Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-20-07 Between 2011 and 2018, U.S. Customs and Border Protection (CBP) processed an average of $896 million in drawback claims annually; however, a lack of internal controls could affect the validity and accuracy of the drawback claims amount.  This occurred, in part, because CBP did not address internal control deficiencies over drawback claims.  The Department of Homeland Security Fiscal Year 2018 Independent Auditor’s Report on Financial Statements and Internal Control over Financial Reporting identified reoccurring CBP internal control deficiencies over drawback claims.  CBP has outlined plans to correct these deficiencies by implementing an updated data processing system and revising legislative procedures.  Without correcting these repeated control deficiencies, CBP cannot determine drawback claims’ validity and accuracy.  These corrective actions are ongoing; therefore, we could not verify during our audit whether CBP remedied the identified internal control deficiencies. Our report contains no recommendations.  

>Lack of Internal Controls Could Affect the Validity of CBP’s Drawback Claims 		2020
OIG-20-38 During 2019, there was a surge in Southwest Border crossings between ports of entry, resulting in 851,508 Border Patrol apprehensions and contributing to what senior U.S. Customs and Border Protection (CBP) officials described as an “unprecedented border security and humanitarian crisis.”  Our unannounced inspections revealed that, under these challenging circumstances, CBP struggled to meet detention standards.  Specifically, several Border Patrol stations we visited exceeded their maximum capacity.  Although Border Patrol established temporary holding facilities to alleviate overcrowding, it struggled to limit detention to the 72 hours generally permitted, as options for transferring detainees out of CBP custody to long-term facilities were limited.  Also, even after deploying medical professionals to more efficiently provide access to medical care, overcrowding made it difficult for the Border Patrol to manage contagious illnesses.  Finally, in some locations, Border Patrol did not meet certain standards for detainee care, such as offering children access to telephone calls and safeguarding detainee property.  In contrast to Border Patrol, which could not control apprehensions, CBP’s ports of entry could limit detainee access, and generally met applicable detention standards.  Supplementing a May 2019 Management Alert recommendation, we made two additional recommendations regarding access of unaccompanied alien children to telephones and proper handling of detainee property.  CBP concurred with the recommendations.

>Capping Report: CBP Struggled to Provide Adequate Detention Conditions During 2019 Migrant Surge 		2020
OIG-20-68 The Federal Emergency Management Agency (FEMA) is not adequately managing severe repetitive loss (SRL) properties covered by the National Flood Insurance Program (NFIP).  FEMA has not established an effective program to reduce or eliminate damage to SRL properties and disruption to life caused by the repeated flooding.  Primarily, FEMA does not have reliable, accurate information about SRL properties.  Secondly, FEMA’s Flood Mitigation Assistance (FMA) program, which aims to mitigate flood damage for NFIP policyholders, provides neither equitable nor timely relief for SRL applicants.  We made three recommendations to FEMA to ensure the accuracy of the SRL list, as well as equitable and timely distribution of mitigation funding, and promoting the use of National Flood Insurance Program (NFIP) Increased Cost of Compliance coverage.  FEMA concurred with all three of the recommendations

>FEMA Is Not Effectively Administering a Program to Reduce or Eliminate Damage to Severe Repetitive Loss Properties 		2020
OIG-20-06 DHS did not have the Information Technology (IT) system functionality needed to track separated migrant families during the execution of Zero Tolerance.  U.S. Customs and Border Protection (CBP) adopted various ad hoc methods to record and track family separations, but this practice introduced widespread errors.  These conditions persisted because CBP did not address known IT deficiencies before the Zero Tolerance Policy was implemented in May 2018.  DHS also did not provide adequate guidance to personnel responsible for executing the policy.  Because of the IT deficiencies, we could not confirm the total number of families DHS separated during the Zero Tolerance period.  DHS estimated Border Patrol agents separated 3,014 children from their families while the policy was in place.  DHS also estimated it completed 2,155 reunifications, although this effort continued on for seven months beyond the July 2018 deadline for reunifying children with their parents.  However, we conducted a review of DHS data during the Zero Tolerance period and identified 136 children with potential family relationships that were not accurately recorded by CBP.  In a broader analysis of DHS data between the dates of October 1, 2017 to February 14, 2019, we identified an additional 1,233 children with potential family relationships not accurately recorded by CBP.  Without a reliable accounting of all family relationships, we could not validate the total number of separations, or the completion of reunifications.  Although DHS spent thousands of hours and more than $1 million in overtime costs, it did not achieve the original goal of deterring “Catch-and-Release” through the Zero Tolerance Policy.  Moreover, the surge in apprehended families during this time period resulted in children being held in CBP facilities beyond the 72-hour legal limit.  The Department concurred with all five report recommendations.

>DHS Lacked Technology Needed to Successfully Account for Separated Migrant Families 		2020
OIG-20-37 The Cybersecurity and Infrastructure Security Agency (CISA) does not effectively coordinate and share best practices to enhance security across the commercial facilities sector.  Specifically, CISA does not coordinate within DHS on security assessments to prevent potential overlap, does not always ensure completion of required After Action Reports to share best practices with the commercial facilities sector, and does not adequately inform all commercial facility owners and operators of available DHS resources.  This occurred because CISA does not have comprehensive policies and procedures to support its role as the commercial facilities’ Sector-Specific Agency (SSA).  Without such policies and procedures, CISA cannot effectively fulfill its SSA responsibilities and limits its ability to measure the Department’s progress toward accomplishing its sector-specific objectives.  CISA may also be missing opportunities to help commercial facility owners and operators identify threats and mitigate risks, leaving the commercial facilities sector vulnerable to terrorist attacks and physical threats that may cause serious damage and loss of life.  We made three recommendations to improve CISA’s coordination and outreach to safeguard the commercial facilities sector.  CISA concurred with all three recommendations.

>DHS Can Enhance Efforts to Protect Commercial Facilities from Terrorism and Physical Threats 		2020
OIG-20-69 We surveyed staff at Border Patrol stations and OFO ports of entry from April 22, 2020 to May 1, 2020.  The 136 Border Patrol stations and 307 OFO ports of entry that responded to our survey described various actions they have taken to prevent and mitigate the pandemic’s spread among travelers, detained individuals, and staff.  These actions include increased cleaning and disinfecting of common areas, and having personal protective equipment for staff, as well as supplies available to those individuals with whom they come into contact.  However, facilities reported concerns with their inability to practice social distancing and the risk of exposure to COVID-19 due to the close-contact nature of their work.  Regarding staffing, facilities reported decreases in current staff availability due to COVID-19, but have contingency plans in place to ensure continued operations.  The facilities expressed concerns regarding staff availability, however, if there were an outbreak of COVID-19 at the facility.  Overall, the majority of respondents reported that their facilities were prepared to address COVID-19.

>Early Experiences with COVID-19 at Border Patrol Stations and OFO Ports of Entry 		2020
OIG-20-04 Except for identified questioned costs, reported DHS Purchase and Travel Card transactions for FY 2017 were appropriate and complied with relevant laws and regulations.  The auditor, CohnReznick LLP, identified 17 control deficiencies within DHS Purchase and Travel Card Programs related to maintenance of purchase documentation, application of required procurement policies, price reasonableness determinations, price quotes/competitive bids, required sourcing, tax exemptions, and split purchases.  The DHS Travel Card Program deficiencies related to maintenance of travel documentation, allowability of transactions per regulations, credit balance refunds, the prudent traveler standard, and improper use of a travel card.  The auditor identified $43,508 in questioned costs for FY 2017 and made 12 recommendations.  When implemented, these recommendations should ensure that Purchase and Travel Card transactions are appropriate and comply with relevant laws and regulations.  The Office of the Chief Financial Officer concurred with six recommendations and non-concurred with six recommendations. 

>Audit of DHS Fiscal Year 2017 Purchase and Travel Card Programs 		2020
OIG-20-36 We identified 16 allegations of race-based harassment involving cadets between 2013 and 2018 that the Coast Guard Academy (the Academy) was aware of and had sufficient information to investigate and address through internal hate and harassment procedures.  The OIG identified issues in how the Academy addressed 11 of them.  First, in six incidents, the Academy did not thoroughly investigate the allegations, and/or did not discipline cadets when investigations documented violations of cadet regulations or Coast Guard policy.  In two of these instances, cadets committed similar misconduct again.  The Academy also did not fully include civil rights staff as required in six instances (including two of the instances noted previously).  Therefore, civil rights staff could not properly track these incidents to proactively identify trends and offer the Academy assistance.  In addition, in one incident involving a potential hate allegation, the Academy did not follow the Coast Guard process for hate incidents.  Finally, our review determined that race-based harassment is underreported at the Academy for various reasons, including concerns about negative consequences for reporting allegations.  Underreporting is especially concerning because our questionnaire results and interviews indicate harassing behaviors continue at the Academy.  We made five recommendations that will enhance the Academy’s ability to address harassment and hate allegations, including ensuring the Academy consistently investigates allegations, requiring the reasons for disciplinary decisions be documented after race- or ethnicity-based harassment investigations, informing civil rights staff of all misconduct that could reasonably relate to race or ethnicity; and improving training related to preventing and addressing race-based or ethnicity-based harassment or hate incidents.  The Coast Guard concurred with all recommendations

>The U.S. Coast Guard Academy Must Take Additional Steps to Better Address Allegations of Race-Based Harassment and Prevent Such Harassment on Campus 		2020
OIG-20-70 Management Alert - CBP Needs to Award A Medical Services Contract Quickly to Ensure No Gap in Services 2020
OIG-20-05 From fiscal years 2015 through 2018, in the midst of a growing opioid epidemic, U.S. Customs and Border Protection (CBP), U.S. Immigration and Customs Enforcement, Transportation Security Administration, and U.S. Secret Service appropriately disciplined employees whose drug test results indicated illegal opioid use, based on their employee standards of conduct and tables of offenses and penalties.  Additionally, during the same time period, components have either implemented or are taking steps to evaluate whether employees using prescription opioids can effectively conduct their duties.  For example, components have established policies prohibiting the use of prescription opioids that may impact an employee’s ability to work, in addition to requiring employees to report such prescription opioid use.  They have also implemented or are in the process of implementing measures to evaluate the fitness for duty of employees using prescription opioids.  These policies establish consistent standards components can use to ensure they are allowing employees to use legally-prescribed opioids, while also ensuring their workforce is capable of effectively performing their duties.  We made two recommendations to improve components’ oversight of illegal and prescription opioid use by employees.  CBP and Secret Service concurred with the recommendations, which are both resolved and open.

>CBP, ICE, TSA, and Secret Service Have Taken Steps to Address Illegal and Prescription Opioid Use 		2020
OIG-20-35 U.S. Customs and Border Protection (CBP) Office of Field operations (OFO) personnel at ports of entry had separated 60 asylum-seeking families between May 6 and July 9, 2018, despite CBP’s claim that it had separated only 7 such families.  More than half of those separations were based solely on the asylum-seeking parents’ prior non-violent immigration violations, which appeared to be inconsistent with official DHS public messaging.  After a June 27, 2018 court ruling, CBP issued specific guidance, and the ports separated fewer families in the prior months.  Despite the new guidance, we continue to have concerns about DHS’ ability to accurately identify and address all family separations due to data reliability issues.  In late June 2018, CBP modified its system for tracking aliens at the ports of entry to capture family separation data consistently, but it could not provide a reliable number of families separated before June 2018.  We made one recommendation that will help CBP’s data collection.  CBP concurred with our recommendation.

>CBP Separated More Asylum-Seeking Families at Ports of Entry Than Reported and For Reasons Other Than Those Outlined in Public Statements 		2020
OIG-20-67 During our unannounced inspections of five U.S. Customs and Border Protection (CBP) facilities in the Laredo and San Antonio areas of Texas in February 2020, three Border Patrol stations and two Office of Field Operation ports of entry we visited appeared to be operating in compliance with the Transport, Escort, Detention, and Search (TEDS) standards we evaluated. We verified accessibility to water, food, toilets, sinks, basic hygiene supplies, and bedding. We observed clean facilities and verified that temperatures and ventilation in holding rooms were appropriate. Of the five facilities we visited, only one could provide on-site showers to detainees, but during our visits, no detainees were approaching the detention time threshold where a shower would be required. Because Border Patrol leadership directed all Border Patrol stations to implement Phase 2 of the enhanced medical screening ahead of the prescribed schedule outlined in CBP Directive 2100-004, the Border Patrol stations we visited were conducting alien intake health assessments using CBP Form 2500. These Ports of Entry had implemented Phase 1, but were not yet required to conduct Phase 2 assessments at the time of our inspection. We did not make any recommendations in this report.

>Five Laredo and San Antonio Area CBP Facilities Generally Complied with the National Standards on Transport, Escort, Detention, and Search 		2020
OIG-20-03 KPMG LLP (KPMG), under contract with DHS OIG, conducted an integrated audit of DHS’ FY 2019 consolidated financial statements and internal control over financial reporting.  KPMG issued an unmodified (clean) opinion over the Department’s financial statements, reporting that they present fairly, in all material respects, DHS’ financial position as of September 30, 2019.  However, KPMG identified material weaknesses in internal control in two areas and other significant deficiencies in three areas.  Consequently, KPMG issued an adverse opinion on DHS’ internal control over financial reporting.  KPMG also reported two instances of noncompliance with laws and regulations.  DHS concurred with all of the recommendations.

>Independent Auditors' Report on DHS' FY 2019 Financial Statements and Internal Control over Financial Reporting 		2020
OIG-20-32 FEMA is not effectively designating Surge Capacity Force (SCF) volunteers and managing the SCF program during disaster operations.  In 2017, FEMA was not prepared to deploy SCF Tier 4 volunteers rapidly and efficiently because FEMA had neither a clear commitment from agencies outside DHS to participate in SCF, nor a roster of volunteers capable of rapidly deploying.  FEMA did not adequately measure SCF performance because it did not have mechanisms to collect data and feedback to gauge program success.  FEMA did not effectively manage the SCF financial program because it relied heavily on the financial controls of volunteers’ home agencies without guarding against breakdowns in those controls.  Finally, FEMA did not close mission assignments promptly because it did not make closing them a priority in what officials described as a series of “overwhelming” catastrophes.  We made four recommendations for FEMA to improve designation of SCF volunteers and management of the SCF program.  FEMA concurred with three of our four recommendations.

>FEMA Needs to Effectively Designate Volunteers and Manage the Surge Capacity Force 		2020
OIG-20-47 Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems for Fiscal Year 2019 2020
OIG-20-02 Based on our recent and prior audits, inspections, special reviews, and investigations, we consider the most serious management and performance challenges currently facing DHS to be: (1) Managing Programs and Operations Effectively and Efficiently during times of Changes in Leadership, Vacancies, Hiring Difficulties; (2) Coordinating Efforts to Address the Sharp Increase in Migrants Seeking to Enter the United States through our Southern Border; (3) Ensuring Cybersecurity in an Age When Confidentiality, Integrity, and the Availability of Information Technology Are Essential to Mission Operations; (4) Ensuring Proper Financial Planning, Payments, and Internal Controls; and (5) Improving FEMA’s Disaster Response and Recovery Efforts.  Addressing and overcoming these challenges requires firm leadership; targeted resources; and a commitment to mastering management fundamentals, data collection and dissemination, cost-benefit/risk analysis, and performance measurement. 

>Major Management and Performance Challenges Facing the DHS 		2020
OIG-20-34 U.S. Customs and Border Protection (CBP) identified and targeted high-risk cargo shipments, CBP did not always prevent air carriers from transporting high-risk air cargo from foreign airports into the United States.  This occurred because neither CBP nor TSA developed adequate policies and procedures to ensure air carriers resolved referrals timely or appropriately.  We made four recommendations to CBP and TSA to mitigate a number of vulnerabilities in the Air Cargo Advance Screening Program.  CBP and TSA concurred with all four recommendations. 

>CBP's ACAS Program Did Not Always Prevent Air Carriers from Transporting High-Risk Cargo into the United States 		2020
OIG-20-64 We determined CBP’s use of tear gas on these dates, in response to physical threats, appeared to be within CBP’s use of force policy.  However, U.S. Border Patrol obtained an acoustic device and used it in an “alert tone” mode on November 25, 2018, which did not conform to CBP’s Use of Force policy because Border Patrol did not get advance authorization to have a device with this capability.  CBP’s Use of Force policy would have permitted use of the alert tone in a manner reasonable and necessary for self-defense or the defense of another person in threatening, emergent situations.  However, the policy does not authorize the carrying of any weapon for duty use that is not authorized, included on the Authorized Equipment List, or specifically approved by the LESC director.  Using the acoustic device in alert mode may increase the risk of temporary or permanent hearing loss to those exposed to the sound and thereby increase the Government’s liability.  CBP’s own internal investigation of the November 25, 2018 incident regarding the acoustic device was incomplete and inaccurate and did not provide all the information CBP needed to determine whether the CBP officer and Border Patrol agents involved had complied with the use of force policy.  In addition, not all Border Patrol agents had the required training and certification to carry less-lethal devices.  This occurred because Border Patrol lacked internal controls to ensure agents had fulfilled these requirements.  Border Patrol agents using less-lethal devices for which they are not certified could result in unintended serious injury or death, increasing the Government’s liability.  We made four recommendations to CBP to ensure compliance with its Use of Force policy and improve its investigative process.  CBP concurred with all four recommendations.

>U.S. Customs and Border Protection Compliance with Use of Force Policy for Incidents on November 25, 2018 and January 1, 2019 - Law Enforcement Sensitive 		2020
OIG-20-01 At the time of our onsite work in July 2017, Box Elder County had not awarded any contracts under this grant. Therefore, we could not determine whether the County had complied with Federal procurement regulations. However, in reviewing Box Elder County’s written procurement policies and procedures we noted the County did not include procedures to ensure opportunities for small and minority businesses, women’s business enterprises, and labor surplus area firms to bid for federally funded work.  In addition, Box Elder County’s procurement policies did not require federally mandated provisions be incorporated in all contracts funded by Federal grants.  In response to our review, Box Elder County revised its procurement policies and procedures to include these Federal procurement requirements.  Consequently, we made no recommendations.

>Review of Box Elder County, Utah's Procurement Policies and Procedures for Disaster No. 4311-DR-UT, Grant No. 003-99003-00 		2020
OIG-20-33 The Transportation Security Administration (TSA) does not monitor the Advanced Imaging Technology (AIT) to ensure it continues to fulfill needed capabilities.  Although the AIT met the requirement for system availability, TSA did not monitor the AIT’s probability of detection rate and throughput rate requirements set forth in TSA’s operational requirements document.  These issues occurred because TSA has not established comprehensive guidance to monitor performance of the AIT system.  Without continuous monitoring and oversight, TSA cannot ensure the AIT is meeting critical system performance requirements—a consistent weakness found in prior DHS OIG reports.  We made two recommendations designed to improve TSA’s monitoring of the AIT system.  TSA concurred with our recommendations.

>TSA Needs to Improve Monitoring of the Deployed Advanced Imaging Technology System 		2020
OIG-20-66 DHS components used inconsistent processes for administrative forfeitures under the Civil Asset Forfeiture Reform Act of 2000 (CAFRA).  Specifically, we found inconsistencies among DHS components regarding the forms used to notify property owners and the process for responding to claims.  Further, CBP inappropriately used waivers to extend deadlines for responding to claims.  We recommended DHS implement a department-wide structure to oversee component forfeiture activities across DHS by designating an office at headquarters for this role.  Additionally, DHS should develop Department-wide policies and procedures, as well as review component policies, to ensure forfeiture processes and practices are consistent.  We made two recommendations to improve oversight across DHS and provide consistent processes for handling administrative forfeitures.  DHS concurred with recommendation two, which we consider resolved and open, but did not concur with recommendation one, which is unresolved and open.

>DHS Inconsistently Implemented Administrative Forfeiture Authorities Under CAFRA 		2020
OIG-19-36 Williams, Adley and Company - DC, LLP completed an audit of Missouri’s management of State Homeland Security Program (SHSP) and Urban Areas Security Initiative (UASI) grants awarded during fiscal years (FY) 2012 through 2015. Williams Adley concluded that Missouri’s State Administrative Agency generally complied with applicable Federal laws and regulations. Although Williams Adley did not identify any duplicate benefits received by the state, it did identify instances in which the state did not fully comply with the Federal Emergency Management Agency’s (FEMA) FYs 2012–2015 Notice of Funding Opportunity guidance.

>Missouri's Management of State Homeland Security Program and Urban Areas Security Initiative Grants Awarded During Fiscal Years 2012 through 2015 		2019
OIG-19-19 DHS Needs to Improve the Process for Identifying Acquisition Planning Capability Needs 2019
OIG-19-67 Limitations of CBP OFO's Screening Device Used to Identify Fentanyl and Other Narcotics 2019
OIG-19-35 The Transportation Security Administration (TSA) needs to continue to improve its retention, hiring, and training of Transportation Security Officers (TSO). Specifically, TSA needs to better address its retention challenges because it currently does not share and leverage results of TSO exit surveys and does not always convey job expectations to new-hires. TSA does not fully evaluate applicants for capability as well as compatibility when hiring new TSOs. Thus, the agency may be making uninformed hiring decisions due to inadequate applicant information and a lack of formally documented guidance on ranking potential new-hires

>TSA Needs to Improve Efforts to Retain, Hire, and Train Its Transportation Security Officers 		2019
OIG-19-18 U.S. Immigration and Customs Enforcement (ICE) contracts with 106 detention facilities to detain removable aliens. In FY 2017, these 106 facilities held an average daily population of more than 25,000 detainees. Since the beginning of FY 2016, ICE has paid more than $3 billion to the contractors operating these 106 facilities. Despite documentation of thousands of deficiencies and instances of serious harm to detainees that occurred at these detention facilities, ICE rarely imposed financial penalties. ICE should ensure that detention contracts include terms that permit ICE to hold contractors to performance standards and impose penalties when those standards are not maintained.

>ICE Does Not Fully Use Contracting Tools to Hold Detention Facility Contractors Accountable for Failing to Meet Performance Standards 		2019
OIG-19-66 FEMA did not take sufficient actions to prevent fraud, waste, and abuse of transportation assistance funds for vehicles considered damaged or destroyed by Hurricanes Harvey, Irma, and Maria in FY 2017.  These weakness occurred because FEMA does not require that agencies collect and retain documentation used to establish applicant eligibility; consider pre-disaster vehicle market value when determining award amounts; provide guidance to state, territorial and tribal governments on how to set transportation assistance thresholds; and conduct post-payment reviews to ensure funds are spent appropriately.  We made three recommendations that, when implemented, will help FEMA ensure it is spending Federal funds for transportation assistance properly.  FEMA concurred with one recommendation and non-concurred with two recommendations.

>FEMA Did Not Sufficiently Safeguard Use of Transportation Assistance Funds 		2019
OIG-19-32 Through the TSA program, FEMA provides transitional sheltering in hotels to disaster survivors displaced by emergencies or major disasters. TSA reduces the number of survivors in congregate emergency shelters by providing hotel lodging. During our ongoing audit of the Federal Emergency Management Agency’s (FEMA) Transitional Sheltering Assistance (TSA) program, we determined that FEMA violated the Privacy Act of 19741 and Department of Homeland Security policy2 by releasing to the PII and SPII of 2.3 million survivors of hurricanes Harvey, Irma, and Maria and the California wildfires in 2017.3

>Management Alert - FEMA Did Not Safeguard Disaster Survivors' Sensitive Personally Identifiable Information (REDACTED) 		2019
OIG-19-16 The Department of Homeland Security (DHS) did not promptly fulfill its first requirement mandated by Public Law 114-278. Specifically, DHS delayed commissioning a comprehensive assessment of the effectiveness of the Transportation Security Card Program in enhancing security and reducing security risks for facilities and vessels. The public law required the assessment to begin no later than 60 days after its enactment. However, DHS did not award a work order for the assessment for more than a year after the deadline.  TSA only partially complied with requirements mandated by the public law. Of the six required actions, TSA partially complied with two and fully complied with four. We have concerns with aspects of TSA’s responses to all of the required actions.

>DHS' and TSA's Compliance with Public Law 114-278, Transportation Security Card Program Assessment 		2019
OIG-19-64 In two of the four areas – training and collaboration – Washington’s Emergency Management Division (EMD) and FEMA complied with applicable policies, procedures, and regulations.  In the third functional area – project execution, monitoring and oversight – we did not identify any significant deficiencies.  We found, however, EMD lacked position-specific guidance for all personnel with programmatic responsibilities.  In the last functional area – project and grant closeout – neither EMD nor its subrecipients submitted timely project closeout requests.  In addition, FEMA did not enforce compliance with its own guidance for processing closeouts.  We recommended FEMA ensure EMD complies with its State Administrative Plan by issuing and regularly updating desk manuals.  In addition, we recommended FEMA coordinate with EMD to initiate closeout on behalf of subrecipients for all open, large projects whose period of performance end dates exceed the 90-day regulatory requirement, and submit closeout requests to FEMA for projects exceeding the 180-day requirement.  We made five recommendations to strengthen EMD’s internal controls to improve its oversight of FEMA’s Public Assistance grant program.  FEMA concurred with all five of our recommendations.

>The State of Washington's Oversight of FEMA's Public Assistance Grant Program for Fiscal Years 2015-2017 Was Generally Effective 		2019
OIG-19-33 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires each National Drug Control Program agency to submit to the ONDCP Director a detailed accounting of all funds expended for National Drug Control Program activities during the previous fiscal year. Williams, Adley & Company –DC, LLP (Williams Adley), under contract with the Department of Homeland Security OIG, issued an Independent Accountant’s Report on U.S. Coast Guard’s (Coast Guard) Detailed Accounting Submission. Coast Guard management prepared the Table of FY 2018 Drug Control Obligations and related disclosures in accordance with requirements of ONDCP Circular, Accounting of Drug Control Funding and Performance Summary, dated May 8, 2018 (the Circular). Based on its review, nothing came to Williams Adley’s attention that caused it to believe that the Coast Guard’s FY 2018 Detailed Accounting Submission is not presented in conformity with the criteria in the Circular. Williams Adley did not make any recommendations as a result of its review.

>Review of U.S. Coast Guard's Fiscal Year 2018 Detailed Accounting Submission for Drug Control Funds 		2019
OIG-19-15 National Protection and Programs Directorate (NPPD) Chief of Staff requested a review to determine whether Federal Protective Service (FPS) inspectors’ positions were classified correctly for purposes of earning overtime under the Fair Labor Standards Act. Although properly classified as non-exempt, inspectors’ excessive use of overtime does raise significant concerns. Specifically, 11 of the 19 inspectors reviewed frequently worked multiple 17- to 21-hour shifts with no days off in between. This kind of extensive overtime allowed seven inspectors to earn more than the most senior executives in the Federal Government, with three earning more than the Vice President of the United States. Furthermore, FPS’ increasing use of overtime contributed to a projected budget shortfall for fiscal year 2018, potentially putting the FPS mission at risk. The inspectors were able to accumulate the extensive overtime because of poor internal controls, such as management not monitoring the use of overtime.

>The Federal Protective Service Has Not Managed Overtime Effectively 		2019
OIG-19-63 Richland County did not always properly account for and expend Federal funds according to Federal regulations and FEMA guidelines.  FEMA did not hold North Dakota accountable for fulfilling its grant management responsibilities, and North Dakota did not adequately manage the FEMA grant by monitoring the County to ensure it complied with applicable regulations and guidelines.  The County failed to follow all Federal procurement regulations when awarding about $1.9 million in disaster-related contracts.  We recommended that FEMA disallow $1,146,921 in ineligible contract costs and direct North Dakota to work with the County to verify that the County complies with all Federal grant requirements and establishes effective accounting systems.  FEMA concurred with our three recommendations for improving County compliance in managing future Federal grants. 

>FEMA Should Disallow $1.1 Million in Grant Funds Awarded to Richland County, North Dakota 		2019
OIG-19-31 We could not fully assess whether Oregon’s State Administrative Agency (OEM) expenditures for State Homeland Security Program (SHSP) and Urban Areas Security Initiative (UASI) funding awarded from FY 2013 through FY 2015 enhanced its preparedness and security because we found some issues. These issues occurred because OEM did not obtain written consent when withholding more than 20 percent of funds, coordinate with subrecipients after award receipt, have approved indirect cost rate agreements, adhere to its subrecipient monitoring procedures, have a tracking system, or provide guidance to subrecipients. FEMA concurred with all 10 recommendations and plans to take corrective action.

>Oregon's Management of State Homeland Security Program and Urban Areas Security Initiative Grants Awarded During Fiscal Years 2013 through 2015 		2019
OIG-19-14 Immigration and Customs Enforcement (ICE), Office of Professional Responsibility, Investigative offices accurately maintained equipment records and complied with vehicle and availability pay requirements. Offices were also accurate in accounting for all firearms. Investigative staff were diligent in complying with the DHS Management Directive relating to the referral of allegations. However, we noted deficiencies in compliance with evidence inventory requirements, and observed inaccuracies in ammunition records. We also found a systemic absence of training on certain firearms and problems with the timeliness of submitting investigative reports. Finally, we found that supervisors did not always review cases on a quarterly basis.

>Oversight Review of the Department of Homeland Security Immigration and Customs Enforcement, Office of Professional Responsibility, Investigations Division 		2019
OIG-19-62 DHS Needs to Improve Cybersecurity Workforce Planning 2019
OIG-19-13 In November 2017, CBP awarded Accenture a $297 million contract to help meet the demands of recruiting and hiring agents and officers under the President’s January 25, 2017 Executive Order, Border Security and Immigration Enforcement Improvements. The contract includes 1 base year, with 4 option years, to hire 7,500 fully qualified applicants, including Customs and Border Protection Officers, Border Patrol Agents, and Air and Marine Interdiction Agents. In its first year, CBP’s contract with Accenture has already taken longer to deploy and delivered less capability than promised. Accenture is nowhere near satisfying its 7,500-person hiring goal over the next 5 years. Further, CBP has used significant staffing and resources to help Accenture do the job for which it was contracted. As such, we are concerned that CBP may have paid Accenture for services and tools not provided. Without addressing the issues we have identified, CBP risks wasting millions of taxpayer dollars on a hastily approved contract that is not meeting its proposed performance expectations. CBP must hold the contractor accountable, mitigate risk, and devise a strategy to ensure results without additional costs to the Government.

>Management Alert - CBP Needs to Address Serious Performance Issues on the Accenture Hiring Contract 		2019
OIG-19-61 FEMA Did Not Properly Review the Port Authority of New York and New Jersey's Request for $306 Million in Public Assistance Funds 2019
OIG-19-12 The County received about $28.1 million in Public Assistance grant awards from Florida — a FEMA grantee — for damages from severe storms, tornadoes, straight-line winds, and flooding in April and May 2014. Jackson County was the first subgrantee in Florida to be approved for a grant award obligation under the Federal Emergency Management Agency’s (FEMA) Public Assistance Alternative Procedures (PAAP) pilot program. The Sandy Recovery Improvement Act of 20131 authorized PAAP and authorized FEMA to implement alternative procedures through the PAAP pilot program. Florida did not fulfill its grantee responsibility to ensure the County followed applicable Federal grant management requirements, and FEMA did not ensure the grantee carried out its responsibilities.

>FEMA Should Recover $3,061,819 in Grant Funds Awarded to Jackson County, Florida 		2019
OIG-19-60 DHS’ information security program was effective for fiscal year 2018 because the Department earned the targeted maturity rating, “Managed and Measurable” (Level 4) in four of five functions, as compared to last year’s lower overall rating, “Consistently Implemented” (Level 3). We attributed DHS’ progress to improvements in information security risk, configuration management practices, continuous monitoring, and more effective security training. By addressing the remaining deficiencies, DHS can further improve its security program ensuring its systems adequately protect the critical and sensitive data they store and process.

>Evaluation of DHS' Information Security Program for Fiscal Year 2018 		2019
OIG-19-11 CBP has a statutory responsibility to collect revenue owed to the U.S. Government that arises from the importation of goods into the United States. Although in fiscal year 2017 CBP collected $40 billion in duties, taxes, and fees, more than $4.3 billion in its allowance for doubtful account for cumulative duties, taxes, and fees remained delinquent and uncollectible — some dating back almost 40 years This outstanding cumulative debt will continue to increase without completing the viability analysis worksheets to enable the timely pursuit or termination of delinquent debt, and the ability to monitor and properly track debt collection and write-offs.

>CBP Did Not Maximize its Revenue Collection Efforts for Delinquent Debt Owed from Importers 		2019
OIG-19-59 We determined that despite requirements of the Homeland Security Act of 2002, as amended, the Science and Technology Directorate (S&T) did not effectively coordinate and integrate department-wide research and development (R&D) activities.  In August 2015, S&T established Integrated Product Teams (IPTs) as the central mechanism to identify, track, and coordinate department-wide priority R&D efforts.  However, S&T did not follow its IPT process as intended.  Specifically, not all components submitted all information on capability gaps to the IPTs; S&T did not effectively gather, track, and manage data on the Department’s R&D gaps and activities; and S&T did not adequately monitor the IPT process to ensure it was effective.  As a result, S&T may not be able to provide the Secretary of Homeland Security and Congress with an accurate profile of the Department’s R&D activities or justify funding needs for a wide range of missions, including securing the border, detecting nuclear devices, and screening airline passengers.  We made three recommendations to improve S&T’s coordination of R&D activities across DHS.  S&T concurred with our recommendations.

>S&T Is Not Effectively Coordinating Research and Development Efforts across DHS 		2019
OIG-19-10 The Trade Facilitation and Trade Enforcement Act of 2015 (TFTEA) requires U.S. Customs and Border Protection (CBP) to establish standard operating procedures (SOP) for searching, reviewing, retaining, and sharing information in communication, electronic, or digital devices at U.S. ports of entry. We determined that CBP’s Office of Field Operations (OFO) did not always conduct the searches at U.S. ports of entry according to its SOPs. Specifically, because of inadequate supervision to ensure OFO officers properly documented searches, OFO cannot maintain accurate quantitative data or identify and address performance problems related to these searches. These deficiencies in supervision, guidance, and equipment management, combined with a lack of performance measures, limit OFO’s ability to detect and deter illegal activities related to terrorism; national security; human, drug, and bulk cash smuggling; and child pornography.

>CBP's Searches of Electronic Devices at Ports of Entry 		2019
OIG-19-58 FEMA's Longstanding IT Deficiencies Hindered 2017 Response and Recovery Operations 2019
OIG-19-09 FEMA Should Recover $413,074 of Public Assistance Grant Funds Awarded to Nashville-Davidson County, Tennessee, for a May 2010 Flood 2019
OIG-19-57 A Joint Review of Law Enforcement Cooperation on the Southwest Border between the Federal Bureau of Investigation and Homeland Security Investigations 2019
OIG-19-06 FEMA awarded the Chippewa Cree Tribe a $32.4 million Public Assistance Program grant for damages from a June 2010 flood disaster. The award provided 100 percent Federal funding to replace the Tribe’s severely damaged health clinic. The Tribe failed to manage a $32.4 million Public Assistance Program grant from FEMA according to Federal regulations and FEMA guidelines. As a result, FEMA has no assurance that expenditures the Tribe claimed for Project 2 (engineering and design), and plans to claim for Projects 132 (facility construction) and 133 (site preparation) are valid, allowable, or eligible. Therefore, FEMA should disallow about $22.3 million of the grant award for these three projects.

>FEMA Should Disallow $22.3 Million in Grant Funds Awarded to the Chippewa Cree Tribe of the Rocky Boy's Indian Reservation, Montana 		2019
OIG-19-56 The Transportation Security Administration’s (TSA) methods for classifying its Office of Inspection (OOI) criminal investigators as law enforcement officers were adequate and valid, but the data TSA used were not adequate or valid. TSA’s criminal investigators spend at least 50 percent of their time performing criminal investigative duties to be classified as law enforcement officers. The FY 2017 timesheet data TSA used to validate that its criminal investigators met the 50 percent requirement were not adequate and valid as the data were not always timely submitted and approved. This occurred because OOI officials lacked oversight and accountability for the timesheet submission, review, and approval processes. Further, criminal investigators and their supervisors did not always complete and approve certification forms as required to verify eligibility for premium pay. In some instances, incorrect timesheet calculations inflated the annual average of unscheduled duty hours criminal investigators worked to be eligible for premium pay. OOI management did not develop and implement guidance to review these key calculations annually. Without better oversight and valid timesheet data, TSA cannot ensure it is accurately classifying criminal investigators as law enforcement officers. TSA also may be wasting agency funds on criminal investigators ineligible to receive premium pay. We made four recommendations that, when implemented, should help TSA improve data used to classify its OOI criminal investigators as law enforcement officers. TSA concurred with all of our recommendations.

>TSA's Data and Methods for Classifying Its Criminal Investigators as Law Enforcement Officers Need Improvement 		2019
OIG-19-07 On January 25, 2017, the President issued two Executive Orders directing the Department of Homeland Security to hire an additional 15,000 law enforcement officers. We conducted this audit to determine whether the Department and its components — specifically FLETC, USBP, and ICE — have the training strategies and capabilities in place to train 15,000 new agents and officers.  Prior to the start of the hiring surge, FLETC’s capacity is already overextended. FLETC is not only responsible for accommodating the anticipated Department hiring surge, but also for an expected increase in demand from other Partner Organizations. Despite observing ongoing work in the development of hiring surge training plans and strategies, challenges exist due to uncertain funding commitments and current training conditions. Absent remedial action, these challenges may impede consistency and lead to a degradation in training and standards. As a result, trainees will be less prepared for their assigned field environment, potentially impeding mission achievability and increasing safety risk to themselves, other law enforcement officers, and anyone within their enforcement authority.

>DHS Training Needs for Hiring 15,000 Border Patrol Agents and Immigration Officers 		2019
OIG-19-55 FEMA has instituted several effective mechanisms to demonstrate the importance of fraud prevention in its disaster assistance programs, but it needs to do more.  In line with our 2011 audit report recommendations, FEMA now uses standard system queries and additional business rules to flag potentially fraudulent disaster assistance applications.  However, FEMA must take additional, proactive steps to create and sustain a culture of fraud prevention and awareness.  This includes adequately staffing the Fraud and Internal Investigations Division, implementing an effective process to monitor and discourage staff noncompliance with required fraud training requirements, and establishing a clear and consistent process for reporting suspected fraud.  We made five recommendations for FEMA to demonstrate its commitment to fraud prevention in carrying out its disaster assistance programs.  FEMA concurred with all of our recommendations and has begun implementing corrective actions.

>FEMA Must Take Additional Steps to Demonstrate the Importance of Fraud Prevention and Awareness in FEMA Disaster Assistance Programs 		2019

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page