ICT Implementation and Its Effect on Public Organizations: The Case of Digital Customs and Risk Management in Korea

Abstract

Technological advancement and globalization have led modern economic growth and social development in many parts of the world. Governments are also increasingly adopting new technology to uphold public safety and to protect its citizens. In particular, customs administrations have been adopting digital customs and risk management frameworks to promote free trade and traveling while preventing cross-border transport of dangerous goods and individuals. This study proposes an up-to-date dynamic information and communications technology (ICT) implementation stage model that accounts for new modern technology and transformative public organizations. An in-depth case study approach is employed by using the example of the customs services in South Korea. Specifically, this study describes how the Korea Customs Service developed its digital customs system in tandem with risk management guidelines and practices and presents quantitative data on customs and risk management outcomes.

1. Introduction

Today, we live in an increasingly globalized world where technological advancement has enabled the free flow of goods, services, capital, and labor across borders [1]. These transactions have become an essential component of modern economic and social development. At the same time, transborder delivery of harmful goods and the travel movements of dangerous individuals pose a threat to economies, societies, and the environment. Hence, dealing with such risk and uncertainty has become an important agenda for governments and citizens alike. Technology may greatly help in this endeavor to curb these threats by improving the efficiency and effectiveness within public administrations [2,3,4]. It can also be used to collect better and more information that can be shared among various organizations and entities to facilitate coordinated risk management in modern societies [5].

In particular, this study examines digital customs and risk management which is a unique form of technology adoption in the public administration. This type of digital governance is especially interesting as it is closely related and can have immediate direct impacts on the economic development and social well-being of the general public. Specifically, customs administrations around the world have continuously adopted advanced technology and integrated approaches to promote sustainable development [6]. Moreover, the customs administrations’ operation is critical in achieving the Sustainable Development Goals (SDGs). For example, simplified and standardized border procedures and the timely delivery of goods facilitate business activities that positively affect industries and economic growth (SDGs 8–9); border control ensures that transported goods and passengers meet health, safety, and environmental protection regulations (SDGs 3, 12–16); and cooperation and partnerships with domestic and international agencies in both public and private sectors help stabilize institutions and societies (SDGs 16–17) [7].

The purpose of this study is to develop a generalized theoretical model that explains how new technology is implemented in public organizations. A dynamic information and communications technology (ICT) implementation model is proposed that accounts for the resilience and flexibility of systems that promote sustainable development and address concurrent and future risks. An in-depth case study approach is employed by using the example of the customs services in South Korea. Specifically, this study describes how the Korea Customs Service (KCS) developed its digital customs system in tandem with risk management guidelines and practices and, to complement its model and qualitative information, presents quantitative data on customs and risk management outcomes. The KCS case is interesting and aligns well with our theoretical framework since the customs services is a public organization that consistently deals with contemporary risk and near-future uncertainties and is well-practiced in introducing new advanced technologies into its daily operations.

In the following section, this study examines the literature on technology adoption in public organizations. Next, our theoretical model is proposed which is followed by a description of the case study approach. The case study in the fifth section is presented and this paper concludes with a brief discussion on the implications of this study.

2. Technology Adoption in Public Organizations

ICT implementation in organizations and its interaction with organizational effectiveness has been a long-studied subject with great importance. As this may involve a wide range of technology and various types of organizations, Cooper and Zmud broadly defined information technology (IT) implementation as “an organizational effort directed toward diffusing appropriate information technology within a user community” [2]. In particular, information technology has been recognized as the potential engine for transforming how the government works, either by transforming the internal process of government operations to improve organizational effectiveness or by transforming the governments’ interactions with other individuals and organizations outside the government (e.g., via e-government) [8]. This section mentions both streams of studies that are particularly relevant to this discussion and also how modern technologies differ in terms of their characteristics and application. First, it examines the literature focusing on the implementation of technology and the interdependent relationship between ICT implementation and organizational effectiveness. This section then examines the literature on the implementation and impact of e-governments that generally involve the adoption of the Internet and other online tools to improve government interaction with and service delivery to the general public. Lastly, a description of how digital technologies are transforming all aspects of societies and individuals’ lives as well as governments is undertaken, and this section ends by emphasizing the need for further theoretical and empirical research on the implementation of digital technologies and its effect on governments’ operations and services.

2.1. ICT Implementation and Organizational Effectiveness

Earlier literature on ICT implementation and its effect on organizational effectiveness introduced technology adoption stage models that are generalized theoretical models used to explain a wide range and mix of technology and organizations. Pioneering studies also proposed conceptual frameworks focusing on the interaction between ICT implementation and organizational effectiveness. While earlier studies began with the general notion of technology and all types of organizations, more recent studies are found that focus on the interaction between specific technology implementations and outcomes in public organizations.

Here, earlier theoretical and empirical studies are presented that describe ICT implementation stages and how this process is affected by various factors within and outside the organization [2]. These studies also suggested that a reciprocal relationship exists between ICT implementation and organizational effectiveness and outcomes [3,4,5]. Empirical results that included general or specific (e.g., intranet) technology in organizations across all sectors as well as in specific areas (e.g., public sector, local governments) are presented.

To begin with, Cooper and Zmud examined how information systems were implemented in private firms [2]. They suggested a theoretical ICT implementation model with six stages of implementation (i.e., initiation, adoption, adaptation, acceptance, routinization, infusion) and identified five relevant contextual factors (i.e., user community, organization, technology, task, organizational environment). Based on regression analyses using a sample of 52 manufacturing firms, they found that information systems technology interacted with managerial tasks that the technology was applied to, and this interaction resultingly affected technology adoption within these companies.

Similarly, Moon and Bretschneider examined the relationship between ICT implementation and organizational effectiveness [5]. They proposed a model that involved a reciprocal relationship between IT innovativeness and bureaucratic red tape, which is defined as “rules, regulations, and procedures that remain in force and entail a compliance burden but do not advance the legitimate purposes the rules were intended to serve” [5,9]. On the one hand, the effect of red tape on IT innovativeness may either be positive or negative. The association is expected to be positive if organizations with high levels of red tape display higher levels of IT innovativeness, meaning that more bureaucratic organizations demand IT adoption to enhance organizational effectiveness (i.e., the demand-pull hypothesis). Contrarily, the association is expected to be negative if organizations with low levels of red tape show higher levels of IT innovativeness (i.e., process-push hypothesis). On the other hand, the model also suggested that IT innovativeness can help reduce the level of red tape by addressing procedural issues in organizations (i.e., the technology-push hypothesis). Other factors in the model that affected IT innovativeness included top manager’s risk-taking propensity and organizational capacity. Moon and Bretschneider tested their theoretical model by analyzing the National Administrative Studies Project (NASP) data which was collected from 285 surveys filled out by top managers and middle managers in public, private, and nonprofit organizations with ten or more employees [5]. Their empirical results supported the demand-pull hypothesis by showing a positive association between the level of red tape and the level of IT innovativeness. They also found supporting evidence for the technology-push hypothesis which stated that IT innovativeness help reduce the level of red tape. Top manager’s risk-taking propensity and organizational capacity were also found to be positively related to the level of IT innovativeness.

Welch and Pandey also conducted a similar study that examined the relationship between ICT implementation and organizational effectiveness, in a more limited context that involved intranet implementation in public organizations [3]. Their suggested theoretical model was similar to the Moon and Bretschneider model, involving a mutual relationship between intranet usage and red tape in human service agencies [5]. Other factors that affected intranet implementation included organizational characteristics (e.g., centralization, communication quality, formalization, size, complexity) and external contracting influences. The data used to test their model came from Phase II of the National Administrative Studies Project (NASP-II) which surveyed 206 senior managers in state-level primary health and human service agencies. In their analysis, Welch and Pandey found that the adoption of the intranet reduced the level of red tape and thus confirmed the technology-push hypothesis in public organizations [3]. However, they were unable to find statistically significant results that supported the demand-pull hypothesis, suggesting that public organizations with high or low levels of bureaucratic red tape did not show any difference in intranet implementation.

Welch and Feeney examined the mediating effect of organizational cultures in the relationship between ICT adoption and public organizations’ managerial outcomes (e.g., improved decision making, public participation) [4]. Specifically, they examined how ICT capacity and mediating cultural factors (i.e., centralization, routineness, openness) affected future ICT participation outcomes in local governments by analyzing 360 local government managers’ survey responses from 2010 and 2012. They found mixed results and suggested further research with additional culture variables.

2.2. E-Government Implementation and Public Engagement

Another different but related line of studies examined e-governments, which generally refers to online government services provided to the general public. A wide range of studies exists on this topic, including studies that focus on e-government implementation. Kim et al. conducted a case study on e-government implementation by the Supreme Court Registry Office in South Korea [10]. They adopted Cooper and Zmud’s model as a theoretical framework and discussed the implementation stages with supporting evidence. They concluded that aligning technology and business processes, integrating resources into core activities, incorporating stakeholders’ trust and commitment, and improved understanding of organizational learning facilitates the implementation of e-government. Gibreel and Hong used a panel dataset at the country-level to examine how social, technical, and socio-technical factors affected the development level of e-governments worldwide and found that the effect differed between developed and developing countries [11].

The e-government maturity model is another widely used approach to examine e-government implementation. While these models are used to explain the different stages of e-government implementation by identifying characteristics that are specific to this technology and the public sector, more recent studies have further developed this framework by introducing the concept of sustainability. Joshi and Islam suggested a new e-government maturity model for promoting sustainable e-government services in developing countries [12]. Developing countries experience difficulties in implementing and providing e-government services to the public (e.g., limitations in technology, finance, and human resources). Moreover, Joshi and Islam argued that the existing e-government maturity models failed to provide appropriate guidelines for sustainable e-government services as they commonly featured a linear pattern of stages and lacked state-of-the-art technology, detailed processes, and adoption perspectives (and too much emphasis on the technology itself). Their suggested model introduced adoption stages along with the implementation stages and incorporated five determinant factors, namely a detailed process, streamlined services, agile accessibility, use of state-of-the-art technology, and trust and awareness. Lee et al. proposed a new theoretical framework of e-governance to promote sustainable development [13]. They argued that the current finite models were limited in responding to the rapid socio-technical transformation and escalating global threats that societies face today. Resultingly, their value-based digital government model was targeted for augmenting and supporting the SDGs and to provide a theoretical framework for public administrators and organizations. They also identified data, technology, service, people, and governance as the five critical elements of digital governments.

Lastly, other studies have examined the impact of e-government. For example, Myeong et al. examined the relationship between e-government and trust in government and found that they were positively correlated in terms of accuracy, sharing, and collaboration [14]. Andersen et al. reviewed 55 empirical peer-reviewed journal articles on the impacts of e-government in the public sector [15]. The impacts were categorized into four domains of capabilities, interactions, orientations, and value distribution: Capabilities refer to how the actors deal with its environment; interactions deal with the relations within and among the public, private, and citizen groups; orientations are actors’ cognitive, affective, and evaluative considerations (e.g., using quantitative information in decisions and actions); and value distribution involves values associated with citizen and public employees (e.g., citizen’s rights and health, public employee’s job satisfaction). They found that most of the impacts were positive and that the majority (86%) of the studies’ findings dealt with impacts of e-government on capabilities and interactions (e.g., improved data access and quality, interactions between government and its citizen and business clients). They also noted a lack of studies on the impacts of e-government, and especially on the orientations and value distribution domains in the public sector.

2.3. Digital Technologies and Government Transformation

Today, digital technologies are transforming all aspects of societies and individuals’ lives. According to the Organisation for Economic Co-operation and Development (OECD), digital technologies refer to “ICTs, including the Internet, mobile technologies and devices, as well as data analytics used to improve the generation, collection, exchange, aggregation, combination, analysis, access, searchability and presentation of digital content, including for the development of services and apps” [16]. As private companies undergo digital transformation and individuals increasingly use digital devices for work, entertainment, communication, and creative activities, there is an increasing demand for governments to adapt to the new changing environment by embracing the new technologies and pursuing government innovation [17,18]. Not only would such adaptation help governments communicate with the public to provide need-based and user-driven services, but it will also help address complex socio-economic issues such as inequality, geopolitical instability, and aging [19,20]. Hence, amidst new expectations and challenges, governments are promoting digital strategies to “transform” the government [21].

The digital transformation of governments not only involves the adoption and use of digital technologies to enhance efficiency, but also requires new or revised institutional frameworks and governance structures that ultimately change how governments work and interact with businesses and citizens [16,17]. The OECD defines digital government as the “use of digital technologies, as an integrated part of governments’ modernization strategies, to create public value” [16]. It differs fundamentally from the e-government approach which is characterized by the use of the Internet and related ICTs to improve the efficiency and effectiveness of government operations and public service delivery. The priority of the digital government is to meet the needs of the public by redesigning and innovating the whole government [17].

The digital government transformation consists of six dimensions that distinguish the digital government from traditional or electronic governments [17,22,23]. Specifically, digital governments are digital by design, highly utilize data, provide proactive services, open by default, driven by users, and function as a platform for public value co-creation. As in the case of digital private companies, digital technologies and data use are an integral part of the digital government. The aim of the digital government is not to merely adopt these technologies and processes, but to use them as a means to meet the needs and demands of the public [17,24]. For example, the business models and operations of Amazon and Netflix are based on digital technologies and maximize the use of data to offer in advance products and services that the clients need or prefer. Similarly, the digital government can interact with the public, collect data on individual preferences and social issues, and proactively design and implement policies before the citizens’ requests are made.

More importantly, the open and user-driven nature of digital governments is the distinguishing characteristic that differentiates digital transformation in the public sector from the private sector that enables cooperation and collaboration for public value co-creation. Since government processes and services are digital, data-driven, and open, the government can exchange ideas and interact with each the citizens on a real-time basis. This would lead to a change in the public sector culture where citizen participation in the policy design and implementation processes are enhanced [17,25]. Ultimately, the government can work as a platform for public value co-creation.

Due to technological advancement and the evolving concept of government transformation, digital government transformation has become a high-risk, high-return endeavor that cannot be avoided or ignored. As described earlier, government transformation was historically understood in two different ways that either involved the transformation of the internal process or the external interaction between government and other sociopolitical actors [8]. However, the distinction is no longer necessary nor possible with digital government transformation. Unfortunately, while recognizing the potential of technology adoption for digital government transformation, there is little evidence of such transformation nor theoretical frameworks that can explain the complex relationship between technologies, organizations, and institutions [8,26,27,28,29,30]. This is an area of study that requires immediate attention as digital government transformations have the potential to deliver efficiency benefits of $50 billion or generate overall benefits of $ 1 trillion annually worldwide, yet 70% to 80% of such efforts have ended up in failure or achieved very limited success [19,31].

3. Dynamic Stage Model of ICT Implementation

In this section, a dynamic stage model of ICT implementation is proposed to explain the dynamic relationship between ICT implementation and organizational effectiveness and outcomes in public organizations. Our modified model is based on Cooper and Zmud’s stage model of IT implementation as it provides a comprehensive theoretical framework that encompasses diverse features from other models and studies. Rapid technological advances, the evolution of public organizations, and dynamic civic engagement in the era of digital transformation and sustainable development call for a comprehensive and up-to-date framework to explain the sophisticated interaction between technology implementation and organizational effectiveness in public institutions. Moreover, this study adopts the concept of sustainability in public sector technology adoption to account for the resilience and flexibility of systems to address current and future needs in the face of uncertainty and risk. Thus, both literature perspectives mentioned above are combined to provide a holistic and updated theoretical model for technology adoption in the public sector.

Our dynamic model involves seven stages and is based on the Cooper and Zmud model. The Cooper and Zmud model—which is a variation of the Kwon and Zmud IT implementation model—is based on studies in the technological diffusion, innovation, and organizational change literature and involves various stages of technology implementation that can also be considered as activities that could work in parallel [2,32]. The model incorporated post-adoption behaviors from Zmud and Apple and can encompass the variety of IT applications and IT implementation processes observed in most organizations [2,33]. Our dynamic model introduces an additional stage of intelligence and a dynamic feature that connects all the stages in circulation to form a sustainable cycle of technology adoption (see Figure 1).

This study adopted and modified Cooper and Zmud’s definition and description of the stages as shown below [2]:

• Initiation stage: Due to organizational need (demand-pull) and/or technological innovation (technology-push), organizations scan their problems and opportunities (actively and/or passively) to come up with ICT solutions [3,5]. This results in finding a matching ICT solution and application for the organization.
• Adoption stage: Rational and political negotiations take place within the organization to build support for ICT implementation. Successful negotiations lead to decisions to invest necessary resources for the adoption of relevant ICT applications.
• Adaptation stage: The ICT application is developed, adopted, and maintained. Organizational procedures and rules are revised and developed accordingly. Potential users, including individuals within and outside the organization, are informed about the new procedures and rules. Education and training programs on the use of the new applications are provided to organizational members and interested external entities. As a result, the ICT application and related services are ready for use.
• Acceptance stage: The organizational members and external entities are encouraged to use the ICT applications. As a result, organizational members and external entities begin to use ICT applications for work.
• Routinization stage: The organizational members and external entities familiarize themselves with the ICT applications; the use of ICT applications becomes routinized as part of regular work activities.
• Infusion stage: Infusion is “the degree to which information technology has penetrated a company in terms of importance, impact, or significance” [34]. The ICT application is used in a comprehensive and integrated way so that organizational effectiveness is maximized, thus achieving the maximum use of the ICT application to its fullest potential. An organization with a high degree of infusion is expected to find the ICT application crucial to its operation.
• Intelligence stage: The organization and application users plan and prepare for future uncertainty and risk. Capacity to respond to unexpected events are discussed and incorporated within the ICT application to enhance flexibility, adaptability, and problem-solving functions within the organization. Non-routine tasks that were previously executed by people are augmented or even replaced by new technology (e.g., artificial intelligence, big data, Internet of Things) [16]. When this stage leads to the initiation of a new ICT implementation process, it concludes the previous ICT implementation cycle and initiates a new cycle, thus resulting in the formulation of a sustainable virtuous circle.

This study also incorporated Kwon and Zmud’s five major contextual factors that affect the processes and outputs of the ICT implementation stages, namely organization, environment, user community, adopted technology, and task [32]. This classification also accounts for various relevant factors that are known or suggested to affect ICT implementation in the aforementioned studies [3,4,5,10,35].

• Organization: Organizational characteristics such as specialization, centralization, and formalization are known to affect the implementation of technology within an organization [4]. The managerial support and leaders’ risk-taking propensity also matter as these factors could greatly facilitate the adoption process. Other important organizational characteristics include capacity (e.g., financial), commitment and effort towards ICT implementation, organizational culture (e.g., routineness, openness), sector, and size of the organization.
• Environment: Environmental factors such as the market, uncertainty, inter-organizational dependency, and geographical location are also known to affect ICT implementation.
• User community: Since ICT implementation can be greatly facilitated or hindered by how the user community perceives the change in their work, the users’ job tenure, education, and preferences (e.g., use of technology, resistance to change) are some of the key user characteristics that should be considered.
• Adopted technology: The complexity and design of the adopted technology is another major factor that would affect the implementation process. Successful implementation of ICT applications would be assured with good designs and easy-to-use applications.
• Task to which the technology is being applied: The success of ICT implementation is also affected by what type of tasks they are applied to. The ICT applications should take into account the uncertainty involved in the tasks, the variety of tasks covered, and the autonomy and responsibility imposed on the individuals that perform the task.

Not only do these factors affect how ICT applications are implemented in organizations, but they also interact with each other during the process. Specifically, the adopted technology, user community, and tasks to which the technology is applied are closely related and work hand-in-hand. Ultimately, as a result of successfully undergoing the ICT implementation stages that take into account relevant contextual factors, the cumulative effect of ICT implementation should be observable in terms of improved organizational effectiveness and outcomes.

4. Methods: Case Study Approach

This study employed an in-depth case study approach of the customs services in South Korea. The case study research method is a preferred strategy to answer “how” and “why” questions [36]. Case studies are generalizable to theoretical propositions in terms of developing concepts, generating theories, drawing specific implications, and contributing rich insight [36,37]. The in-depth case study approach is a popular and well-established vehicle that has been broadly used by scholars that recognize the importance of taking an empirical approach for interpreting the social issues related to information systems [37]. Thus, such an approach improves the understanding of the development and management of information systems by providing deeper insight into human thought and action in social and organizational contexts [38].

Interviews are widely used to collect data for case studies as it provides access to participants’ views and interpretations of the actors and processes involved in implementing and operating the systems [37]. Other methods of data collection such as direct observation, participant observation, documents, and archival records are also used whenever appropriate [37,39]. The use of multiple data collection methods with varying strengths and weaknesses helps researchers compare peoples’ beliefs against their actions and provides reasonably confident and convincing results when the evidences converge [39]. These methods are especially useful for conducting exploratory studies when little is known about the subject of study, when other methods (e.g., experiments) are not practicable or unethical, to understand what truly happens in a group or organization by looking from the inside, to examine complex issues that cannot be controlled, or to examine the connections between processes and results [39].

The case study approach is appropriate for this research as it provides the means to describe in detail the organizational dynamics of a phenomenon; in particular, it helps us to understand and explain how the dynamics and interactions among stages and factors of ICT implementation occur [10,12,36,37,38,39]. Moreover, the authors prefer this approach since the modifications in this study’s suggested ICT implementation model takes into account contemporary and near-future uncertainties that only the most technologically-advanced and leading organizations may have yet considered or experienced.

This study adopted a mixed-methods approach by examining documents, analyzing data, and conducting semi-structured interviews with 20 interviewees from the headquarters and regional customs offices that differed in their expertise, position, and work experience. Information was collected on the ICT implementation process, relevant factors, and the outcomes of the organization. This study also conducted additional phone interviews with relevant ICT application users within and outside the organizations to validate and complement our findings.

5. Results

The results section first describes the customs administrations and risk management process in general. Based on this framework and qualitative research, a description is provided on how the KCS developed its digital customs system in tandem with risk management guidelines and practices. Quantitative data on customs and risk management outcomes were also examined to complement the case study.

5.1. Customs and Risk Management

Customs administrations serve the crucial role of controlling borders and facilitating cross-border transactions of goods, services, labor, and finance by collecting duties and taxes, enforcing customs law, adopting compliance strategies, and managing risk [40]. Risk management, defined as “coordinated activities to direct and control an organization with regard to risk,” is becoming increasingly important as the expanded responsibilities of modern customs services include the protection of society, culture, intellectual property, and the environment [1,41].

With globalization and the rapid change in the international political and economic order, customs services have continuously evolved to achieve both goals of trade facilitation and border protection. On one hand, customs administrations face the challenge of dealing with the surging trade volume and transactions among businesses and consumers in a timely and reliable manner. On the other hand, they are at the forefront of citizen protection by preventing the entry of illegal or harmful goods and persons that threaten national security, stability, and prosperity.

Given the expanded roles and limited resources, customs administrations have been adopting new approaches, techniques, and technologies to its operations. In particular, risk management at customs administrations involves the efficient allocation of scarce resources to identify and target goods and travelers at the higher end of the risk continuum [1]. While incentivizing and simplifying procedures for voluntarily compliant low-risk clients, risk management strategies and techniques target avoiding or incompliant clients to identify and manage the greatest risks in a systematic and structured manner.

Although implementation details may differ in practice, risk management processes would generally follow the steps outlined in the WCO Customs Risk Management Compendium (Figure 2) [1]:

• Establishing the context: This step involves defining the risks, scopes, objectives, criteria, resources, environment, and other necessary terms for risk management.
• Risk identification: Identification of the potential risk continuum (including risk sources, events, causes, and potential consequences) is a prerequisite for risk analysis and treatment.
• Risk analysis: Risk analysis involves quantitative assessment of the risks, the likelihood of occurrence, and their consequences which help understand the nature of the risk and determine the level of risk.
• Risk evaluation and prioritization: Based on prearranged criteria, risks are sorted by their risk level and high risks are prioritized for further examination.
• Risk treatment: The identified risks are handled differently based on the situation. In most of the cases, risks are treated with appropriate mitigation control measures and actions or tolerated if they can be managed with existing controls. Customs may also decide to transfer the risk to other parties (e.g., another law enforcement agency, a subcontractor) or avoid the risk by terminating the activities that would lead to such risk.
• Monitoring and review: The risk management framework, risk management process, risk, and control measures should all be closely monitored and reviewed.
• Documentation, communication, and consultation: Whenever necessary, customs administrations should document, communicate, and consult with relevant stakeholders to ensure accountability and transparency of the risk management process.

Customs administrations can also use appropriate technology to facilitate trade and improve border control [1]. For example, customs administrations can reduce the time and cost taken for goods and travelers to cross the border by adopting digital customs systems, automated cargo clearance systems, and modern screening equipment at the borders. It can also achieve effective and efficient risk management by adopting integrated information systems that provide real-time access to large databases, analytic tools that allow customized data extraction, and improved communication and information sharing within and across organizations.

Another structural change that is commonly observed in modern customs administrations is the establishment of risk assessment and targeting centers. Targeting (or selectivity) refers to the selection of certain items, transactions, or entities for examination [42]. In general, these centers act as a hub for managing and coordinating risk information, manage selectivity criteria, develop and manage ICT applications for risk management, and cooperate with front-line operations as well as relevant external partners and entities [1].

5.2. Digital Customs and Risk Management at the Korea Customs Service

Since the adoption of the risk management framework at the beginning of the 21st century, the KCS has actively introduced new approaches, techniques, and technologies to improve the risk management system. The adoption of ICT applications in risk management such as customs data warehouse (CDW), integrated risk management system (IRM-PASS), and digital customs system (UNI-PASS) were accompanied by changes in the organizational structure, human resource management, operations, tasks, and users. As proposed in our theoretical model and in accordance with the literature (e.g., Cooper and Zmud, 1990; Kim et al, 2007), ICT implementation at the KCS progressed through various stages and was found to be affected by aforementioned contextual factors [2,10]. It was also found that digital technologies indeed transformed the organization’s operation and interaction with other agencies [16,17]. Moreover, the KCS case supported the process-push hypothesis which assumes that more effective organizations are more likely to adopt advanced technology. Despite its difference, this case study result does not necessarily contradict with the result of Moon and Bretschneider since their study statistically analyzed all types of organizations [5].

The implementation of ICT and relevant improvements to the risk management system in the KCS is depicted in Figure 3. The adoption of frameworks, technologies specific to risk management, general technologies for customs administrations, and technology-driven organizational changes are shown in yellow, blue, green, and orange boxes, respectively. The development process of the risk management system was categorized into two phases based on the major technologies adopted. The first phase is the electronic customs phase (2000–2006) which mostly involves Internet use and electronic processing of documents and functions to reduce cost and improve efficiency. The second phase is the digital customs phase (2009 onwards) which involves digital technologies and data-driven innovations within the organization to provide proactive services and open data for users within and outside the organization. Below, each phase is described in detail and their ICT implementation stages and major contextual factors are compared.

ICT implementation stages of the two phases of risk management system development can be summarized as shown in

Table 1. The implementation process of ICT applications in risk management.

	Electronic Customs (2000–2006)	Digital Customs (2009 onwards)
1 Initiation	(Problems and opportunities): risk management framework adopted, but all documents in paper (ICT solution): Electronic processing of documents to improve efficiency and reduce cost	(Problems and opportunities): the need for improved productivity, timely communication, and enhanced interaction (ICT solution): system overhaul and adoption of the integrated digital customs system
2 Adoption	Decisions made to install CDW and electronic customs systems	Decisions made to install IRM-PASS and digital customs systems
3 Adaptation	CDW system installed in two stages (2001–2003); Drug investigation divisions established and drug investigation agents trained (since January 2002)	IRM-PASS installed (2009–2011) and digital customs system developed (2013–2015); CBRMC established and its staff were recruited and trained (since February 2017)
4 Acceptance	The two stages of the CDW system were launched for use (August 2002, September 2003)	The digital customs system began its service (June 2016)
5 Routinization	Along with the complete installation of the CDW, extensive information analysis activities were conducted to identify dangerous goods and travelers (since April 2003)	The CBRMC integrated intelligence and selectivity functions to effectively orchestrate and control risk management activities.
6 Infusion	Information analysts increased to 400 and activities were expanded to all 29 customs nationwide; the introduction of the CDW led to a substantial reduction of time and effort required for data analysis	The CBRMC took full responsibility for planning and operation of risk management activities
7 Intelligence		Initiation of pilot projects for further adoption of digital and data-centered technologies (e.g., big data, artificial intelligence, blockchain)

. In general, both electronic and digital customs phases follow similar development stages but show differences in the last (“intelligence”) stage.

First, the electronic customs phase consists of the adoption of the risk management framework (2000), the CDW (2001–2003), and the electronic customs system (2004–2006). The KCS adopted the risk management framework in early 2000, which provides the foundation and organizational arrangements for risk management [1,43]. The risk management framework enables structured and systematic means to identify, assess, and manage risk.

Following the adoption of the risk management framework, the KCS began installing the CDW system in June 2001 [44]. The CDW is an integrated information system that combines internal and external data and provides searching functions that can be used for data analyses and risk management (e.g., illegal foreign exchange and trade activities, tax evasion, illegal import of drugs and guns) [44,45,46]. It was the first attempt to adopt a data warehouse in risk management among Korean government organizations [45]. The database consists of internally accumulated data on import and export clearance, cargo, tariff refund, traveler information, investigation, surveillance, businesses as well as other organizations’ data on foreign exchange, tax collection, border entry/exit, to name a few. It also provides online analytical processing (OLAP) tools for quick and easy access to information, data processing, and data analysis.

After implementing the first installation stage of the CDW system that involved investigation, screening, and statistics activities (June 2001 to June 2002), the CDW was launched for use in August 2002 and was used to collect more tax and find illegal drug trafficking activities [45,47]. The second stage of the process included clearance, cargo, and surveillance activities (September 2002 to September 2003). The completed organization-wide risk management system was launched for use in September 2003 [45]. Although the CDW system can be considered as part of the electronic customs system (also known as the “3rd generation” system) and the electronic customs system greatly reduced the costs and improved the productivity of the KCS operations in general, other components of the electronic customs system did not bring substantial improvements to the risk management system.

The introduction of the CDW led to a substantial reduction of the time and effort required for data analysis. As all the data are cleaned and managed systematically, the use of CDW also improved data reliability and enabled sophisticated analyses. Prior to the introduction of the CDW, information was available in printed form and managed by each relevant department so that combining data and conducting analyses often required long hours of work. For example, by using the CDW, the time required for detailed analysis of illegal foreign exchange reduced from 2 days to 10 min.

The KCS also implemented changes within the organization on January 2002 that involved the establishment of the drug investigation division in the headquarters and Incheon airport customs, training and assignment of 24 drug investigation agents and 6 information analysis agents, and the assignment of 30 detection dogs in 8 port customs nationwide [48]. Along with the complete installation of the CDW, extensive information analysis activities were conducted to identify dangerous goods and travelers since April 2003 [45]. The number of information analysts increased from 200 to 400 and activities that were previously conducted at the headquarters and 6 main customs offices were expanded to all 29 customs nationwide.

Second, the digital customs phase consists of the establishment of the IRM-PASS (2009–2011), digital customs system (2013–2015), the Customs Border Risk Management Center (CBRMC, 2017), and technological pilot programs (2018 onwards). The IRM-PASS was installed in 2009–2011. IRM-PASS enables integrated management of risk management information that was previously undertaken by each function or department within the organization (e.g., clearance, screening, investigation) [49]. The IRM-PASS outlines standardized risk management processes that all departments can apply when dealing with high-risk cargoes and travelers [50]. In addition to enhancing organizational integration, producing comprehensive information, and providing assistance for each departments’ operation, the significance of the IRM-PASS lies in the shift from post-audit and correction to prevention through real-time data management [1]. Similar to the risk management process in WCO (2011), the IRM-PASS cycle involves initial screening on prior data and post records (step 1), analysis using auto filtering and monitoring (step 2), selectivity using simulation and multilayered factors (step 3), and re-evaluation of risk treatment results (step 4).

The digital customs system (UNI-PASS) underwent major improvements between 2013 and 2015 and began its 4th generation service in June 2016 [51]. The UNI-PASS is a comprehensive digital customs system that was developed to fulfill the customs administration’s goal of facilitating international trade for economic growth and controlling the national border for socioeconomic and environmental protection. Today, it consists of multiple components that govern and support business practices (e.g., cargo and clearance management), non-business operations (e.g., audit, investigation, surveillance), risk management, single-window portal services, IT management, and the customs administration. The digital customs system was first developed as a trade statistics system in 1974 and underwent continuous modifications. A completely new system was implemented between 2014 and 2016, which involved hardware upgrades to enhance system performance and reliability, improved user interface for applications that were used by customs officers as well as outside users (e.g., importers, exporters, carriers, customs brokers), and enhanced data availability and accessibility (e.g., real-time cargo tracking information, open API, selectivity function).

The CBRMC was established in February 2017 to coordinate preemptive measures against terrorism, drug trafficking, and illegal import of harmful items [52]. The center integrated intelligence and selectivity functions that had operated separately beforehand and was placed under the direct supervision of the deputy commissioner to effectively orchestrate and control risk management activities. The responsibilities of the center include planning and operation of risk management activities; operation of the risk management information system; collection and analysis of risk-related information; management of selectivity tasks, criteria, and techniques; and coordination of risk information and cooperation with relevant international and domestic organizations.

More recently, the KCS announced its long-term plans to apply big data analytics to the customs administration [53]. Specific goals included the installation of a big data platform, development of a big data analysis model, establishment of a big data division within the organization, and training data scientists that will work within the big data division. The KCS strategy ultimately aims for a smart clearance system that is based on artificial intelligence and big data analysis to facilitate the flow of goods and effectively prevent the entry of illegal and harmful goods. Relevant pilot projects that experiment on the application of advanced technology (e.g., A.I., blockchain, big data analysis) have been planned and implemented since 2017.

Moreover, as shown in

Table 2. Contextual factors affecting ICT applications in risk management.

	Electronic Customs (2000–2006)	Digital Customs (2009 onwards)
Organization	(Leadership): Leaders’ willingness to take the risk and managerial support facilitated the ICT adoption process (Structure): Technology adoption led to relevant organizational changes (e.g., training and assignment of drug investigation agents and information analysis agents) but failed to establish a formal governance structure for ICT application in risk management activities	(Leadership): Leaders’ willingness to take the risk and managerial support facilitated the ICT adoption process (Structure): Technology adoption facilitated the establishment of the CBRMC which may function as a specialized and centralized control tower for ICT application in risk management activities
Environment	Anticipated growth of international trade and increasing drug trafficking activities	Anticipated growth of e-commerce and diversified drug trafficking activities
User community	User community mostly involved internal customs officers and some relevant external entities (e.g., importers, exporters, carriers, customs brokers)	New external individual users joined the experienced traditional users to expand the user community
Adopted technology	(Technology): CDW and electronic customs were implemented for Internet adoption and electronic processing of documents and functions. (Adoption): In the absence of a similar pre-existing system, electronic customs and CDW were developed in stages and sequentially implemented as the technology became available.	(Technology): IRM-PASS and digital customs were implemented to adopt digital technologies and data-driven innovations (Adoption): Since the digital customs introduced a completely new system to replace the existing system, its development took three years and required post-installation improvements and adjustments based on user feedback
Task	Information-centered ICT applications that newly provided searching functions for data analyses and risk management	Data-centered ICT applications that enhanced organizational integration and interactive real-time data management

below, the contextual factors had different implications on the implementation of electronic and digital customs and may have also affected the implementation (or absence) of the intelligence stage.

5.3. Trend of Customs and Risk Management Outcomes

Finally, this section shows how various measures of customs administration and outcomes have changed over time. Similar to Moon and Bretschneider, Welch and Pandey, and Welch and Feeney, the KCS case supports the technology-push hypothesis and suggests that ICT adoption results in improved organizational effectiveness and outcomes [3,4,5]. It also shows a positive impact on three out of four domains (i.e., capabilities, interaction, orientations) listed in Andersen et al. [15]. Along with the development of the risk management system, the performance of the organization also improved in terms of handling large volumes of transactions in a timely and reliable manner and also controlling the border by preventing the entry of harmful items. The examination of the trend of customs service employees, cross-border flow of goods and travelers, and cargo clearance time showed that the operational efficiency of the customs administration greatly improved in the 2000s. Furthermore, the increasing number of cases and volume of drug seizures by the customs service is consistent with the ICT implementation and organizational changes at the KCS.

First, the number of employees was compared with trade in goods and travelers to examine how productivity changed across time, where productivity can be defined as the capacity to handle the cross-border flow of goods and travelers given the labor within the customs administration. The number of import and export transactions reported and international travelers crossing the Korean border were used as measures of the cross-border flow of goods and travelers, respectively. The number of trade transactions is preferred over trade volume since it is a better measure of the total workload of the customs service in terms of goods handled.

Figure 4 shows a substantial reduction in import cargo clearance time despite the rapid increase of trade and travelers across time. In 1998, the average time taken for the import cargo clearance process was 13.5 days. The import cargo clearance time decreased across time to 9.6 days, 4.5 days, 2.04, and 1.36 days in 2003, 2005, 2012, and 2018, respectively. During the same period, the volume of general exports and imports grew at an average rate of 5.3% and 11.4%, respectively. Due to the explosive growth of e-commerce, the Korean government began to track the volume of international e-commerce in the 2010s; for the years with data, e-commerce exports and imports showed an average annual growth rate of 545.8% and 32.8%, respectively. Altogether, between 2000 and 2018, the average annual growth rate of total trade volume was 14.6%. Travelers also increased during the same period (2000–2018). On average, the number of travelers crossing the national border increased by 8.5% every year. Since the number of customs service employees only slightly increased on average by 1.3%, from 3983 in 2000 to 5013 in 2018, the data suggests that the efficiency of the customs administration greatly improved in the 21st century.

Second, the number of cases and the volume of drug seizures across time were examined. Since 1990, the KCS has been responsible for investigating drug crimes that occur at airports, harbors, and bonded areas where international goods and travelers arrive at and depart from [54]. Thus, this case study exclusively examined the number of cases and volumes of drug seizures by the KCS and ignored domestic illegal drug seizure cases by other government organizations.

In general, drug seizures at the borders substantially increased and became diversified across time. Between 2000 and 2018, the average annual growth rate of the number of cases and the volume of drug seizures were 19.3% and 43.1%, respectively (see Figure 5).

The illegal drug trafficking patterns also evolved; type of drugs, means of transport, and routes diversified with globalization, improved technology, and increasing demand and supply for drugs. In the early 2000s, drug seizures were characterized by a few cases that involved large-scale trafficking activities. For example, among the 151 kg of drugs seized in 2001, 91 kg were found in cargo in transit from China to the Philippines and 30 kg were found in cargo imported from China. Further, 138 kg of drugs were seized from merely 6 cases in 2002. Moreover, the total number of annual seizure cases was not too high (e.g., 26, 36, and 48 in 1999–2001) and the traditional mode of transportation was mostly travelers as carriers (28 out of 48 in 2001) [48].

However, after the major seizures in the early 2000s, the average volume of drug trafficking decreased while the total number of cases increased rapidly. Around 2014, the volume of drugs also showed a sharp increase, resulting from large volume trafficking activities by international criminal organizations and increased demand for individual consumption of new drugs [55]. This increasing trend of drug trafficking continued until 2018, with highly diversified routes including cargo, express cargo, and postal items [56,57,58]. Furthermore, drug trafficking routes became diversified. Prior to the mid-2010s, most of the drugs came from China and were headed to Japan. Since 2015, Korea became less utilized as a country of transit and more popular as the final destination of illegal drugs that came from all regions around the world including Africa, America, and Europe [56,57,58].

This study also confirmed that the targeting capacity improved by observing a decrease in the inspection coverage rate and an increase in the drug seizure rate between 2016 and 2017 (not presented). The inspection coverage rate, defined as the total amount of goods inspected over total imported goods, decreased since the volume of trade displayed relatively high levels of growth. Nonetheless, the improvement in drug seizure rates, defined as the total number of drug seizure cases over total inspection cases, showed that the customs administration was increasingly successful in targeting potential sources of risk.

6. Discussion

Based on the literature on the implementation of technology and the interdependent relationship between ICT implementation and organizational effectiveness, this study proposed a dynamic stage model of ICT implementation to explain the dynamic relationship between ICT implementation and organizational effectiveness and outcomes in public organizations. In addition, an in-depth case study approach was employed by focusing on the customs services in South Korea. This study described how the KCS developed its digital customs system in tandem with risk management guidelines and practices. Quantitative data on customs and risk management outcomes were examined and found to be consistent with our model and other qualitative information.

Specifically, two different phases of risk management systems were implemented since 2000 and followed a similar development process. The greatest difference was observed in the last (intelligence) stage which was absent in the electronic customs phase and only observed in the digital customs phase. The two phases were affected by different contextual factors that seem to have differently affected the implementation (or absence) of the intelligence stage. Also, organizational effectiveness and outcomes improved after ICT implementation in the KCS. The organization’s capacity to handle the cross-border flow of goods and travelers improved while the cargo clearance time reduced substantially. Furthermore, drug seizures at the borders substantially increased after new ICT implementation.

This research contributes to the literature by proposing a dynamic ICT implementation model that accounts for the resilience and flexibility of systems to promote sustainable development and address concurrent and future risks. While this study used the digital customs case as an example of ICT implementation in the public sector, the proposed model can be applied to other modern technology adoption practices in public organizations as well as private entities.

Based on this study, the authors recommend all governments continue to pursue their collaborative effort to facilitate trade and enhance border protection by adopting advanced technology and restructuring the customs administrations accordingly. Further, international cooperation and knowledge sharing are crucial in terms of dispersing best practices for risk management and also to promote worldwide sustainable development by mitigating economic, social, and environmental risk factors and preventing cross-border movements of dangerous goods and travelers. Moreover, this framework should also be applied in other public domains such as tax services and healthcare services that could greatly improve its efficiency and effectiveness from using new digital technology and more data.

Future research should examine case studies in different contexts or examine additional outcome measures to quantify the effect of ICT implementation on public organizations and their organizational effectiveness. Whenever possible, and with a sufficient amount of accumulated information, big data on daily transactions or surveys of employees should also be examined in future empirical studies.