The Modernized Customs Code (MCC) was adopted by the European Communion in April 2008 but the process of realization is still enduring. The aim of MCC is to simplify legislation and administration procedures for both customs authorities and traders. The purposes of MCC are: Goods Tracking: Streamline the customs procedures in such a way that it reduces the e ort to keep track of the goods.

Custom Guarantee System: Streamline and harmonies further the customs guarantee systems Develop Paperless Environment: Lot of paper work is needed for a simple custom procedure. MCC will ensure the computerization of all customs formalities, with a view to a completely `paperless environment for customs and trade', e-customs Decision No 70/2008/EC of the Parliament and of the Council, adopted on 15 January 2008, by (i) Electronic lodging of customs declarations and accompanying documents as the rule (ii) Exchange of electronic information between the national customs, and other authorities; Centralized Clearance: Introduce and promote the concept of \centralized clearance", by which authorized traders can declare goods electronically and pay their customs duties at the place where they are established. These all procedures will be irrespective of the Member State through which the goods will be brought in or out of the EU customs territory or in which they will be consumed.

Single Window: An extension of the concept of centralized clearance by providing the documents at a single point. It provide a base for the development of the 'Single Window' and 'One-Stop-Shop' concepts, under which economic operators give information on goods to only one contact point (`Single Window' concept), even if the data should reach di erent administrations/agencies, so that controls on them for various purposes (customs, sanitary,...) are performed at the same time and at the same place (`onestop-shop' concept).

The concept of centralized clearance implies that when an \authorized operator" declares at the customs o ce, this o ce carries out the documentary risk analysis. The o ce then forwards the results of its analysis to the border customs o ce in that Member State or in another Member State where the goods are actually to enter or leave the Community (the `o ce of entry/exit'). Border o ce can apply physical controls if needed. Procedures are di erent for the compliant and trusted traders. As a bene t of centralized clearance, the goods need not to be moved to the o ce of import or export but could be delivered directly to the point of sale. This would allow multinational companies to conduct all of their EU business with one customs o ce. Centralized clearance leads to the single electronic entrance point which is called as \Single Window". In \Single Window" authorized operators provide the information required by customs once and then all other agencies have access to it. 2.2

The vision of the Extended Single Window project (ESW)1 started in 2010 is to develop an integrated and coordinated border management solution for ports and airports integrating with previous and subsequent procedures for reliable, secure, and cost e ective logistic chains throughout the Netherlands as a logistic gateway to Europe. The coordinated border management solution is referred to as `Extended Single Window'. It requires e cient and reliable handling of data to generate information for e ective joint supply chain planning for shippers, goods owners, transportation companies, forwarders, terminals and other logistic service providers. This data is also used to generate information for government agencies, like customs, agricultural and tax. Currently, shippers and goods owners are faced with a wide range of regulations and procedures when goods enter or exit the EU. Completion of declaration processes and risk analyses and planning and coordination of inspections by the various agencies before shipments 1 http://www.dinalog.nl/institute/projects/research-development-projects/ extended-single-window-information-gateway-to-europe/271 are (un)loaded from an aircraft or vessel enables logistics actors (terminal operators, forwarders, transport operators) to plan and execute transportation of shipments with hinterland hubs e ciently (improving modal shift, throughput time i.e. for perishable goods and reducing congestion). E cient and reliable government controls reduce administrative costs, increase reliability of the supply chain, and ultimately reduce transport costs for shippers and logistic operators. ESW project is a source for realization of all these discussed tasks.

Thus, ESW covers all regulations and procedures for coordinated border management at ports, airports and extending to hinterland hubs according to the MCC for both incoming and outgoing logistic ows, including integration with previous (outgoing goods for instance preceded by export) and subsequent procedures (incoming goods for instance followed by transit). Basic research in advanced information technologies is in Event Driven Architecture with a Logistic Interoperability Ontology: { Event Driven Information Service Bus (EISB). It is an extension of the concept of Enterprise Service Bus (ESB). Basically, each logistic operation triggers an event. Minimally, an EISB supports publish/subscribe functionality to events in virtual data space. Since the data space is virtual, relevant data can still reside with each actor depending on governance and logistic innovations at business level. Thus EISB can support traditional document-driven processes as well as new event-driven processes for tracking and tracing of movement of goods. { Logistic Interoperability Ontology Framework. It speci es the semantics of all physical objects as shared by business actors in supply chains, e.g. semantics of containers, goods items, and trucks thus allowing that each actor shares only relevant information with one or more other actors.

Using the EISB concept it is possible to extend the Single Window concept in at least two important ways. The Single Window is based on digital documents, whereas the ESW is based on events, which is much more exible. It is not necessary anymore for the sender to collect the data needed in the form of document template. The receiver speci es which data he wants to see (by subscribing to events), and these data are collected then (that is, continuously) from the virtual data space fed by all the distributed events. Secondly, the Single Window only streamlines data ow in one direction, from logistic operators to government agencies, whereas the EISB also supports data ow among logistic operators, among government agencies (e.g. to realize a One-Stop-Shop), or from government agencies to operators. One of the very powerful new possibilities opened up this way is end-to-end supply chain integrity as advocated by Hesketh [ 7 ]. 2.3

Enterprises need to respond quickly to the today's more competitive and global market. To ful ll this purpose business needs to streamline its business processes in highly standardized manner. A contemporary approach for addressing these critical issues is service oriented architecture (SOA) [ 2, 8, 22 ]. \SOA is a paradigm for organizing and utilizing distributed capabilities that may be under the control of di erent ownership domains. Therefore providing a homogeneous means to o er, discover, interact with and use capabilities to produce desired e ects which are consistent with measurable pre-conditions and expectations" [ 18 ]. SOA as an emerging approach meets the requirements of loosely coupled, standards-based, and protocol independent computing [ 20 ]. The enterprise service bus provides the functionality of highly distributed communication and integration based on event-driven and asynchronous communication. SOA can be extended to deal with service orchestration, intelligent routing, provisioning, integrity and security of massages as well as service management [ 21 ]. Extended SOA functionality is separated into three plans (i) Service foundation (ii) Service composition (iii) Service management and monitoring [ 19 ]. SOA and cloud computing are complementary activities. A platform for cloud computing provides a value-added underpinning for SOA [ 24 ], while SOA allows for optimal usage of Software-as-a-Service (SaaS) in cloud platforms. 2.4

Auditing is evaluation/monitoring/control of an organization/person/product on the basis of some norms. Traditionally, auditing can be de ned in two scenarios (a) an internal audit (b) external audit. According to ISA standard 2010, internal auditing is `to monitor and evaluate the e ectiveness of an organizational risk management and control system' [ 37 ] while in external auditing the focus is on the assurance about the accuracy of the nancial statement and coordination related tasks. The methods of internal and external audit are very similar, but external audit uses xed norms, while the audit norm can be the subject of optimization in the case of internal audit. Audit addresses the quality of the business. Because of compliance issues organizations have to pay signi cant attention on the management, reporting and monitoring of the business processes [ 6 ]. Auditing is a periodic activity, where the time period and scope di ers from one situation to another. In some organizations auditing is performed continuously termed as continuous audit [ 3 ]. Continuous and online auditing are very similar but slightly di erent concepts. Online auditing means that the auditing makes use of Internet technology for the distribution and/or acquisition of the audit data [ 32 ]. This also gives opportunities for interactive access to the data (drilling down). Ideally, online audit is continuous audit but continuous audit can be realized o -line as well [ 14 ]. 3

e-Government Evolution towards SOA E-government growth has been studied in two ways: (i) content analysis of the government web sites for speci c features of E-government [ 10, 28, 36 ], (ii) survey among local government o cials. Moon [ 17 ] conducted the most known survey of government o cials . Sometimes both content method and survey methodology have been used together.

Di erent models of e-government growth have been developed. For public administrators of e-government Layne and Lee [ 15 ] describe di erent stages of e-government development and propose a 'stages of growth' model for fully functional e-government. Keeping in view the technical, organizational and managerial feasibility and corresponding examples, four stages of growth model are: (1) cataloging, (2) transaction, (3) vertical integration, and (4) horizontal integration. These stages consider the citizen as a user of governmental services. These stages describes that citizen-focused change must be considered throughout egovernment development.

The two-stage model of Reddick [ 26 ] builds forth on the four stage model. This model of e-government growth is applied to municipalities. Stage I is the cataloging of information online and Stage II is transactions being completed online. These stages apply to various e-government relationships being government to citizen (G2C), government to business (G2B), or government to government (G2G). In this study, it appears that G2C e-government is primarily in Stage I cataloging information, in essence, providing an online presence for cities. Egovernment is considered more developed in the case of G2G use of internet for government employees.

Governmental agencies are trying to migrate their traditional systems architectures to more horizontally and vertically integrated architectures. Janssen and Veenstra [ 9 ] describe the stages of growth model for the development of information architectures for local governmental agencies. These stages consider the front and back o ce in parallel. The ve-stage model consists of (1) no integration, (2) one-to-one messaging, (3) warehouse, (4) broker and (5) orchestrated broker architecture. The rst three stages are about integration using data warehouses. The fourth stage not only handles information, but also starts invoking other types of technical services. In the last growth stage, the orchestrated broker architecture enters. This stage is specialized into SOA. Public decision-makers can use these stages as a guidance and direction in SOA architecture development. The stage model provides the milestones to evaluate and control the costs of architecture development.

For improving service delivery, departments and agencies have to work together and manage the mutual information ows. Stage models can help further e-government development. The stage model proposed by Klievink and Janssen [ 11 ] describes the stages of development in joint-up government at national level. It consists of following ve stages: (1) Stovepipes (2) Integrated organizations (3) nation-wide portal (4) inter organizational integration and (5) customer-driven, joined-up government. These stages also consider SOA.

From the above, we can see that integration has always been an important e-government concern, evolving from an intra- to an inter-organizational scope. SOA can very well support this development, but it also requires a more holistic view to the coordination of e-government services [ 12 ].

Uncoordinated means that one government authority audits one company at a time, based on direct communication between the company (e.g. trading company) and government authority (e.g. custom). In this category, there are again two subcategories, depending on the audit subject: (i) government audits the company (ii) company audits itself, reporting to the government. Audit by the Government: Audit by Government is of detective and corrective nature. Government want to check the status of the organization /company's declarations and trustworthiness. Government authorities or shareholders or investors usually perform this type of audit. They audit the assets, controls, declarations and all the matters related to the company's stability. Audit by the Company: In this case, the company has a rigorous internal auditing system. According to Starreveld et al [ 27 ] organizations need internal control measures, including organizational rules and control activities. These internal controls are in general of a preventive nature, i.e. preventing the occurrence of errors and opportunistic behavior of the organizational agents. The purpose of auditing the internal controls by the company is rst of all to implement accountability to owners and to attract investors. Nowadays, they may also be required by partners, e.g. powerful customers who are dependent on the quality of the company's processes. However, the very same measures can be used to implement accountability to the government, thus avoiding duplicated e orts.

A company/organization provide services to its customers/users with the help of di erent parallel or stand alone processes. We make an important distinction between operational and control services. Operational Service: Each operational service executes a particular activity in the company's primary processes. Operational services consume and produce value objects, so to safeguard value, operational processes need to be controlled.

Control Service: Control services implement business control on the operational services. Control services takes place at two levels: control within the organization and external control. Control services involve the creation of management systems, managing the consistency and quality of products coming to/from the company. It also involves the development of programs and processes that operate automatically [ 34 ].

Whereas the audit type says who is performing the audit (subject), the service type says what is the primary focus of the audit (object). The following table shows the four possible combinations:

Audit/Service Operational Control

By Company Type I Type II

By Government Type III Type IV Type I: Administration in the companies always needs to keep an eye on the status of the company. A focus on operational processes corresponds to traditional transaction-based auditing. Traditionally, this type is not feasible as the government is not willing to accept the risks of abuse and fraud. It is only willing to leave the auditing responsibility to the company when the company is rmly in control (type II). However, with the use of (automated) audit modules (cf. Fig. 1), the type may become acceptable. The audit module supports a continuous monitoring service of the company's operational services. In this way, it can detect and immune any potential operational issue. The results can be published and made accessible to the government agency.

Type II: Companies arrange the audit activity especially auditing the control services for itself to have self-assessment. This so-called system-based control is usually more e cient and e ective than the transaction-based type. There are other reasons for choosing this type as well. Companies with international supply chain like to show themselves to be compliant and standardized. The self-assessment can also replace costly governmental controls, as in the case of custom procedures. For this purpose e-customs provides a standard known as Authorized Economic Operator (AEO) certi cate [ 5 ]. To get an AEO standard company have to show customs compliance, appropriate recordkeeping standards, nancial solvency, and appropriate security and safety standards in place. An audit module audits the company's control services in order to ensure compliance to the AEO standard. This module can use the same architecture as the model in Fig.1, where the events being monitored are now control service events (for instance, changing authorizations) rather than operational service events.

Type III: When the government audits the operational services then there are two scenarios (i) government physically audits the operations and operational services. This is the traditional way of working, where custom inspectors process clearance request documents per transport and check all or a selection of the containers passing the border. Evidently, this is a labor-intensive process. (ii) Government audits the operational processes by using advanced IT such as the automated scanning, audit tools [ 33 ] and/or process mining techniques such as proposed by Van der Aalst et al [ 31 ].

Type IV: This can be seen as a variant of type II where the company has a rigorous internal control system, but rather than doing a self-assessment, the government remotely monitors and evaluates the control system. This variant may bene t both the company and the customs. Probably, it requires an even higher level of \being in control" then in the case of type II. In this case it is not su cient that the internal control system is compliant, according to human interpretation, but that this compliance need to be assessed and monitored online. In other words, the internal control system must be highly formalized and automated. The costs that this brings for the company can be compensated by the fact that (manual) self-assessments are no longer needed: the company only needs to provide access to the control services, via some interface. For the customs, it also saves costs of manual processing of AEO reports, and may provide a higher level of security. On the other hand, it requires sophisticated audit tools. It is also important that the interfaces are well-de ned and based on standards. 4.2

Growing trade and increased security require new controls. In parallel government would like to reduce the administrative burden. E-customs supports simplied paperless trade procedures, prevents potential security threats and counterfeit tax related frauds and also ensures the interoperability with other e-customs systems within and outside the Europe. The use of SOA in e-customs [ 25 ] helps us to access to the location of goods through its supply chain, the provision of evidence for import/export, the noti cation through alerts in case of exceptions, for example deviation from the planned trajectory, abnormal conditions for containers and others. With the still growing world-wide trade, no single company can ful ll all needs so it has to collaborate and cooperate with other companies. In this context, coordination emerges as a separate service.

Coordination Service: Co-ordination services can be de ned as services supporting an exchange process (a set of events) for a good or a service [ 34 ]. Processes like identi cation, negotiation, order execution and after-sales take place in a good exchange as well as a service exchange. Within this process, a distinction can be made between core services - the transfer of goods, services or money - and coordination services that support the process and manage the dependencies between activities [ 4 ].

Weigand et al [ 35 ], describe a user-centric service coordination cycle that assumes a consumer who interacts with multiple service providers who in turn o er some real-world service as part of a service bundle. Dependencies between activities arise, among others, from the occurrence of shared resources. For instance, when a consumer wants to use a hotel service and a ight service, a shared resource is the physical person himself, who can be at only one place in a given time. In the case of international trade and custom procedures, a shared resource is the container in question. This creates a need for coordination.

Next to the co-ordination among the companies in the chain there are multiple government authorities who audit them. Suppose there are n government authorities to audit m companies. In total there will be n:m combination of audits. This will cost lot of e ort and time from government authorities. To overcome this issue, the concept of trusted third part may be adopted. Fig 2 explains the scenario. Audit by Third Party: In this scenario there is a third party who is trustworthy for both company as well as Government/ Investor/ Concerned Authorities. Government selects the trusted third party based on some standards and certi cations. The third party audits the company, combining the different requirements from di erent government agencies, and takes a chain perspective rather than focusing on one company only. The type of audit is of detective, corrective and preventive nature. The audit information can be used by the company itself (it has outsourced its auditing so to say). If Government requires audit information then it can extract this online from the third party's interactive interface. Since the third party is external to both the Government and the company, it can manage the coordination of audit activities.

The concept of third-party can be implemented in several ways. In market economies, it is not realistic to assume that there will be a single third-party. Several competing and complementary companies will try to play part of this role. So it is better to talk about a third party network rather than a third party actor. Within such a network there may even be opportunities for a fourth-party actor concept as this also exists in logistics [ 30 ].

Assuming a coordinated auditing approach, three coordination types can be distinguished, from minimal to maximal (Table 2)

Coordination Type Coordination Level Coordination by

Type A Minimal Company Type B Partial Government Type C Maximal Third Party Type A: When coordination is not an assigned function. It means N government authorities will audit M number of companies independently. The lack of coordination results in ine ciencies and problems that the company must try to solve.

Type B: When there is data and information sharing/coordination between the government authorities, as in the one-stop government concept There may also be chain coordination between the companies, but the two are not integrated.. In the e-customs domain, this type should involve not only data sharing but also coordination of inspection activities. For companies that are currently in type A, this type B is a big improvement.

Type C: In this type there is overall coordination between the companies and as well as between the government authorities. This implies that not only companies have a single access point to various government services, but also that the government has a single access point to a logistic chain or business network. In this case, coordination is maximal. This type can only be realized by the support of intermediary third parties. It also requires that the government is willing to retreat from its role of \sole care taker" to the one of Service Provider/Network Manager [ 13 ]. 5