley, national sector leader with the consumer and logistics practice of Forvis Mazars, a public accounting firm. Instead, it becomes a strategic lever for resilience, market access, and competitive advantage.
Here are seven regulations that shippers and logistics providers will want to monitor.
1. The De Minimis Rule
The current de minimis rule allows many imports to the United States valued at less than $800 to enter duty-free. However, in April 2025, an executive order eliminated de minimis treatment for some imports from China and Hong Kong, starting May 2, 2025.
The tightening of the de minimis exemption marks a major shift for global ecommerce logistics. “Retailers and logistics providers now face higher import costs, longer clearance times, and greater compliance burdens, particularly for small parcels shipped directly from overseas,” says Korhan Acar, partner in Kearney’s strategic operations practice.
To adapt, companies are consolidating shipments, expanding regional warehousing, and shifting to U.S.-based fulfillment models, Acar says. Some are turning to long-term contracts to manage cost volatility, while others have paused direct shipments to the United States, he adds.
In addition, CBP is proposing new requirements for more detailed information, such as the 10-digit harmonized tariff schedule (HTS) classifications and product descriptions, on low-value shipments, says Don Mabry, senior vice president, global trade solutions with Infios. It’s estimated that completion and publication of this rule will occur in the third quarter of 2025 and be applicable soon after.
It’s also possible the restrictions will be broadened to include other countries, such as Mexico and Canada, or eliminated for certain product categories altogether, Mabry says.
Given how the exemption is being carved into chunks and the rules are becoming more complex, companies whose business models rely on it need to consider options, such as changing their sourcing or pricing strategies, he adds.
2. Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA)
CIRCIA mandates that certain companies—including some shippers and logistics firms—report to the government cyber incidents that impact their operations. They also must report a data breach that involves their information.
Under the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), some companies that experience cyber incidents are required to report them to their user base, says David Lieberman, senior director, U.S. government relations with Bentley Systems.
Shippers and logistics companies could be impacted either because they’re required to report cyber incidents that impact their operations, or because they receive notice of a breach that involves their information. Companies that have to report cyber incidents—what CIRCIA calls “covered entities”—include those that own or have business operations engaging in critical manufacturing; manufacture certain essential drugs; or own or operate a vessel or facility subject to the Maritime Transportation Security Act.
The rule describes several scenarios that could be considered “covered cyber incidents” that require reporting. One is a cyber attack that leads to a substantial loss of the confidentiality, integrity, or availability of a covered entity’s information system or network. Another is an incident that disrupts a covered entity’s ability to engage in business or industrial operations, or to deliver goods or services.
Mandatory reporting under this regulation won’t be required until the effective date kicks in, which is likely to be in September 2025, according to Baker McKenzie. However, the Cybersecurity and Infrastructure Security Agency, the organization behind this rule, encourages voluntary reporting until that time.
3. The UAE’s Maritime Pre-Load Cargo Information (MPCI) Program
UAE ports operate under the Maritime Pre-Load Cargo Information (MPCI) Program, which requires cargo data submissions 24 hours before a vessel is loaded. This regulation streamlines operations and impacts all companies trading through the Middle East.
The Maritime Pre-Load Cargo Information (MPCI) Program of the United Arab Emirates (UAE) requires cargo data be submitted 24 hours before vessel loading. This requirement impacts companies with trade routes through the Middle East, says Mike Klage, vice president of NTG Supply Chain Solutions.
The required data needs to be submitted beginning in July 2025, according to the UAE’s Federal Authority for Identity, Citizenship, Customs and Port Security. If the bill of lading is issued directly to the shipper, it needs to be submitted 24 hours before loading at the last loading port before arriving at the UAE. For consolidated shipments, the bill of lading needs to be submitted six hours before loading at the last loading port before arriving at the UAE.
Filing is required by shipping lines or their delegated shipping agents, as well as freight forwarders and NVOCCs.
4. The EU’s Digital Products Passport (DPP)
This regulation will eventually require nearly all products sold in the European Union to feature a Digital Product Passport (DPP), which will include a unique product identifier, compliance documentation, and information on substances of concern, among other data.
The DPP is designed to close the gap between consumer demands for transparency and the current lack of reliable product data, the EU says. The regulation is expected to launch in phases starting in 2026.
The DPP is not just a sustainability initiative, but an accountability system, Agyemang says. It represents a shift from compliance to lifecycle stewardship, demanding traceability for the materials that make up each product, as well as the product’s usage and disposal path. U.S. shippers selling into Europe will need to build the infrastructure to support this regulation.
5. The DOT’s English Language Requirement
As of June 2025, commercial motor vehicle drivers who do not meet the FMCSA’s English-language proficiency requirements will be placed out of service. To assess their proficiency, drivers must be able to answer questions in English about their trips, duty time, and license information.
In May 2025, the Department of Transportation announced that it would enforce existing rules around English language requirements for truck drivers.
Beginning in June 2025, commercial motor vehicle drivers who fall short of the Federal Motor Carrier Safety Administration’s (FMCSA) English-language proficiency requirements were to be placed out of service.
To determine a driver’s English proficiency, the FMCSA recommends checking whether a driver can answer questions presented in English that cover the origin and destination of a recent or planned trip, the amount of time spent on duty, and the information contained in the driver’s license.
6. The European Union’s ICS2
The EU’s Import Control System 2 (ICS2) requires shippers to provide advanced manifest information before their cargo leaves its country of origin, says Jason Mesko, vice president, international operations with Mode Global. The EU’s goal is to improve security as goods are transported internationally.
To that end, businesses that bring goods to or through the EU will have to provide safety and security data to ICS2 through an Entry Summary Declaration. They’ll also need to obtain Economic Operators Registration and Identification numbers from the customs authority of an EU member state. As of September 2, 2025, ICS1 will be phased out, and ICS2 data safety and security requirements will become mandatory across all transport modes.
7. U.S. Port Entry Fees
To counter China’s dominance in the shipbuilding sector, the U.S. administration will begin levying port entry fees for many Chinese built, owned, or operated vessels. As of late June, it was estimated that roughly 20% of freight-carrying vessels would be impacted by these fees.
“It’s going to be non-trivial,” Mabry says. Some vessels built outside the United States and docking at U.S. ports will initially face new fees of up to $50 per car-equivalent unit capacity or per net tonnage; the exact structure is still under review. It’s possible a Chinese-owned ship with 200,000 net tons of cargo could end up paying $10 million per port visit, with the amount rising as higher rates kick in.
To bypass these fees, some ships will head to Canada or Mexico and then transport their U.S.-bound cargo by rail, Mabry explains. Another strategy involves routing through Europe and then employing Chinese logistics providers to move goods to the United States.
These options will increase transit time. But companies that adjust their transportation strategies now could save money down the road.
Ensuring Compliance
Supply chain and logistics professionals can take several steps to ensure their organizations remain in compliance as regulations change:
- KNOW YOUR SUPPLIERS. Identify the countries of origin for the materials and components coming into your organization. Then, you can better determine the potential impact of different regulations, explains Anders Lillevik, CEO of Focal Point, a provider of end-to-end procurement management solutions.
- INVEST IN DIGITAL INTEGRATION. Automation tools and solutions such as EDI support real-time, accurate data sharing.
- Conduct internal audits. These audits can help identify compliance gaps and vulnerabilities, says Tim Chitwood, transportation and logistics team leader with Forvis Mazars. Then, the organization can act to resolve them.
- INVEST IN TRAINING. Educating team members on emerging standards and reporting obligations helps ensure readiness across the organization.
- WORK ACROSS FUNCTIONS. Don’t silo your compliance team. Legal, procurement, logistics, and marketing all need to be at the table because regulations touch multiple departments.
- TALK WITH YOUR CARRIERS. They’re often the first to absorb regulatory friction. Open communication helps everyone spot roadblocks early and then adjust.
- ESTABLISH POLICIES. A key initial step to a compliance program is establishing and documenting policies—creating a paper trail—that helps everyone know what they’re supposed to do.
- PUSH COMPLIANCE UP AND DOWN. Work with suppliers and customers to ensure they’re implementing their own compliance programs. When a company’s business partners have solid compliance programs, it’s easier for the company itself to ensure its own compliance.
- COMPLY. If a shipper attempts to evade duties and its container is seized, the company may face delays in accessing its cargo, as well as civil penalties. “The cost of non-compliance, particularly if an importer was trying to play games, can be excessively high,” says Jonathan Todd, vice chair, with Benesch’s transportation and logistics practice group.