Flying to the USA: Quick guide for General Aviation to eAPIS, MCL, PNR, and TSA Secure Flight

Expanding your operations to the USA requires stepping into the foreign world of data submission rules. Does it feel overwhelming? Well, we have some good news! In this article, you can learn how to reduce the workload for your team and build a simple compliance process for eAPIS, MCL, PNR and TSA vetting requirements.

When flying to the United States, there are some important PAX & CREW data submission rules that General Aviation operators must follow. Below, you will find useful information on:

• How to start your operations in the USA
• Electronic Advance Passenger Information System (eAPIS)
• Master Crew List (MCL)
• TSA Secure Flight program
• Passenger Name Record (PNR)
• Automated compliance with eAPIS, MCL, PNR, and TSA Secure Flight

Let’s break down each one of these points to help you understand what’s needed.

How to start your operations in the USA

To obtain a relevant permit (or exemption) for conducting flights to/from the U.S. as a foreign air carrier, you should start by contacting:

• the U.S. Department of Transportation (DOT)
• the appropriate Federal Aviation Administration (FAA) field office based on your geographical location

(On top of that, foreign air carriers may also need to meet licensing requirements of any other applicable U.S. Government agencies.)

All air carriers get assigned to operate under a specific regulatory part (e.g. Part 129, Part 91, Part 135; some are assigned to more than one part) based on the nature of the operations and the type of aircraft. The certification process also requires operators to declare a method for PAX and CREW data submissions (if you would like to submit your data in an automated way, just keep on reading!).

eAPIS: Submit your passenger and crew data to CBP

eAPIS stands for Electronic Advance Passenger Information System. It’s a web application used by the Customs and Border Protection (CBP) agency to collect passenger and crew data (submitted in the form of passenger and crew ‘manifests’) for international inbound and outbound flights. This data collection serves to improve border security and identify potential threats. Whether you’re operating a commercial or private flight, you must send your flight information ahead of time using eAPIS. This allows you to receive a confirmation number, required for your landing clearance at the smaller airports!

Since eAPIS only allows for a batch submission process, carriers need to remember to additionally check passener’s ESTA / EVUS / SFPD status (using the same portal).

Some carriers may follow an interactive API submission process via the DHS Router (this usually requires a third party provider that has developed a system-to-system connection for data transfers). Please note that the DHS router does not issue the confirmation number (landing clearance); however, it provides carriers instantly with the passenger’s ESTA / EVUS / SFPD status.

What information do you need to submit via eAPIS?

The eAPIS submission is quite complex and requires a lot of details concerning:

• Flight details: departure and arrival points, dates and times,​ overflight exemption number (if applicable).
• Pilot information: full name, date of birth, gender, nationality, country of birth, residential address, ​licence number.
• Crew and passenger information: full name, date of birth, gender, nationality, travel document (type, number, country of issuance, expiration date), visa status (type, number, expiration date), U.S. destination address (e.g. if you are camping by your aircraft, this could be the airport address 🙂).
• Aircraft information (only applicable to Part 91 operators): tail number, aircraft type, home base, and colour.

Before submitting your first manifest through eAPIS, you need to register on the CBP eAPIS portal. Not submitting the required information can cause delays, fines, or even denial of entry into the U.S. If you choose to submit your manifests manually, be careful with typos – mistakes in submissions can also lead to fines!

Master Crew List (MCL): Keep an official record of your flight personnel

Master Crew List (MCL) refers to a digital list of flight crew members maintained by the operators and available for official inspections and security screening.

The MCL can be filed using the CBP eAPIS Portal, the DHS router or an approved third-party service provider. The requirement applies to all international flights, arriving at and departing from the U.S. territory. 

The Master Crew List is reviewed by the Transportation Security Administration (TSA), which advises each carrier of any crew members that must be removed from the list. Only those approved will be permitted to operate and serve on flights to the U.S.

Once the list is approved, it is kept for subsequent flights. However, air operators need to remember to update the MCL whenever any crew data changes (e.g. your pilot gets a new passport, or you need to put a new flight attendant on your next U.S. flight).

What information do you need to submit in the MCL?

The electronic Master Crew List should contain the following information with respect to each crew member:

• Full name (last, first, and middle if available);
• Gender;
• Date of birth;
• Place of birth (city, state if applicable, and country);
• Citizenship;
• Country of residence;
• Address of permanent residence;
• Passport details (number, country of issuance, expiration date);
• Pilot certificate number and country of issuance, if applicable;
• Status onboard the aircraft.

TSA vetting: Screen your passengers with the Secure Flight program

The Secure Flight program is managed by the Transportation Security Administration (TSA). It requires air operators to submit passenger data – prior to flight departure – for prescreening and watchlist matching, to increase aviation security. TSA then informs air operators if (and what) security measures should be taken in regards to each screened individual (e.g. enhanced security check or denied boarding).

On top of domestic and international passenger airlines, TSA has decided to start adding smaller carriers, like Twelve-Five and Private Charter Operators to the scheme. Those selected by the agency are obliged to start submitting Secure Flight Passenger Data (SFPD).

The submission can be done using the DHS router or the electronic Secure Flight (eSF) web application (the access is granted directly by the TSA). All details need to be shared with TSA 72 hours prior to scheduled departure time, and following any subsequent updates to the flight.

What information do you need to submit to the TSA?

The TSA Secure Flight program requires the following data:

• Passenger data:
  • Full name
  • Date of birth
  • Gender
  • Redress number (if applicable) – if a passenger has been previously misidentified on security watchlists, they may have a redress number issued by the Department of Homeland Security (DHS); this number helps prevent screening delays.
  • Known traveler number, KTN (if applicable) – if a passenger is enrolled in a trusted traveler program (e.g. TSA PreCheck); this number can speed up the airport security screening process.
• Flight details:
  • Flight number
  • Departure airport
  • Arrival airport
  • Date of travel (departure date).

PNR: Share all travel reservations info with CBP

PNR stands for the Passenger Name Record, which contains passenger information collected during travel reservations. Air operators flying to, from, or through the U.S. must submit PNR prior to departure, and there are 4 or 5 submissions required for each flight (depending on whether it is impacted by the U.S. - EU PNR Agreement). This data is requested by the CBP, and used to prevent and investigate terrorism and other serious international crimes. It is submitted via the DHS router (which often requires operators to seek a third party provider that can connect them to the system).

What information do you need to submit in the PNR?

PNR differs from carrier to carrier, depending on the booking process and business approach. It may include some of the following (or more) if available:

• Passenger details
• Date of reservation
• Date(s) of intended travel
• Benefit information (i.e. loyalty programs, upgrades, etc.)
• Contact information (including originator of reservation)
• Payment/billing information (e.g. credit card number)
• Travel itinerary
• Travel agency/travel agent information
• Baggage information
• Seat information
• Other Service Indicated (OSI), Special Service Indicated (SSI) and Supplemental Service Request (SSR) information
• Any booking changes.

Automated compliance with eAPIS, MCL, PNR, and TSA Secure Flight

PnrGo is a one-stop software solution that can automate your compliance process for U.S. flights. The system has a direct connection to CBP and TSA to handle:

• Passenger and Crew Manifest submissions, both batch (via eAPIS) and interactive (through the DHS router)
• Master Crew List, both first-time submission and all the subsequent updates
• Passenger vetting under TSA Secure Flight program
• Passenger Name Record submissions

The U.S. passenger and crew data requirements do not have to become a burden for your team!

If you would like to learn more about our automated data transfer solutions, contact our Sales Department.