If your Maritime or PortTech SaaS platform processes cargo manifests, vessel voyage data, port facility security events, or maritime cybersecurity incidents — your n8n automation stack is already inside multiple compliance boundaries with clocks running before your operations team opens the queue.
The CBP 24-hour advance manifest clock starts at data receipt, not when your filing team processes the manifest. The USCG NVIC 01-20 cybersecurity incident notification clock starts at automated system detection, not when your security team opens the ticket. The EU NIS2 early warning clock for port operators starts 24 hours from discovery — including detection by automated workflows running on your SaaS platform.
This article gives maritime and port technology SaaS vendors 5 import-ready n8n workflows covering the compliance obligations your customers carry.
Who This Is For: 7 Maritime/PortTech SaaS Tiers
These workflows route by 7 customer tiers, each with a distinct primary regulatory exposure surface:
| Tier | Primary Compliance Obligations |
|---|---|
CONTAINER_TERMINAL_OPERATOR_SAAS |
USCG MTSA 33 CFR Part 104 FSP immediate update, CBP AMS 24h §4.7a, EU NIS2 Art. 23, ISPS Code DoS |
SHIPPING_LINE_SAAS |
MARPOL CII MEPC 78/2022 annual rating, IMO DCS January 31, OFAC SDN vessel screening IMMEDIATE, ISM Code |
PORT_AUTHORITY_SAAS |
EU NIS2 critical infrastructure 24h/72h/30d, USCG MTSA §70103 annual FSP, ISPS annual verification |
FREIGHT_FORWARDER_SAAS |
CBP 24h advance manifest §4.7a ($5K/violation), OFAC/BIS sanctions screening, FMC tariff §40501 |
MARITIME_FLEET_MGMT_SAAS |
MARPOL CII fleet-wide monitoring, ISM DPA non-conformity 24h, USCG NVIC 01-20 cyber |
PORT_OPERATIONS_SAAS |
OSHA PSM §1910.119, EPA RMP §68, USCG TWIC §105, PHMSA dangerous cargo 49 CFR Parts 171-180 |
MARITIME_STARTUP_SAAS |
CBP AMS 24h (first violation trap), OFAC vessel screening (binary risk), USCG NVIC 01-20 basics |
7 Compliance Flags
Each account carries flags that drive tier-specific compliance context in the onboarding drip and deadline tracker:
-
USCG_MTSA_FACILITY_OPERATOR— 33 CFR Part 104 Facility Security Plan: update IMMEDIATELY on security threat level change (no grace period, no 24h window) -
IMO_SOLAS_ISPS_CODE_SUBJECT— SOLAS Chapter XI-2: Declaration of Security IMMEDIATE on elevated threat; annual PFSP verification -
MARPOL_CII_REPORTING_REQUIRED— Annex VI MEPC 78/2022: annual CII rating (A–E). D-rating for 3 consecutive years OR E-rating for 1 year = IMMEDIATE SEEMP Part III corrective action plan. IMO DCS annual report January 31. -
CBP_AUTOMATED_MANIFEST_SYSTEM_FILER— 19 CFR §4.7a: 24 hours before loading at foreign port for ocean cargo. $5,000/violation, $50,000 maximum per vessel. Clock starts at cargo data receipt. -
EU_NIS2_CRITICAL_INFRASTRUCTURE— Directive 2022/2555 Art. 23 (effective October 2024): port operators = critical infrastructure. 24h early warning + 72h full notification + 30-day final report. Discovery = earliest system-level detection. -
BIMCO_MARITIME_CYBER_GUIDELINE— BIMCO/BIMI Maritime Cyber Security Guidelines 4th edition; IMO MSC-FAL.1/Circ.3 Rev.2; USCG NVIC 01-20 -
US_CUSTOMS_TRADE_PARTNERSHIP_C_TPAT— C-TPAT Maritime Minimum Security Criteria: 72-hour security breach notification to CBP Supply Chain Security Specialist
The Clock Problem: When Cloud Automation Creates Maritime Compliance Exposure
Maritime SaaS vendors face a structural compliance architecture problem: the regulatory clock starts at data receipt, not at human review.
CBP 24-Hour Advance Manifest (19 CFR §4.7a):
The 24-hour window counts from when cargo information is known. For your SaaS platform, that is the moment the cargo booking webhook fires — not when your operations team opens the manifest queue. A batch processing delay between data receipt and filing team review eats into the 24-hour window. If your pipeline processes bookings in nightly batches, and a booking arrives at 18:47 UTC, your batch runs at 23:00 UTC, and the loading is scheduled for 15:00 UTC the next day — you have 20 hours and 13 minutes from the batch run, but the CBP-relevant receipt timestamp is 18:47 UTC, leaving you with 16 hours and 13 minutes.
USCG NVIC 01-20 Cybersecurity Incident:
USCG NVIC 01-20 guidance requires immediate notification to USCG District Command for significant cyber incidents affecting vessel or maritime facility systems. 'Discovery' under USCG interpretation includes automated threat detection events logged by your monitoring platform. If your cloud automation platform logs a threat indicator at 02:47 and your security team opens the ticket at 09:15, the USCG clock started at 02:47.
MARPOL CII Data Collection Gaps:
MARPOL Annex VI Regulation 22A requires annual fuel oil consumption data submitted to the flag Administration by January 31. The data collection period is the entire calendar year. A cloud automation platform outage in July that creates a 30-day voyage data gap must be reconstructed from vessel logs, fuel bunkering records, and port state records before the January 31 DCS filing. There is no tolling of the MARPOL annual reporting period for cloud vendor maintenance windows.
EU NIS2 Art. 23 — Port Operators as Critical Infrastructure:
Under NIS2 Directive Art. 23 (effective October 2024), port operators and maritime infrastructure operators are classified as critical infrastructure operators. The 24-hour early warning requirement runs from 'discovery' — which includes detection by automated systems in your SaaS platform's incident pipeline, not when a human compliance officer opens the alert. For port authority SaaS vendors, this means your platform's incident detection timestamp is the legal discovery event for NIS2 reporting purposes.
Fastest Maritime Compliance Clocks
| Clock | Window | Trigger Point | Statutory Cite |
|---|---|---|---|
| OFAC SDN Vessel Match | IMMEDIATE — block before processing | Vessel/consignee SDN database match | 50 USC §1701 / IEEPA |
| ISPS DoS (Declaration of Security) | IMMEDIATE | Security threat level elevation by port authority | SOLAS Chapter XI-2, ISPS Code Reg. 3 |
| USCG NVIC 01-20 Significant Cyber Incident | IMMEDIATE notification to District Command | Automated system detection at USCG-covered facility | USCG NVIC 01-20 / 33 CFR §101.305 |
| MARPOL CII E-Rating Corrective Action | IMMEDIATE upon annual assessment | E-rating (or D for 3 consecutive years) confirmed | MARPOL Annex VI MEPC 78/2022 |
| EU NIS2 Early Warning | 24 hours from discovery | Significant security incident detection | NIS2 Directive 2022/2555 Art. 23(1)(a) |
| CBP Advance Manifest (ocean cargo) | 24 hours before loading at foreign port | Cargo booking data received by platform | 19 CFR §4.7a, $5,000/violation |
| EU NIS2 Full Notification | 72 hours from discovery | Any NIS2-covered significant incident | NIS2 Art. 23(1)(b) |
| C-TPAT Maritime Security Breach | 72 hours from discovery | Security breach at C-TPAT certified facility | C-TPAT Maritime MSC |
| IMO DCS Annual Report | January 31 annually | End of fuel oil consumption reporting year | MARPOL Annex VI Reg. 22A |
| EU NIS2 Final Incident Report | 30 days from incident | Post-NIS2 incident remediation complete | NIS2 Art. 23(1)(c) |
5 n8n Workflows
Workflow 1: Tier-Segmented Maritime Compliance Onboarding Drip
A webhook-triggered onboarding workflow that routes new maritime SaaS accounts to 7 tier-specific email sequences based on their compliance profile. Each email includes the specific regulatory citations, deadline calculations, and architectural risk notes relevant to that tier. Container terminal operators get CBP AMS + EU NIS2 + ISPS guidance; shipping lines get MARPOL CII + IMO DCS + OFAC; freight forwarders get CBP 24h + OFAC/BIS prioritization.
{
"name": "Maritime SaaS Tier-Segmented Compliance Onboarding Drip",
"nodes": [
{
"id": "mar-wf1-001",
"name": "CRM New Account Webhook",
"type": "n8n-nodes-base.webhook",
"typeVersion": 2,
"position": [
250,
300
],
"parameters": {
"path": "maritime-onboarding",
"responseMode": "onReceived"
}
},
{
"id": "mar-wf1-002",
"name": "Route by Maritime Tier",
"type": "n8n-nodes-base.switch",
"typeVersion": 3,
"position": [
500,
300
],
"parameters": {
"mode": "rules",
"rules": {
"rules": [
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "CONTAINER_TERMINAL_OPERATOR_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "SHIPPING_LINE_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "PORT_AUTHORITY_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "FREIGHT_FORWARDER_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "MARITIME_FLEET_MGMT_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "PORT_OPERATIONS_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.tier }}",
"rightValue": "MARITIME_STARTUP_SAAS",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
}
]
}
}
},
{
"id": "mar-wf1-003",
"name": "Container Terminal Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
60
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your USCG MTSA + CBP AMS compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>CONTAINER_TERMINAL_OPERATOR_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>USCG MTSA 33 CFR Part 104 Facility Security Plan: update required IMMEDIATELY on security threat level change (no grace period)</li><li>CBP Automated Manifest System 19 CFR \u00a74.7a: 24 hours before loading at foreign port for ocean cargo \u2014 $5,000/violation, $50,000 maximum per vessel. Clock starts at data receipt, not filing team review.</li><li>EU NIS2 Art. 23 (Directive 2022/2555): port operators = critical infrastructure. 24h early warning + 72h full notification + 30-day final report from discovery.</li><li>ISPS Code (SOLAS Chapter XI-2): Declaration of Security IMMEDIATE on elevated threat level</li><li>C-TPAT Maritime: 72h security breach notification to CBP Supply Chain Security Specialist</li></ul><p>Your 5 n8n workflows are pre-configured for CONTAINER_TERMINAL_OPERATOR_SAAS. Priority: deploy the CBP manifest pipeline first \u2014 the 24h window starts at data receipt.</p>"
}
},
{
"id": "mar-wf1-004",
"name": "Shipping Line Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
180
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your MARPOL CII + IMO DCS compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>SHIPPING_LINE_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>MARPOL Annex VI CII Rating (MEPC 78/2022): annual CII assessment for all vessels \u22655,000 GT in international trade. D-rating for 3 consecutive years OR E-rating for 1 year = IMMEDIATE SEEMP Part III corrective action plan required. No grace period after annual assessment.</li><li>IMO DCS (MARPOL Annex VI Reg. 22A): annual fuel oil consumption data due to flag Administration by January 31. Cloud automation outage during reporting year = data gap that must be reconstructed from voyage records.</li><li>OFAC SDN vessel screening: IMMEDIATE blocking \u2014 no grace period, $1M+/violation (50 USC \u00a71701)</li><li>ISM Code (SOLAS Chapter IX): non-conformity reporting to DPA within 24h of identification</li></ul><p>Your 5 workflows include MARPOL CII fleet monitoring with rating trajectory alerts before January 31 DCS deadline.</p>"
}
},
{
"id": "mar-wf1-005",
"name": "Port Authority Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
300
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your EU NIS2 + USCG Maritime Security compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>PORT_AUTHORITY_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>EU NIS2 Directive Art. 23 (effective Oct 2024): port authorities = critical infrastructure operators. 24h early warning + 72h full notification + 30-day final report. Clock starts at discovery \u2014 including automated detection by your SaaS platform.</li><li>USCG MTSA 33 USC \u00a770103: annual Facility Security Plan review + update</li><li>ISPS Code: annual verification of Port Facility Security Plan</li><li>Port State Control: deficiency tracking under Tokyo/Paris/US MOU \u2014 unresolved deficiencies affect vessel detention rates and port authority liability</li></ul>"
}
},
{
"id": "mar-wf1-006",
"name": "Freight Forwarder Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
420
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your CBP AMS + OFAC sanctions compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>FREIGHT_FORWARDER_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>CBP 24-Hour Advance Manifest Rule 19 CFR \u00a74.7a: ocean cargo \u2014 24h before loading at foreign port. Your platform receives 100% of booking data, making it the primary point where the 24h clock starts. $5,000/violation, $50,000 maximum per vessel.</li><li>OFAC SDN/Consolidated Sanctions: IMMEDIATE blocking for designated consignees, shippers, and vessels. BIS Export Administration Regulations entity list screening.</li><li>FMC tariff filing 46 USC \u00a740501: NVOCCs must maintain current tariff on FMC website \u2014 automated monitoring for rate changes.</li></ul><p>Priority: CBP AMS pipeline, then OFAC automated screening.</p>"
}
},
{
"id": "mar-wf1-007",
"name": "Fleet Mgmt Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
540
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your MARPOL CII fleet monitoring + ISM Code compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>MARITIME_FLEET_MGMT_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>MARPOL CII fleet-wide monitoring: all vessels \u22655,000 GT. Your platform aggregates voyage consumption data \u2014 cloud outage = data gap = January 31 DCS reconstruction problem. Self-hosted n8n eliminates third-party uptime dependency from the MARPOL data chain.</li><li>ISM Code non-conformity: DPA notification within 24h of identification by vessel</li><li>USCG NVIC 01-20: cybersecurity requirements extend to vessel management systems</li></ul>"
}
},
{
"id": "mar-wf1-008",
"name": "Port Operations Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
660
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your OSHA PSM + USCG TWIC compliance automation is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>PORT_OPERATIONS_SAAS tier \u2014 critical compliance obligations:</strong></p><ul><li>OSHA 29 CFR \u00a71910.119 Process Safety Management: facilities handling covered hazardous materials \u2014 immediate incident notification</li><li>EPA Risk Management Program 40 CFR Part 68: accidental release prevention and emergency response</li><li>USCG TWIC 33 CFR Part 105: access control record-keeping for Transportation Worker Identification Credential</li><li>PHMSA dangerous cargo stowage 49 CFR Parts 171-180: incident reporting for hazmat cargo handling</li></ul>"
}
},
{
"id": "mar-wf1-009",
"name": "Startup Email",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
750,
780
],
"parameters": {
"operation": "send",
"to": "={{ $json.email }}",
"subject": "Your Maritime SaaS compliance starter pack is live",
"emailType": "html",
"message": "<p>Welcome to FlowKit for Maritime SaaS.</p><p><strong>MARITIME_STARTUP_SAAS tier \u2014 priority compliance foundation:</strong></p><ul><li>CBP AMS 24h advance manifest: the most common first violation for maritime platform startups. $5,000/violation \u2014 your first significant penalty exposure.</li><li>OFAC SDN vessel screening: binary risk. Automated blocking = no penalty. Missed = $1M+ per violation. Build this before you process any cargo with sanctioned-country exposure.</li><li>USCG NVIC 01-20 cybersecurity hygiene: incident notification protocol before you handle vessel system data.</li></ul><p>Start with these 3 workflows, then add MARPOL CII and EU NIS2 as your customer base grows.</p>"
}
},
{
"id": "mar-wf1-010",
"name": "Log to Onboarding DB",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
1000,
420
],
"parameters": {
"operation": "insert",
"schema": "public",
"table": "maritime_onboarding_log",
"columns": "account_id,tier,flags,onboarded_at,email_sent",
"options": {}
}
}
],
"connections": {
"CRM New Account Webhook": {
"main": [
[
{
"node": "Route by Maritime Tier",
"type": "main",
"index": 0
}
]
]
},
"Route by Maritime Tier": {
"main": [
[
{
"node": "Container Terminal Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Shipping Line Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Port Authority Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Freight Forwarder Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Fleet Mgmt Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Port Operations Email",
"type": "main",
"index": 0
}
],
[
{
"node": "Startup Email",
"type": "main",
"index": 0
}
]
]
},
"Container Terminal Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Shipping Line Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Port Authority Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Freight Forwarder Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Fleet Mgmt Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Port Operations Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
},
"Startup Email": {
"main": [
[
{
"node": "Log to Onboarding DB",
"type": "main",
"index": 0
}
]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "maritime-onboarding-v1",
"meta": {
"instanceId": "flowkit-maritime-001"
}
}
Workflow 2: Maritime USCG/CBP/MARPOL CII Compliance Deadline Tracker
A daily 6 AM UTC scheduled workflow that queries your compliance deadline database, classifies urgency by deadline type using maritime-specific thresholds (IMMEDIATE types vs. 24h types vs. 72h types vs. annual), and routes CRITICAL alerts to Slack (#maritime-compliance-critical) + Gmail and HIGH alerts to Slack (#maritime-compliance). Tracks 12 deadline types including CBP AMS 24h, OFAC IMMEDIATE, EU NIS2 Art. 23 three-stage, USCG NVIC 01-20, MARPOL CII annual, IMO DCS January 31, ISPS annual, and C-TPAT 72h.
{
"name": "Maritime USCG/CBP/MARPOL CII Compliance Deadline Tracker",
"nodes": [
{
"id": "mar-wf2-001",
"name": "Daily 6AM UTC Schedule",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
250,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 6 * * *"
}
]
}
}
},
{
"id": "mar-wf2-002",
"name": "Query Upcoming Deadlines",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
500,
300
],
"parameters": {
"operation": "executeQuery",
"query": "SELECT account_id, tier, deadline_type, deadline_ts, flags, EXTRACT(EPOCH FROM (deadline_ts - NOW()))/3600 AS hours_remaining FROM maritime_compliance_deadlines WHERE deadline_ts BETWEEN NOW() AND NOW() + INTERVAL '7 days' ORDER BY deadline_ts ASC"
}
},
{
"id": "mar-wf2-003",
"name": "Classify Urgency by Deadline Type",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
300
],
"parameters": {
"jsCode": "const items = $input.all();\nconst IMMEDIATE_TYPES = ['OFAC_SDN_VESSEL_MATCH','ISPS_DOS_IMMEDIATE','USCG_NVIC0120_CYBER_IMMEDIATE'];\nconst H24_TYPES = ['CBP_AMS_24H_FILING','EU_NIS2_EARLY_WARNING_24H','ISM_DPA_NON_CONFORMITY_24H'];\nconst H72_TYPES = ['EU_NIS2_FULL_NOTIFICATION_72H','CTPAT_BREACH_72H','USCG_NVIC0120_FULL_REPORT_72H'];\nreturn items.map(item => {\n const d = item.json;\n const h = parseFloat(d.hours_remaining);\n let urgency = 'LOW', color = 'good';\n if (IMMEDIATE_TYPES.includes(d.deadline_type)) {\n urgency = h <= 1 ? 'CRITICAL' : h <= 4 ? 'HIGH' : 'MEDIUM';\n color = h <= 1 ? 'danger' : h <= 4 ? 'warning' : '#439FE0';\n } else if (H24_TYPES.includes(d.deadline_type)) {\n urgency = h <= 4 ? 'CRITICAL' : h <= 12 ? 'HIGH' : 'MEDIUM';\n color = h <= 4 ? 'danger' : h <= 12 ? 'warning' : '#439FE0';\n } else if (H72_TYPES.includes(d.deadline_type)) {\n urgency = h <= 12 ? 'CRITICAL' : h <= 36 ? 'HIGH' : 'MEDIUM';\n color = h <= 12 ? 'danger' : h <= 36 ? 'warning' : '#439FE0';\n } else {\n urgency = h <= 72 ? 'CRITICAL' : h <= 168 ? 'HIGH' : 'LOW';\n color = h <= 72 ? 'danger' : h <= 168 ? 'warning' : 'good';\n }\n return { json: { ...d, urgency, color } };\n});"
}
},
{
"id": "mar-wf2-004",
"name": "Route by Urgency",
"type": "n8n-nodes-base.switch",
"typeVersion": 3,
"position": [
1000,
300
],
"parameters": {
"mode": "rules",
"rules": {
"rules": [
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.urgency }}",
"rightValue": "CRITICAL",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.urgency }}",
"rightValue": "HIGH",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.urgency }}",
"rightValue": "MEDIUM",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
}
]
}
}
},
{
"id": "mar-wf2-005",
"name": "Critical Slack Alert",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1250,
120
],
"parameters": {
"channel": "#maritime-compliance-critical",
"text": ":rotating_light: *CRITICAL Maritime Deadline: {{ $json.deadline_type }}*\nAccount: {{ $json.account_id }} | Tier: {{ $json.tier }} | Hours: {{ $json.hours_remaining }}\nFlags: {{ $json.flags }}"
}
},
{
"id": "mar-wf2-006",
"name": "Critical Gmail Alert",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1250,
240
],
"parameters": {
"operation": "send",
"to": "compliance@your-maritime-saas.com",
"subject": "CRITICAL: {{ $json.deadline_type }} \u2014 {{ $json.hours_remaining }}h remaining ({{ $json.account_id }})",
"emailType": "html",
"message": "<p><strong>CRITICAL maritime compliance deadline</strong></p><p>Account: {{ $json.account_id }}<br>Tier: {{ $json.tier }}<br>Deadline type: {{ $json.deadline_type }}<br>Hours remaining: {{ $json.hours_remaining }}<br>Flags: {{ $json.flags }}</p><p>Statutory cite: CBP \u00a74.7a ($5K/violation) | OFAC IMMEDIATE | EU NIS2 Art.23 24h | USCG NVIC 01-20 | MARPOL Annex VI MEPC 78</p>"
}
},
{
"id": "mar-wf2-007",
"name": "High Slack Alert",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1250,
360
],
"parameters": {
"channel": "#maritime-compliance",
"text": ":warning: *HIGH Maritime Deadline: {{ $json.deadline_type }}*\nAccount: {{ $json.account_id }} | Hours remaining: {{ $json.hours_remaining }}"
}
},
{
"id": "mar-wf2-008",
"name": "Log All to Sheets",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4,
"position": [
1250,
480
],
"parameters": {
"operation": "append",
"documentId": {
"mode": "id",
"value": "YOUR_COMPLIANCE_SHEETS_ID"
},
"sheetName": {
"mode": "name",
"value": "maritime_deadline_tracker"
},
"columns": {
"mappingMode": "autoMapInputData"
}
}
}
],
"connections": {
"Daily 6AM UTC Schedule": {
"main": [
[
{
"node": "Query Upcoming Deadlines",
"type": "main",
"index": 0
}
]
]
},
"Query Upcoming Deadlines": {
"main": [
[
{
"node": "Classify Urgency by Deadline Type",
"type": "main",
"index": 0
}
]
]
},
"Classify Urgency by Deadline Type": {
"main": [
[
{
"node": "Route by Urgency",
"type": "main",
"index": 0
}
]
]
},
"Route by Urgency": {
"main": [
[
{
"node": "Critical Slack Alert",
"type": "main",
"index": 0
}
],
[
{
"node": "High Slack Alert",
"type": "main",
"index": 0
}
],
[
{
"node": "Log All to Sheets",
"type": "main",
"index": 0
}
]
]
},
"Critical Slack Alert": {
"main": [
[
{
"node": "Critical Gmail Alert",
"type": "main",
"index": 0
}
]
]
},
"Critical Gmail Alert": {
"main": [
[
{
"node": "Log All to Sheets",
"type": "main",
"index": 0
}
]
]
},
"High Slack Alert": {
"main": [
[
{
"node": "Log All to Sheets",
"type": "main",
"index": 0
}
]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "maritime-deadlines-v1",
"meta": {
"instanceId": "flowkit-maritime-002"
}
}
Workflow 3: Maritime Platform API Health Monitor (10-Minute)
A 10-minute scheduled workflow that probes 5 critical maritime compliance endpoints — CBP AMS filing API, OFAC screening API, MARPOL CII voyage data API, ISPS security portal, EU NIS2 reporting API. When any endpoint is DOWN, the workflow identifies the specific compliance clock that is now running unmonitored (e.g., 'CBP_AMS_24H_CLOCK_RUNNING_PIPELINE_BROKEN') and sends immediate alerts to Slack (#maritime-platform-ops) and PagerDuty. The alert includes the penalty exposure per endpoint so on-call engineers understand the regulatory urgency, not just the technical failure.
{
"name": "Maritime Platform API Health Monitor (10-Minute)",
"nodes": [
{
"id": "mar-wf3-001",
"name": "Every 10 Minutes",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
250,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "minutes",
"minutesInterval": 10
}
]
}
}
},
{
"id": "mar-wf3-002",
"name": "Check CBP AMS Filing API",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
500,
100
],
"parameters": {
"url": "={{ $vars.CBP_AMS_HEALTH_ENDPOINT }}",
"method": "GET",
"timeout": 5000,
"continueOnFail": true
}
},
{
"id": "mar-wf3-003",
"name": "Check OFAC Screening API",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
500,
220
],
"parameters": {
"url": "={{ $vars.OFAC_SCREENING_HEALTH_ENDPOINT }}",
"method": "GET",
"timeout": 5000,
"continueOnFail": true
}
},
{
"id": "mar-wf3-004",
"name": "Check MARPOL CII Voyage API",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
500,
340
],
"parameters": {
"url": "={{ $vars.MARPOL_DCS_HEALTH_ENDPOINT }}",
"method": "GET",
"timeout": 5000,
"continueOnFail": true
}
},
{
"id": "mar-wf3-005",
"name": "Check ISPS Security Portal",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
500,
460
],
"parameters": {
"url": "={{ $vars.ISPS_PORTAL_HEALTH_ENDPOINT }}",
"method": "GET",
"timeout": 5000,
"continueOnFail": true
}
},
{
"id": "mar-wf3-006",
"name": "Check EU NIS2 Reporting API",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
500,
580
],
"parameters": {
"url": "={{ $vars.EU_NIS2_REPORTING_HEALTH_ENDPOINT }}",
"method": "GET",
"timeout": 5000,
"continueOnFail": true
}
},
{
"id": "mar-wf3-007",
"name": "Evaluate Health and Risk",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
340
],
"parameters": {
"jsCode": "const ENDPOINTS = [\n { name: 'CBP AMS Filing API', node: 'Check CBP AMS Filing API', risk: 'CBP_AMS_24H_CLOCK_RUNNING_PIPELINE_BROKEN', penalty: '$5,000/violation' },\n { name: 'OFAC Screening API', node: 'Check OFAC Screening API', risk: 'OFAC_SDN_VESSEL_UNSCREENED', penalty: '$1M+/violation' },\n { name: 'MARPOL CII Voyage API', node: 'Check MARPOL CII Voyage API', risk: 'IMO_DCS_DATA_GAP_ANNUAL_JAN31', penalty: 'Flag state detention/deficiency' },\n { name: 'ISPS Security Portal', node: 'Check ISPS Security Portal', risk: 'ISPS_DOS_CHAIN_BROKEN', penalty: 'Port state detention' },\n { name: 'EU NIS2 Reporting API', node: 'Check EU NIS2 Reporting API', risk: 'EU_NIS2_24H_NOTIFICATION_CHAIN_BROKEN', penalty: 'Up to \u20ac10M or 2% global turnover' }\n];\nconst failures = [];\nfor (const ep of ENDPOINTS) {\n try {\n const r = $node[ep.node].json;\n if (r.error || (r.statusCode && r.statusCode >= 500)) {\n failures.push({ name: ep.name, status: 'DOWN', risk: ep.risk, penalty: ep.penalty, detail: r.message || r.error || ('HTTP ' + r.statusCode) });\n }\n } catch (e) {\n failures.push({ name: ep.name, status: 'DOWN', risk: ep.risk, penalty: ep.penalty, detail: 'No response / timeout' });\n }\n}\nif (failures.length === 0) return [{ json: { status: 'ALL_HEALTHY', checked_at: new Date().toISOString() } }];\nreturn failures.map(f => ({ json: f }));"
}
},
{
"id": "mar-wf3-008",
"name": "Alert Maritime Ops",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1000,
340
],
"parameters": {
"channel": "#maritime-platform-ops",
"text": ":red_circle: *Maritime API DOWN: {{ $json.name }}*\nRisk: `{{ $json.risk }}`\nPenalty exposure: {{ $json.penalty }}\nDetail: {{ $json.detail }}\n_Compliance clock continues running during outage_"
}
},
{
"id": "mar-wf3-009",
"name": "PagerDuty Alert",
"type": "n8n-nodes-base.httpRequest",
"typeVersion": 4,
"position": [
1000,
460
],
"parameters": {
"url": "https://events.pagerduty.com/v2/enqueue",
"method": "POST",
"sendBody": true,
"specifyBody": "json",
"body": {
"routing_key": "={{ $vars.PAGERDUTY_ROUTING_KEY }}",
"event_action": "trigger",
"payload": {
"summary": "Maritime API DOWN: {{ $json.name }} \u2014 {{ $json.risk }}",
"severity": "critical",
"source": "n8n-maritime-monitor"
}
}
}
}
],
"connections": {
"Every 10 Minutes": {
"main": [
[
{
"node": "Check CBP AMS Filing API",
"type": "main",
"index": 0
}
],
[
{
"node": "Check OFAC Screening API",
"type": "main",
"index": 0
}
],
[
{
"node": "Check MARPOL CII Voyage API",
"type": "main",
"index": 0
}
],
[
{
"node": "Check ISPS Security Portal",
"type": "main",
"index": 0
}
],
[
{
"node": "Check EU NIS2 Reporting API",
"type": "main",
"index": 0
}
]
]
},
"Check CBP AMS Filing API": {
"main": [
[
{
"node": "Evaluate Health and Risk",
"type": "main",
"index": 0
}
]
]
},
"Check OFAC Screening API": {
"main": [
[
{
"node": "Evaluate Health and Risk",
"type": "main",
"index": 0
}
]
]
},
"Check MARPOL CII Voyage API": {
"main": [
[
{
"node": "Evaluate Health and Risk",
"type": "main",
"index": 0
}
]
]
},
"Check ISPS Security Portal": {
"main": [
[
{
"node": "Evaluate Health and Risk",
"type": "main",
"index": 0
}
]
]
},
"Check EU NIS2 Reporting API": {
"main": [
[
{
"node": "Evaluate Health and Risk",
"type": "main",
"index": 0
}
]
]
},
"Evaluate Health and Risk": {
"main": [
[
{
"node": "Alert Maritime Ops",
"type": "main",
"index": 0
}
]
]
},
"Alert Maritime Ops": {
"main": [
[
{
"node": "PagerDuty Alert",
"type": "main",
"index": 0
}
]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "maritime-health-v1",
"meta": {
"instanceId": "flowkit-maritime-003"
}
}
Workflow 4: Maritime Compliance Incident Pipeline
A webhook-triggered pipeline handling 8 maritime compliance event types with event-specific handlers:
-
CBP_AMS_MANIFEST_RECEIVED: Calculates the exact 24-hour filing deadline from
receipt_timestamp, computes hours remaining, flags CRITICAL if under 4 hours. Uses receipt timestamp — not processing timestamp — consistent with CBP 19 CFR §4.7a. -
OFAC_SDN_VESSEL_MATCH: Returns
BLOCK_TRANSACTION_IMMEDIATELYwith penalty exposure ($1M+/violation) and required actions. No grace period logic — OFAC has none. - USCG_CYBER_INCIDENT_DETECTED: Calculates NVIC 01-20 72h deadline AND EU NIS2 24h + 72h + 30-day deadlines simultaneously from discovery timestamp. Notes that discovery timestamp = automated system detection timestamp.
- EU_NIS2_SECURITY_INCIDENT: Produces all three NIS2 Art. 23 deadlines (24h early warning, 72h full notification, 30-day final report) with CSIRT notification flag.
- MARPOL_CII_THRESHOLD_BREACH: Evaluates CII rating and consecutive D-year count; triggers SEEMP Part III corrective action plan flag when D×3 or E×1.
{
"name": "Maritime Compliance Incident Pipeline",
"nodes": [
{
"id": "mar-wf4-001",
"name": "Compliance Event Webhook",
"type": "n8n-nodes-base.webhook",
"typeVersion": 2,
"position": [
250,
400
],
"parameters": {
"path": "maritime-incident",
"responseMode": "onReceived",
"httpMethod": "POST"
}
},
{
"id": "mar-wf4-002",
"name": "Route by Event Type",
"type": "n8n-nodes-base.switch",
"typeVersion": 3,
"position": [
500,
400
],
"parameters": {
"mode": "rules",
"rules": {
"rules": [
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "CBP_AMS_MANIFEST_RECEIVED",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "OFAC_SDN_VESSEL_MATCH",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "USCG_CYBER_INCIDENT_DETECTED",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "EU_NIS2_SECURITY_INCIDENT",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "MARPOL_CII_THRESHOLD_BREACH",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "ISPS_SECURITY_LEVEL_ELEVATED",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "PORT_STATE_CONTROL_DEFICIENCY",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
},
{
"conditions": {
"conditions": [
{
"leftValue": "={{ $json.event_type }}",
"rightValue": "IMO_DCS_DATA_GAP_DETECTED",
"operator": {
"type": "string",
"operation": "equals"
}
}
]
}
}
]
}
}
},
{
"id": "mar-wf4-003",
"name": "CBP AMS 24h Handler",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
80
],
"parameters": {
"jsCode": "const receiptTs = new Date($json.receipt_timestamp || Date.now());\nconst filingDeadline = new Date(receiptTs.getTime() + 24 * 60 * 60 * 1000);\nconst hoursLeft = (filingDeadline.getTime() - Date.now()) / 3600000;\nreturn [{ json: {\n ...$json,\n cbp_receipt_timestamp: receiptTs.toISOString(),\n cbp_24h_filing_deadline: filingDeadline.toISOString(),\n hours_to_file: Math.floor(hoursLeft),\n urgency: hoursLeft < 4 ? 'CRITICAL' : hoursLeft < 12 ? 'HIGH' : 'NORMAL',\n penalty_per_violation_usd: 5000,\n max_per_vessel_usd: 50000,\n statutory_cite: '19 CFR \u00a74.7a',\n note: 'CBP clock starts at data receipt timestamp \u2014 not at filing team review'\n} }];"
}
},
{
"id": "mar-wf4-004",
"name": "OFAC SDN IMMEDIATE Block",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
200
],
"parameters": {
"jsCode": "return [{ json: {\n ...$json,\n ofac_match_timestamp: new Date().toISOString(),\n action: 'BLOCK_TRANSACTION_IMMEDIATELY',\n grace_period: 'NONE',\n penalty_per_violation_usd: 1000000,\n statutory_cite: '50 USC \u00a71701 / IEEPA',\n required_actions: [\n 'BLOCK: Do not process this shipment/transaction',\n 'REPORT: File OFAC report within 10 business days',\n 'NOTIFY: Legal + Compliance + CEO immediately',\n 'PRESERVE: Do not alter or delete any records'\n ]\n} }];"
}
},
{
"id": "mar-wf4-005",
"name": "USCG Cyber Incident Handler",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
320
],
"parameters": {
"jsCode": "const discoveryTs = new Date();\nconst nvic72h = new Date(discoveryTs.getTime() + 72 * 60 * 60 * 1000);\nconst nis2_24h = new Date(discoveryTs.getTime() + 24 * 60 * 60 * 1000);\nconst nis2_72h = new Date(discoveryTs.getTime() + 72 * 60 * 60 * 1000);\nreturn [{ json: {\n ...$json,\n discovery_timestamp: discoveryTs.toISOString(),\n uscg_nvic0120_72h_deadline: nvic72h.toISOString(),\n eu_nis2_early_warning_24h: nis2_24h.toISOString(),\n eu_nis2_full_notification_72h: nis2_72h.toISOString(),\n immediate_action: 'Notify USCG District Command NOW (NVIC 01-20)',\n note: 'Discovery timestamp = automated system detection, not human team review. USCG clock started at ' + discoveryTs.toISOString()\n} }];"
}
},
{
"id": "mar-wf4-006",
"name": "EU NIS2 Three-Clock Handler",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
440
],
"parameters": {
"jsCode": "const detectedTs = new Date();\nreturn [{ json: {\n ...$json,\n nis2_detection_timestamp: detectedTs.toISOString(),\n nis2_early_warning_deadline: new Date(detectedTs.getTime() + 24 * 60 * 60 * 1000).toISOString(),\n nis2_full_notification_deadline: new Date(detectedTs.getTime() + 72 * 60 * 60 * 1000).toISOString(),\n nis2_final_report_deadline: new Date(detectedTs.getTime() + 30 * 24 * 60 * 60 * 1000).toISOString(),\n applicable_to: 'Port operators, maritime infrastructure operators (EU NIS2 critical infrastructure)',\n statutory_cite: 'NIS2 Directive 2022/2555 Art. 23',\n csirt_notification: true,\n member_state_authority_notification: true\n} }];"
}
},
{
"id": "mar-wf4-007",
"name": "MARPOL CII Corrective Action",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
560
],
"parameters": {
"jsCode": "const rating = $json.cii_rating;\nconst consec_d = parseInt($json.consecutive_d_years || 0);\nlet action = 'MONITOR';\nlet urgency = 'LOW';\nif (rating === 'E') { action = 'SEEMP_PART_III_CORRECTIVE_ACTION_PLAN_REQUIRED_IMMEDIATE'; urgency = 'CRITICAL'; }\nelse if (rating === 'D' && consec_d >= 3) { action = 'SEEMP_PART_III_CORRECTIVE_ACTION_PLAN_REQUIRED_IMMEDIATE'; urgency = 'CRITICAL'; }\nelse if (rating === 'D' && consec_d >= 2) { action = 'CORRECTIVE_ACTION_PLAN_PREPARE_NOW'; urgency = 'HIGH'; }\nelse if (rating === 'D') { action = 'TRAJECTORY_MONITORING_REQUIRED'; urgency = 'MEDIUM'; }\nreturn [{ json: {\n ...$json,\n cii_action: action,\n urgency,\n jan31_dcs_deadline: 'Annual fuel oil consumption report due January 31 to flag Administration (MARPOL Annex VI Reg. 22A)',\n data_gap_risk: 'Cloud automation outage during reporting year = voyage data gap = DCS reconstruction required',\n statutory_cite: 'MARPOL Annex VI MEPC 78/2022'\n} }];"
}
},
{
"id": "mar-wf4-008",
"name": "Log Incident to Postgres",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
1000,
400
],
"parameters": {
"operation": "insert",
"schema": "public",
"table": "maritime_compliance_incidents",
"columns": "account_id,event_type,urgency,action_required,deadline_ts,logged_at",
"options": {}
}
},
{
"id": "mar-wf4-009",
"name": "Notify Compliance Team",
"type": "n8n-nodes-base.slack",
"typeVersion": 2,
"position": [
1250,
300
],
"parameters": {
"channel": "#maritime-compliance-incidents",
"text": ":anchor: *Maritime Compliance Event: {{ $json.event_type }}*\nAccount: {{ $json.account_id }} | Urgency: {{ $json.urgency }}\nAction: {{ $json.action || $json.cii_action || $json.immediate_action || $json.required_actions }}\nDeadline: {{ $json.cbp_24h_filing_deadline || $json.nis2_early_warning_deadline || $json.uscg_nvic0120_72h_deadline || 'See incident log' }}"
}
},
{
"id": "mar-wf4-010",
"name": "Critical Gmail Alert",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1250,
440
],
"parameters": {
"operation": "send",
"to": "compliance@your-maritime-saas.com",
"subject": "CRITICAL Maritime Incident: {{ $json.event_type }} \u2014 {{ $json.account_id }}",
"emailType": "html",
"message": "<p><strong>Maritime compliance incident requires immediate attention</strong></p><p>Event: {{ $json.event_type }}<br>Account: {{ $json.account_id }}<br>Action: {{ $json.action || $json.cii_action || $json.immediate_action }}<br>Logged: {{ $json.nis2_detection_timestamp || $json.discovery_timestamp || $json.cbp_receipt_timestamp || new Date().toISOString() }}</p>"
}
}
],
"connections": {
"Compliance Event Webhook": {
"main": [
[
{
"node": "Route by Event Type",
"type": "main",
"index": 0
}
]
]
},
"Route by Event Type": {
"main": [
[
{
"node": "CBP AMS 24h Handler",
"type": "main",
"index": 0
}
],
[
{
"node": "OFAC SDN IMMEDIATE Block",
"type": "main",
"index": 0
}
],
[
{
"node": "USCG Cyber Incident Handler",
"type": "main",
"index": 0
}
],
[
{
"node": "EU NIS2 Three-Clock Handler",
"type": "main",
"index": 0
}
],
[
{
"node": "MARPOL CII Corrective Action",
"type": "main",
"index": 0
}
],
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
],
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
],
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
]
]
},
"CBP AMS 24h Handler": {
"main": [
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
]
]
},
"OFAC SDN IMMEDIATE Block": {
"main": [
[
{
"node": "Notify Compliance Team",
"type": "main",
"index": 0
}
]
]
},
"USCG Cyber Incident Handler": {
"main": [
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
]
]
},
"EU NIS2 Three-Clock Handler": {
"main": [
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
]
]
},
"MARPOL CII Corrective Action": {
"main": [
[
{
"node": "Log Incident to Postgres",
"type": "main",
"index": 0
}
]
]
},
"Log Incident to Postgres": {
"main": [
[
{
"node": "Notify Compliance Team",
"type": "main",
"index": 0
}
]
]
},
"Notify Compliance Team": {
"main": [
[
{
"node": "Critical Gmail Alert",
"type": "main",
"index": 0
}
]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "maritime-incident-v1",
"meta": {
"instanceId": "flowkit-maritime-004"
}
}
Workflow 5: Weekly Maritime SaaS KPI Compliance Dashboard
A Monday 8 AM ET scheduled workflow that queries account metrics by tier (including MARPOL CII, CBP AMS, and EU NIS2 account counts), queries open compliance incidents from the past 7 days, builds an HTML report with tier breakdown + incident summary + compliance reminders, and sends to CEO + BCC CISO. The compliance reminder footer includes the critical maritime deadline rules: CBP receipt timestamp, OFAC immediacy, MARPOL CII corrective action trigger, EU NIS2 discovery definition.
{
"name": "Weekly Maritime SaaS KPI Compliance Dashboard",
"nodes": [
{
"id": "mar-wf5-001",
"name": "Monday 8 AM ET",
"type": "n8n-nodes-base.scheduleTrigger",
"typeVersion": 1,
"position": [
250,
300
],
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 13 * * 1"
}
]
}
}
},
{
"id": "mar-wf5-002",
"name": "Query Accounts by Tier",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
500,
200
],
"parameters": {
"operation": "executeQuery",
"query": "SELECT tier, COUNT(*) AS accounts, SUM(mrr_usd) AS mrr, COUNT(CASE WHEN flags LIKE '%MARPOL_CII_REPORTING_REQUIRED%' THEN 1 END) AS marpol_cii_count, COUNT(CASE WHEN flags LIKE '%CBP_AUTOMATED_MANIFEST_SYSTEM_FILER%' THEN 1 END) AS cbp_ams_count, COUNT(CASE WHEN flags LIKE '%EU_NIS2_CRITICAL_INFRASTRUCTURE%' THEN 1 END) AS nis2_count FROM maritime_accounts WHERE active = true GROUP BY tier ORDER BY mrr DESC"
}
},
{
"id": "mar-wf5-003",
"name": "Query Open Incidents",
"type": "n8n-nodes-base.postgres",
"typeVersion": 2,
"position": [
500,
400
],
"parameters": {
"operation": "executeQuery",
"query": "SELECT event_type, COUNT(*) AS open_count, MAX(created_at) AS latest FROM maritime_compliance_incidents WHERE resolved = false AND created_at > NOW() - INTERVAL '7 days' GROUP BY event_type ORDER BY open_count DESC"
}
},
{
"id": "mar-wf5-004",
"name": "Build HTML KPI Report",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
750,
300
],
"parameters": {
"jsCode": "const accounts = $node['Query Accounts by Tier'].json;\nconst incidents = $node['Query Open Incidents'].json;\nconst acctArr = Array.isArray(accounts) ? accounts : [accounts];\nconst incArr = Array.isArray(incidents) ? incidents : (incidents ? [incidents] : []);\nconst totalMRR = acctArr.reduce((s, r) => s + parseFloat(r.mrr || 0), 0);\nconst totalAccounts = acctArr.reduce((s, r) => s + parseInt(r.accounts || 0), 0);\nconst reportDate = new Date().toISOString().split('T')[0];\nconst html = '<h2>Maritime SaaS Weekly KPI \u2014 ' + reportDate + '</h2>' +\n '<h3>Accounts by Tier</h3>' +\n '<table border=\"1\" cellpadding=\"4\"><tr><th>Tier</th><th>Accounts</th><th>MRR</th><th>MARPOL CII</th><th>CBP AMS</th><th>EU NIS2</th></tr>' +\n acctArr.map(r => '<tr><td>' + r.tier + '</td><td>' + r.accounts + '</td><td>$' + parseFloat(r.mrr || 0).toFixed(0) + '</td><td>' + (r.marpol_cii_count || 0) + '</td><td>' + (r.cbp_ams_count || 0) + '</td><td>' + (r.nis2_count || 0) + '</td></tr>').join('') +\n '<tr><td><b>TOTAL</b></td><td><b>' + totalAccounts + '</b></td><td><b>$' + totalMRR.toFixed(0) + '</b></td><td colspan=\"3\"></td></tr></table>' +\n '<h3>Open Compliance Incidents (7 days)</h3>' +\n (incArr.length === 0 ? '<p>No open incidents</p>' : '<table border=\"1\" cellpadding=\"4\"><tr><th>Event Type</th><th>Open</th><th>Latest</th></tr>' + incArr.map(r => '<tr><td>' + r.event_type + '</td><td>' + r.open_count + '</td><td>' + (r.latest || '') + '</td></tr>').join('') + '</table>') +\n '<hr><p><small><b>Compliance reminders:</b> CBP AMS: 24h clock starts at data receipt (19 CFR \u00a74.7a, $5K/violation). OFAC SDN: IMMEDIATE block, no grace period ($1M+/violation). MARPOL CII: D\u00d73 years or E\u00d71 year = SEEMP Part III corrective action IMMEDIATE. EU NIS2 Art. 23: 24h early warning from discovery. USCG NVIC 01-20: incident notification at system detection timestamp.</small></p>';\nreturn [{ json: { html, totalMRR, totalAccounts, reportDate } }];"
}
},
{
"id": "mar-wf5-005",
"name": "Send to CEO + CISO",
"type": "n8n-nodes-base.gmail",
"typeVersion": 2,
"position": [
1000,
300
],
"parameters": {
"operation": "send",
"to": "ceo@your-maritime-saas.com",
"bcc": "ciso@your-maritime-saas.com",
"subject": "Maritime SaaS Weekly KPI \u2014 {{ $json.reportDate }} \u2014 MRR ${{ $json.totalMRR }} \u2014 {{ $json.totalAccounts }} accounts",
"emailType": "html",
"message": "={{ $json.html }}"
}
}
],
"connections": {
"Monday 8 AM ET": {
"main": [
[
{
"node": "Query Accounts by Tier",
"type": "main",
"index": 0
}
],
[
{
"node": "Query Open Incidents",
"type": "main",
"index": 0
}
]
]
},
"Query Accounts by Tier": {
"main": [
[
{
"node": "Build HTML KPI Report",
"type": "main",
"index": 0
}
]
]
},
"Query Open Incidents": {
"main": [
[
{
"node": "Build HTML KPI Report",
"type": "main",
"index": 0
}
]
]
},
"Build HTML KPI Report": {
"main": [
[
{
"node": "Send to CEO + CISO",
"type": "main",
"index": 0
}
]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "maritime-kpi-v1",
"meta": {
"instanceId": "flowkit-maritime-005"
}
}
Why Maritime SaaS Vendors Are Moving to Self-Hosted n8n
Four specific maritime compliance risks are amplified by cloud-hosted automation platforms:
1. CBP AMS Receipt Timestamp Chain of Custody (19 CFR §4.7a)
The CBP 24-hour advance manifest clock starts at data receipt. Your cloud automation platform's webhook receipt timestamp is the CBP-relevant event — but that timestamp lives in your iPaaS vendor's log infrastructure, not in your own systems. If CBP issues a penalty assessment and asks for the manifest receipt timestamp chain, you are relying on your vendor's log retention policy and schema definition. With self-hosted n8n + Postgres, you control the timestamp, the schema, and the subpoena response.
2. MARPOL CII Data Lineage Integrity (MARPOL Annex VI Reg. 22A)
If your cloud automation platform is the system that collects and aggregates vessel voyage consumption data for MARPOL CII reporting, any cloud outage creates a data gap in your annual DCS filing. Flag state authorities reviewing your IMO DCS submission have a clear audit trail: your own platform's logs show the data gap. Self-hosted n8n eliminates third-party uptime dependencies from the MARPOL data collection chain — the platform that creates the gap is the same platform that must reconstruct it.
3. USCG NVIC 01-20 Incident Discovery Timestamp
USCG NVIC 01-20 guidance interprets 'discovery' broadly. If your cloud automation platform is the first system to log a threat indicator, that log entry is the USCG-relevant discovery event — but it is on vendor infrastructure. In a USCG examination or district command inquiry, the vendor's timestamp becomes the evidence. Self-hosted n8n keeps the incident detection timeline under your operational control, with timestamps in infrastructure you control.
4. EU NIS2 Art. 23 Critical Infrastructure Audit Trail
Under NIS2 Directive Art. 23, port operators must provide competent authorities with evidence of incident detection timestamp, notification timeline, and remediation actions. If your incident detection workflow runs on cloud iPaaS, the 24-hour early warning chain includes your cloud vendor's infrastructure — which may itself be subject to NIS2 obligations. The audit trail for a port authority NIS2 notification must trace from detection to report; a multi-vendor cloud chain complicates that trace.
Get These 5 Workflows
All 5 workflows above, plus 9 more covering additional maritime compliance scenarios (Port State Control deficiency tracking, TWIC access control audit log, FMC tariff change monitor, PHMSA dangerous cargo incident pipeline, ISM Code non-conformity DPA notification, OFAC bulk vessel screening, Port Authority ISPS annual verification, C-TPAT maritime supply chain 72h notification, IMO DCS voyage data gap reconstruction), are available as import-ready JSON at:
stripeai.gumroad.com — individual workflows $12–$29
Complete Maritime/PortTech SaaS Compliance Bundle (all 14 workflows) — $97
Each workflow includes README documentation with the relevant statutory citations, deadline calculation logic, and suggested Postgres schema for compliance deadline tracking.
Tier flags: USCG_MTSA_FACILITY_OPERATOR IMO_SOLAS_ISPS_CODE_SUBJECT MARPOL_CII_REPORTING_REQUIRED CBP_AUTOMATED_MANIFEST_SYSTEM_FILER EU_NIS2_CRITICAL_INFRASTRUCTURE BIMCO_MARITIME_CYBER_GUIDELINE US_CUSTOMS_TRADE_PARTNERSHIP_C_TPAT
Top comments (0)