Tiếng Việt
中文 (中国)
CIRCULAR 13/2018/TT-BTTTT: LIST OF INFORMATION SECURITY PRODUCTS SUBJECT TO IMPORT LICENSING
This operational reference is prepared for importers, logistics teams, procurement, legal, compliance and customs operation teams that need to review information-security equipment before contracting, document finalization and customs declaration.
QUICK SUMMARY
Circular 13/2018/TT-BTTTT regulates the list of information security products subject to import licensing and the dossier/procedure for import permits.
Issued on 15 October 2018 and effective from 1 December 2018. For current filing, it must be read together with Circular 10/2022/TT-BTTTT.
Review HS codes, security functions, catalogue/datasheet, information-security business licence, conformity documentation and submission timing before ETA.
| Review item | Application conclusion | Operational action |
|---|---|---|
| Circular 13/2018/TT-BTTTT | Base circular issued on 15 October 2018, effective from 1 December 2018. | Use it to read the original scope, product-list logic and licensing procedures. |
| Circular 10/2022/TT-BTTTT | Amending circular effective from 15 September 2022, replacing appendices and amending procedural steps. | Do not rely only on the 2018 appendices without checking the 2022 amendment. |
| Current processing portal | The Ministry of Public Security Public Service Portal displays procedure code 3.000344 handled by the Department of Cybersecurity and Hi-tech Crime Prevention. | Check forms, fees, timeline and dossier components on the current MPS portal before filing. |
DOCUMENT INFORMATION
| Information field | Content |
|---|---|
| Document title | Circular regulating the list of information security products subject to import licensing and the order, procedures and dossiers for issuing import permits. |
| Document number | 13/2018/TT-BTTTT |
| Issuing authority | Ministry of Information and Communications |
| Issuance date | 15 October 2018 |
| Effective date | 1 December 2018 |
| Application status | The base circular on import licensing of information security products; amended and supplemented by Circular 10/2022/TT-BTTTT from 15 September 2022. Current filing should also cross-check the Ministry of Public Security portal after the 2025 transfer of information-security functions. |
| Regulated scope | List of licensed information security products and permit issuance/re-issuance procedures. |
| Applicable entities | Enterprises licensed to trade information security products/services and importing products on the list. |
KEY POINTS FOR IMPORT COMPLIANCE
| Topic | Clause/appendix | Operational impact |
|---|---|---|
| Scope | Article 1 | This is an import licensing regulation for information security products, not a general IT equipment rule. |
| Applicable entities | Article 2 | Applies to enterprises holding information-security product/service business licences. |
| Product list | Article 3 and Appendix I | Appendix I must be checked before import; product functions include security assessment/testing, monitoring and anti-attack/intrusion functions. |
| Permit validity | Article 4 | The import permit is valid for 2 years or for the remaining term of the business licence if shorter than 2 years. |
| Dossier | Article 7; amended by Circular 10/2022 | Use the post-amendment dossier and forms; do not rely only on the original 2018 appendix. |
| Online submission | Article 8; amended by Circular 10/2022 | Online filing is made via the MIC public service portal or the National Public Service Portal. |
| Processing time | Article 9; amended by Circular 10/2022 | After the dossier is valid, AIS/MIC appraises and returns results within 5 working days. |
| Re-issuance | Article 10; amended by Circular 10/2022 | Re-issuance for lost/damaged valid permits is processed within 2 working days from receipt of a valid request. |
AFFECTED ENTERPRISES / PRODUCT GROUPS
| Analysis item | How to review | Risk note |
|---|---|---|
| Enterprises | Importers, distributors, system integrators, IT project contractors and EPE/FDI entities importing information-security products. | Importers trading such products must review their business licence before applying for an import permit. |
| Products | Equipment/systems for security assessment, monitoring, log/traffic analysis, anomaly detection and anti-attack/intrusion functions. | Ordinary servers/computers/network devices should not be concluded as licensed items unless the actual functions match the list. |
| Affected stage | Before import, before declaration, customs policy checking and post-clearance record keeping. | If goods arrive before permit status is clear, demurrage, detention and storage may arise. |
| Documents to compare | Catalogue, datasheet, user manual, function description, firmware/software, model list, invoice, packing list, B/L/AWB and C/O if any. | Product names and models must be consistent across permit and customs documents. |
| Triggering conditions | HS code, security function, independent operation capability, import purpose and business licence. | The circular addresses complete equipment capable of independent operation, not parts/accessories/components. |
IMPACT ON IMPORT-EXPORT / LOGISTICS OPERATIONS
HS code and goods description must match the list. The same HS code may include both licensed and non-licensed products depending on function.
Invoice, Packing List, B/L/AWB, PO/contract, catalogue and model list must align on product name, model, quantity, origin and security functions.
Permit review should be completed before ETA to reduce demurrage, detention and storage risk.
Keep the permit, application dossier, technical documents, conformity records, import documents and customs declaration for future review.
ENTERPRISE CHECKLIST
| Dossier group | Required data/documents | Control note |
|---|---|---|
| Corporate licence | Information-security product/service business licence, legal entity information, online account and digital signature. | Check remaining validity as permit validity may depend on it. |
| Permit application | Current application form, product/model list, import purpose, HS code and manufacturer details. | Use forms under Circular 10/2022 rather than the original 2018 appendix. |
| Technical dossier | Catalogue, datasheet, user manual, security-function description, product images and firmware/software information if required. | Clearly identify assessment, monitoring or anti-intrusion functions. |
| Conformity documents | Certificate or declaration of standard/conformity where applicable. | Review transitional rule under Article 11 and current technical standards/QCVN. |
| Import documents | Invoice, Packing List, B/L/AWB, contract/PO, C/O if any, draft declaration, value and origin data. | Ensure consistency in product name, model, serial, origin and HS code. |
| Logistics timeline | Supplier ready date, ETD/ETA, filing date, expected permit date and declaration plan. | Do not commit project delivery while permit status remains uncertain. |
TECHNICAL TERM NOTES
Protection of information and information systems against unauthorized access, use, disclosure, disruption, modification or destruction.
Permit for eligible enterprises importing listed information-security products. The original texts refer to the Authority of Information Security; current practical filing should be checked against the Department of Cybersecurity and Hi-tech Crime Prevention on the MPS portal.
Certification/declaration that a product complies with applicable technical standards or regulations.
Charges for container demurrage/detention and storage that may arise when licensing is not completed before cargo arrival.
RELATED LEGAL DOCUMENTS TO REVIEW
| Document group | Document | Issuing authority | Role | Review note |
|---|---|---|---|---|
| Law | Law on Cyberinformation Security 86/2015/QH13 | National Assembly | Primary legal basis for information-security products/services and Article 48 licensing conditions. | Review current amended status. |
| Law | Law on Foreign Trade Management 05/2017/QH14 | National Assembly | Basis for licensing and conditional import management. | Read together with Decree 69/2018. |
| Decree | Decree 108/2016/ND-CP | Government | Conditions for trading information-security products/services. | Relevant to enterprises engaged in importing such products. |
| Decree | Decree 69/2018/ND-CP | Government | Detailed implementation of the Law on Foreign Trade Management. | Relevant to commodity licensing policy. |
| Main circular | Circular 13/2018/TT-BTTTT | MIC | Base regulation on the product list and permit dossier/procedure. | Full signed PDF is embedded below. |
| Amending circular | Circular 10/2022/TT-BTTTT | MIC | Amends authority, online filing, processing time and replaces Appendices I and II. | Mandatory for current application. |
| Fee circular | Circular 269/2016/TT-BTC | Ministry of Finance | Fee/charge reference cited in Article 5 of Circular 13. | Check current fee status before filing. |
| Portals | MIC Public Service Portal / National Public Service Portal | MIC / Government Office | Online filing and electronic result channels. | Check the live form and current procedure status. |
VIEW / DOWNLOAD ORIGINAL DOCUMENTS
Enterprises should compare the signed PDF and the amending circular before finalizing the import permit dossier.
FULL TEXT / PDF PREVIEW
Preferred sources: Government legal document portal and Official Gazette. This PDF is for full-text reference. Current application must also review Circular 10/2022/TT-BTTTT because it amends/replaces several provisions and appendices.
Priority source: Government legal-document portal. This preview is used to cross-check amendments, replaced appendices and forms of Circular 13/2018/TT-BTTTT.
FAQ
1. When did Circular 13/2018/TT-BTTTT take effect?
It was issued on 15 October 2018 and took effect on 1 December 2018. For current use, read it together with Circular 10/2022/TT-BTTTT.
2. Which products need an import permit?
Products listed in Appendix I as amended by Circular 10/2022, based on HS code, product description and actual information-security functions.
3. Does every firewall require an import permit?
Not automatically. Review the model, datasheet, functions and HS code against the current list.
4. Where is online filing submitted?
Through the MIC public service portal or the National Public Service Portal as provided after the 2022 amendment.
5. Does this circular determine import duty?
No. It is a specialized licensing regulation. Duty must be reviewed under tariff schedules and the final HS code.
6. What should be done before ETA?
Review licensing, technical documents, conformity documents and consistency among invoice, packing list, transport documents and declaration data.
IMPLEMENTATION SUPPORT FROM TGIMEX
For information-security equipment, the key risk is not only the permit itself, but also the accuracy of technical reading, HS code, model data and timeline before ETA.
Review Circular 13/2018, Circular 10/2022, the Law on Cyberinformation Security, Decree 108/2016 and product-list conditions.
Cross-check invoice, packing list, B/L/AWB, PO/contract, catalogue, datasheet, model list, C/O and permit dossier.
Set a pre-ETA timeline, identify compliance checkpoints, coordinate customs declaration, licensing and port/warehouse handling.
Maintain dossier by shipment and prepare data for post-clearance audit, conformity, labeling and market circulation checks.
Enterprises should review legal and technical files before document finalization to reduce the risk of storage cost, channel change, dossier supplementation or delivery delay.
NEED TO REVIEW IMPORT PROCEDURES OR A SHIPPING PLAN?
Send us the product name, shipping route, current dossier, or implementation request in advance so we can suggest a suitable approach that is practical, focused, and aligned with your shipment.
IMPORT PROCEDURE FOR CHILD SAFETY SEATS USED IN MOTOR VEHICLES
Declaration procedure for equipment subject to strict OSH requirements: dossier, timeline and import-compliance notes
Law 86/2015/QH13 on Cyber Information Security: ICT import notes and transition to Law 116/2025/QH15
CIRCULAR 13/2018/TT-BTTTT: INFORMATION SECURITY PRODUCTS SUBJECT TO IMPORT LICENSING
Circular 10/2022/TT-BTTTT: amendments to import licensing for cyberinformation security products
Circular 41/2023/TT-BTC: Fees in pharmaceuticals and cosmetics for import-export compliance
Circular 53/2016/TT-BLDTBXH: List of machinery and equipment subject to strict occupational safety requirements
IMPORT DECLARATION PROCEDURE FOR PRINTING EQUIPMENT: DOSSIER, CONDITIONS AND COMPLIANCE NOTES FOR IMPORTERS
EXPORT/IMPORT PERMIT PROCEDURE FOR CIVIL CRYPTOGRAPHIC PRODUCTS ON DVCQG: DOSSIER, CONDITIONS AND LOGISTICS NOTES
Decree 72/2022/ND-CP: amendments on printing activities and printing-equipment import compliance
Law on Cipher No. 05/2011/QH13: cipher activities, cryptographic products and import-compliance notes
Decree 211/2025/ND-CP: Civil Cryptography Activities and Import-Export Compliance Notes for ICT Equipment
Consolidated Document 19/VBHN-BNNPTNT 2024: Plant quarantine linked with food safety inspection for imports
Consolidated Document 19/VBHN-BNNPTNT 2024: Plant quarantine linked with food safety inspection for imports
Circular 33/2014/TT-BNNPTNT: Plant quarantine procedures for import, export, transit and post-import regulated articles