Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-18-37 Following news reports that U.S. Customs and Border Protection (CBP) personnel implementing Executive Order#13769 (EO) “Protecting the Nation from Foreign Terrorist Entry into the United States”(January 27, 2017) potentially violated the civil rights of individual travelers, we received a congressional request to investigate DHS’s implementation of the EO. In response, we investigated how DHS and CBP, the DHS entity primarily responsible for implementation of the EO, responded to challenges presented by the EO, including the consequence of court orders and CBP’s compliance with them. In our investigation, we found that CBP was caught by surprise when the President issued the EO on January 27, 2017. DHS had little opportunity to prepare for and respond to basic questions about which categories of travelers were affected by the EO. We found that the bulk of travelers affected by the EO who arrived in the United States, particularly LPRs, received national interest waivers. In addition, we observed that the lack of a public or congressional relations strategy significantly hampered CBP and harmed its public image.

>DHS Implementation of Executive Order #13769 "Protecting the Nation From Foreign Terrorist Entry Into the United States" (January 27, 2017) (Redacted) 		2018
OIG-18-38 Facing continued negative publicity and pressure from Members of Congress, FEMA established the Sandy Claims Review Process (SCRP). In doing so, FEMA did not rely on legislatively mandated internal controls designed to ensure appropriate payments for flood victims. Additionally, during the formation and operation of the SCRP, FEMA failed to establish contractor expectations or provide consistent guidance and oversight related to Hurricane Sandy claims. These omissions resulted in policyholders receiving unsupported additional payments, excessive costs to operate the SCRP, and time delays in processing the claims

>Unsupported Payments Made to Policyholders Who Participated in the Hurricane Sandy Claims Review Process 		2018
OIG-18-42 Management Alert - ICE's Training Model Needs Further Evaluation 2018
OIG-18-41 DHS Needs to Strengthen Its Suspension and Debarment Program 2018
OIG-18-40 The Indiana Department of Homeland Security (Indiana) received $27.9 million in Federal Emergency Management Agency (FEMA) Hazard Mitigation Grant Program (HMGP) funds to disburse to eligible subgrantees for projects in 10 disasters declared from June 2004 to April 2014. Our objective was to determine whether Indiana administered the grant program in accordance with Federal regulations and ensured subgrantees properly accounted for and expended FEMA funds. Indiana unable to demonstrate it has procedures and processes to ensure compliance with all Federal monitoring and financial reporting requirements. Specifically, Indiana did not perform required subgrant monitoring during project implementation and post closeout; submit quarterly progress and financial reports that met requirements; and comply with financial management requirements to ensure subgrantees accounted for and expended FEMA grant funds according to Federal regulations and FEMA guidelines.

>Indiana Needs to Improve the Management of Its FEMA Hazard Mitigation Grants 		2018
OIG-18-39 Audit of FEMA Public Assistance Grant Funds Awarded to Volunteer Energy 2018
OIG-18-45 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all funds expended for National Drug Control Program activities during the previous fiscal year (FY).  The Office of Inspector General (OIG) is required to conduct a review of the report and provide a conclusion about the reliability of each assertion made in the report. Independent Accountants’ Report on the

U.S. Immigration and Custom Enforcement’s (ICE) FY 2017 Drug Control Performance Summary Report. ICE’s management prepared the Performance Summary Report and the related disclosures in accordance with the requirements of the ONDCP Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013 (Circular).

>Review of U.S. Immigration and Customs Enforcement's Fiscal Year 2017 Drug Control Performance Summary Report 		2018
OIG-18-48 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all funds expended for National Drug Control Program activities during FY 2017. There are six program offices within CBP that are tasked with drug-control responsibilities: the United States Border Patrol (USBP), the Offices of Field Operations (OFO), Information and Technology (OIT), Training and Development (OTD), Acquisition (OA), and Air and Marine (AMO)).

>Review of U.S. Customs and Border Protection's Fiscal Year 2017 Detailed Accounting Submission for Drug Control Funds 		2018
OIG-18-43 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all funds expended for National Drug Control Program activities during the previous fiscal year (FY). The Office of Inspector General (OIG) is required to conduct a review of the report and provide a conclusion about the reliability of each assertion made in the report. Independent Accountants’ Report on the U.S. Coast Guard’s (Coast Guard) FY 2017 Drug Control Performance Summary Report. Coast Guard’s management prepared the Performance Summary Report and the related disclosures in accordance with the requirements of the ONDCP Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013 (Circular).

>Review of U.S. Coast Guard's Fiscal Year 2017 Drug Control Performance Summary Report 		2018
OIG-18-46 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all

funds expended for National Drug Control Program activities during FY 2017. U.S. Immigration and Customs Enforcement (ICE) is a multi-mission bureau, and obligations are reported pursuant to an approved drug methodology. ICE's Homeland Security Investigations (HSI) Domestic Investigations, International Operations (IO) and Office of Intelligence uphold U.S. drug control policy delegated amid the Office of National Drug Control Policy (ONDCP) initiatives, by fully supporting the overall ICE mandate to detect, disrupt, and dismantle smuggling organizations.

>Review of U.S. Immigration and Customs Enforcement's Fiscal Year 2017 Detailed Accounting Submission for Drug Control Funds 		2018
OIG-18-44 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all funds expended for National Drug Control Program activities during the previous fiscal year (FY). The Office of Inspector General (OIG) is required to conduct a review of the agency’s submission and provide a conclusion about the reliability of each assertion in the report. an Independent Accountants’ Report on U.S. Coast Guard’s (Coast Guard) Detailed Accounting Submission. Coast Guard’s management prepared the Table of FY 2017 Drug Control Obligations and related disclosures in accordance with the requirements of the ONDCP Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013 (Circular).

>Review of U.S. Coast Guard's Fiscal Year 2017 Detailed Accounting Submission for Drug Control Funds 		2018
OIG-18-47 The Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, requires National Drug Control Program agencies to submit to the ONDCP Director, not later than February 1 of each year, a detailed accounting of all funds expended for National Drug Control Program activities during FY 2017. This Performance Summary Report contains the performance measures aligned to drug control decision units as required by the Office of National Drug Control Policy (ONDCP) Circular: Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013. The drug control decision units are as follows: (1) Salaries and Expenses, (2) Air and Marine Interdiction, Operations, Maintenance, and Procurement and (3) Border Security Fence, Infrastructure and Technology.

>Review of U.S. Customs and Border Protection's Fiscal Year 2017 Drug Control Performance Summary Report 		2018
OIG-18-49 The Federal Emergency Management Agency (FEMA) estimated that the City of Cedar Falls, Iowa (City), had sustained approximately $893,000 in damage caused by severe storms and flooding from September 21 through October 3, 2016. We audited early in the grant process to identify areas in which the City may need additional technical assistance or monitoring to ensure compliance with Federal procurement requirements. Except for procurement, the City’s policies, procedures, and business practices appear to be adequate to account for and expend FEMA grant funds according to Federal regulations and FEMA policies. Specifically, the City’s procurement policies did not provide sufficient opportunities for disadvantaged firms to compete for contracts, or prevent awarding contracts to debarred or suspended contractors. After we discussed these issues, City officials moved quickly to modify procurement policies to comply with Federal requirements.

>City of Cedar Falls, Iowa Has Policies, Procedures, and Business Practices to Manage Its FEMA Grant 		2018
OIG-18-50 The TSA SSI Program Office's Identification and Redaction of Sensitive Security Information 2018
OIG-18-51 Homeland Security Presidential Directive (HSPD) 12 requires that Federal agencies implement a government-wide standard for secure, reliable identification for their employees and contractors to access facilities and systems. Our objective was to assess DHS’ progress in implementing and managing the HSPD-12 program since our prior audits in 2007 and 2010.  The Department of Homeland Security has not made much progress in implementing and managing requirements of the HSPD-12 program department-wide. Many of the same issues we previously reported in 2007 and 2010 pose challenges today.

>Department-wide Management of the HSPD-12 Program Needs Improvement 		2018
OIG-18-52 In light of the heightened public and congressional interest in the misuse of government-owned, government-leased, and chartered aircraft, the Department of Homeland Security (DHS) Office of Inspector General (OIG) conducted a special review of the use of government aircraft by the heads of the Department and several of DHS’s operational components. DHS OIG’s review also included a review of other-than-coach-class travel by this same group of senior officials. We determined that each instance of the use of government aircraft by DHS’s senior leaders during the time period of our review generally complied with relevant laws, rules, regulations, policies, and guidance.

With respect to DHS senior leaders’ other-than-coach-class (OTCC) commercial air travel over the same time period, we determined that such travel generally qualified as allowable premium travel. We could not definitively determine, however, whether one trip taken by a former Deputy Secretary met all of the Department’s criteria for allowable OTCC travel. We also identified two specific instances of non-compliance with the Department’s internal request and approval processes for such travel; however, the related travel was properly justified, and the process deviations were quickly identified and corrected by the Department.

>Special Review: DHS Executive Travel Review 		2018
OIG-18-53 U.S. Senator Claire McCaskill asked us to review ICE’s modification of its intergovernmental service agreement (IGSA) with the City of Eloy in Arizona to procure family detention space in Dilley, Texas. We also reviewed other selected IGSAs to determine whether they complied with applicable laws and regulations. (ICE) is responsible for the detention of removable aliens. ICE commonly uses a type of agreement called an IGSA to reserve space at detention facilities owned or operated by state or local governments. In September 2014, ICE improperly modified an existing IGSA with the City of Eloy (Eloy) in Arizona to establish the 2,400-bed South Texas Family Residential Center in Dilley, Texas, more than 900 miles away. Although ICE could have contracted directly with the private company that operates the South Texas Family Residential Center, CCA, it instead created an unnecessary “middleman” by modifying its existing IGSA with Eloy. Eloy’s sole function under the modification is to act as the middleman between ICE and CCA; Eloy collects about $438,000 in annual fees for this service.

>Immigration and Customs Enforcement Did Not Follow Federal Procurement Guidelines When Contracting for Detention Services 		2018
OIG-18-54 In November 2015, we reported that the Federal Emergency Management Agency’s (FEMA) information technology (IT) management approach did not adequately address technology planning, governance, and system support challenges to effectively support its mission. We issued five recommendations to the FEMA Chief Information Officer (CIO) aimed at improving the agency’s management of IT.1 Specifically, we recommended the CIO finalize key planning documents related to IT modernization; execute against those planning documents; fully implement an IT governance board; improve integration and functionality of existing systems; and implement agency-wide acquisition, development, and operation and maintenance standards.

 

>Management Alert - Inadequate FEMA Progress in Addressing Open Recommendations from our 2015 Report, "FEMA Faces Challenges in Managing Information Technology" (OIG-16-10) 		2018
OIG-18-55 Department of Homeland Security (DHS) Under Secretary for Intelligence and Analysis (USIA) David J. Glawe used a personal email account to send an invitation to his ceremonial swearing-in event to staff members of the United States Senate Committee on Homeland Security and Governmental Affairs. Because the invitation came from a non-DHS email account and resembled a phishing email, Senator Claire McCaskill asked the DHS Office of Inspector General to review the circumstances surrounding the invitation

>Special Review: Swearing-In Ceremony of David J. Glawe, DHS Under Secretary for Intelligence and Analysis 		2018
OIG-18-56 We reviewed DHS’ information security program in accordance with the Federal Information Security Modernization Act of 2014 (FISMA). Our objective was to determine whether DHS’ information security program and practices were adequate and effective in protecting the information and information systems that supported DHS’ operations and assets in fiscal year 2017.

>Evaluation of DHS' Information Security Program for Fiscal Year 2017 		2018
OIG-18-57 The Government Charge Card Abuse Prevention Act of 2012 (Charge Card Act) requires the Office of Inspector General to conduct an annual risk assessment and periodic audits on agency charge card programs. We conducted this audit to determine whether the Department of Homeland Security implemented internal controls to prevent illegal, improper, and erroneous purchases and payments. During fiscal year 2016, DHS reported spending approximately $1.2 billion in purchase, travel, and fleet card transactions. Although the Department has established internal controls for its charge card programs, the components we reviewed did not always follow DHS’ procedures. Our testing results of purchase, travel, and fleet card transactions revealed internal control weaknesses. Specifically, we found major internal control weaknesses that persisted at the United States Coast Guard and some control weaknesses within CBP’s Fleet Card Program.

>Fiscal Year 2016 Audit of the DHS Bankcard Program Indicates Moderate Risk Remains 		2018
OIG-18-58 "U.S. Citizenship and Immigration Services (USCIS) adjudicates applications for immigration benefits, including applications for permanent resident cards, also known as green cards. In response to congressional concerns, we examined green card application processing times, as well as why processing times vary among USCIS field offices. USCIS regularly posts information on its website about the time it takes field offices to adjudicate green card applications (processing time). Yet, the information is unclear and not helpful to USCIS’ customers because it does not reflect the actual amount of time it takes field offices, on average, to complete green card applications.

>USCIS Has Unclear Website Information and Unrealistic Time Goals for Adjudicating Green Card Applications 		2018
OIG-18-59 Pursuant to the Federal Information Security Modernization Act of 2014, we reviewed the Department’s security program, including its policies, procedures, and system security controls for the enterprise-wide intelligence system. Since our FY 2016 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of the department-wide intelligence system and has implemented programs to monitor ongoing security practices. In addition, the United States Coast Guard is in the process of migrating its intelligence users to a system that is jointly managed by the Defense Intelligence Agency and the National Geospatial Agency.

>Fiscal Year 2017 Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems 		2018
OIG-18-60 At the time of our audit, Federal Emergency Management Agency (FEMA) estimated that the City of Waterloo, Iowa (City), sustained approximately $1.9 million in damages from severe storms and flooding from September 21 through October 3, 2016. The City did not provide all requested information and explanations necessary to perform our review; therefore, we were unable to assess whether the City’s policies, procedures, and business practices were adequate to account for FEMA Public Assistance grant funds properly. The City’s failure to cooperate with a Federal audit put approximately $1.9 million dollars in potential FEMA grant funding at risk of being deobligated or not funded.

>The City of Waterloo, Iowa Jeopardizes $1.9 Million in Estimated FEMA Grant Funding 		2018
OIG-18-61 We conducted a verification review to determine the adequacy, effectiveness, and timeliness of USCIS' corrective actions to address the seven report recommendations in Better Safeguards Are Needed in USCIS Green Card Issuance, OIG-17-11, November 16, 2016. At the time of our audit fieldwork in spring 2016, USCIS’ efforts to address the errors were inadequate. USCIS conducted a number of efforts to recover the inappropriately issued cards; however, these efforts also were not fully successful. At the time of our audit fieldwork in spring 2016, USCIS’ efforts to address the errors were inadequate. USCIS conducted a number of efforts to recover the inappropriately issued cards; however, these efforts also were not fully successful.

>Verification Review: Better Safeguards Are Needed in USCIS Green Card Issuance (OIG-17-11) 		2018
OIG-18-62 The Victor Valley Wastewater Reclamation Authority, through its main engineering contractor (Contractor C), presented incorrect data and misinformed FEMA in obtaining a Federal grant of more than $33 million for its pipeline replacement and relocation project. Authority officials wanted to move the pipeline outside of the Mojave Riverbed, but noted the high cost to do so. Authority officials knew that replacing and relocating the pipeline was the most expensive repair option, as their Contractors A and C informed them. However, through Contractor C, Authority officials repeatedly provided FEMA incorrect data that made Alternative 2 appear to be the least expensive. Based on the incorrect information Authority officials provided, FEMA funded $11 million for the replacement and relocation project in 2013 and an additional $22 million in 2014, a total of $33 million. We question the entire $33 million as ineligible because the Authority did not comply with Federal regulations, and FEMA policies and procedures, in preparing cost estimates for FEMA.

>Victor Valley Wastewater Reclamation Authority, California, Provided FEMA Incorrect Information for Its $33 Million Project 		2018
OIG-18-63 The Diamondhead Water and Sewer District (District), received a Federal Emergency Management Agency (FEMA) grant award of $49.3 million from the Mississippi Emergency Management Agency (Mississippi) for damage resulting from Hurricane Katrina in 2005. We had concerns because it took the District about 10 years to break ground on its new wastewater treatment plant. We also wanted to determine whether FEMA accurately applied its “50 Percent Rule.” we identified $1.5 million of improper procurement, unsupported costs, duplicate insurance benefits, and uncompleted project costs that FEMA should disallow to the District. These problems were largely the result of Mississippi not fulfilling its grantee responsibility to ensure the District properly managed FEMA funds. Mississippi is responsible for monitoring subgrant activities, and is compensated with Federal funds to support subgrant management and oversight. It is FEMA’s responsibility to hold Mississippi accountable for proper grant administration.

>FEMA Should Recover $20.4 Million in Grant Funds Awarded to Diamondhead Water and Sewer District, Mississippi 		2018
OIG-18-64 The County estimated that it had sustained $2.7 million in damages from severe storms and flooding in February 2017. We conducted the audit early in the grant process to identify areas in which the County may need additional technical assistance and monitoring to ensure compliance with Federal requirements. DHS OIG found that the County does not have adequate procurement policies, procedures, and business practices that comply fully with all Federal standards for its planned procurements, totaling approximately $500,000. At the time of our fieldwork, FEMA had not completed project worksheets to define the scope of disaster work. At this early stage in the grant process, Utah needs to provide the County with additional technical assistance and increased monitoring. Doing so should provide FEMA reasonable, but not absolute, assurance that the County will spend the $2.7 million in total estimated disaster-related costs according to Federal requirements.

>Cache County, Utah, Needs Additional Assistance and Monitoring to Ensure Proper Management of Its FEMA Grant 		2018
OIG-18-65 Between January 2016 and April 2017, DHS OIG received dozens of allegations regarding a variety of issues at the FLETC facility in Glynco, Georgia. Following extensive investigation, DHS OIG determined that many of the allegations could not be substantiated. However, with respect to certain other allegations, DHS OIG’s findings indicate that some of FLETC’s senior managers, including former Director Connie Patrick, failed to exercise the judgment, stewardship, and leadership expected of DHS senior officials. This report focuses on two specific allegations that exemplify the broader issues uncovered by DHS OIG’s investigation. Many of the allegations DHS OIG received regarding FLETC related to the official travel of the former FLETC Director, Connie Patrick. Patrick served as the Director of FLETC from 2002 until her retirement in June 2017. During this time, she frequently traveled domestically and internationally on FLETC-related business. DHS OIG conducted an extensive review of Patrick’s travel for the period January 15, 2014 through June 23, 2016 to identify any instances of impropriety. In addition to multiple complaints about Patrick’s alleged noncompliance with federal, DHS, and FLETC travel rules and regulations, DHS OIG received complaints alleging that Patrick pressured FLETC managers to hire her husband, John Patrick (JP), for a term position within the FLETC Law Enforcement Leadership Institute (LELI). DHS OIG’s investigation determined that JP was hired to a term position with LELI on January 3, 2010 and completed the term on September 11, 2011 — all during Patrick’s tenure as Director of FLETC

>Special Report - Certain Findings Relating to the OIG's Investigation of Allegations Involving FLETC Senior Officials 		2018
OIG-18-66 In July 2017, FEMA reported that it awarded 252 projects under the PA alternative procedures pilot program valued at $11.9 billion, with just 26 of those projects (10.32 percent) closed. During our fieldwork, we gained access to FEMA’s grant management system of record and reviewed supporting documentation for the project worksheets in our scope to determine if FEMA followed its criteria when validating cost estimates. However, FEMA did not sufficiently document actions that it took to validate subrecipient cost estimates to ensure costs are reasonable. Of the three obligated projects we reviewed during our fieldwork, we did not find evidence that FEMA completed the required steps identified to validate the reasonableness of subrecipient cost estimates.

>Sandy Recovery Improvement Act Review 		2018
OIG-18-67 Neither type of inspection ICE uses to examine detention facilities ensures consistent compliance with detention standards or comprehensive correction of identified deficiencies. Specifically, because the Nakamoto inspection scope is too broad, ICE’s guidance on procedures is unclear, and Nakamoto’s inspection practices are not consistently thorough, its inspections do not fully examine actual conditions or identify all compliance deficiencies. In contrast, ODO uses effective methods and processes to thoroughly inspect facilities and identify deficiencies, but the inspections are too infrequent to ensure the facilities implement all corrections. Moreover, ICE does not adequately follow up on identified deficiencies or systematically hold facilities accountable for correcting deficiencies, which further diminishes the usefulness of both Nakamoto and ODO inspections.

>ICE's Inspections and Monitoring of Detention Facilities Do Not Lead to Sustained Compliance or Systemic Improvements 		2018
OIG-18-69 Since FY 2014, DHS improved conference spending reporting and implemented policies and procedures to ensure proper oversight and accurate and timely reporting. However, we found instances where DHS did not comply with annual conference reporting requirements. The Department failed to report two conferences costing more than $100,000 each. The Department also did not always report all hosted conferences costing more than $20,000 to OIG within 15 days of the conclusion of each conference. In addition, the Department did not always properly record actual costs accurately and within 45 days of the conclusion of each conference. Although DHS did not always comply with reporting requirements, in most cases, its FY 2016 conference expenses appeared appropriate, reasonable, and necessary.

>Audit of Department of Homeland Security's Fiscal Year 2016 Conference Spending 		2018
OIG-18-70 Despite dedicating approximately $272 million to ground-based activities, including VIPR operations, FAMS could not demonstrate how these activities contributed to TSA’s mission. Visible Intermodal Prevention and Response (VIPR) operations, in which VIPR teams collaborate with local law enforcement to augment security at transportation hubs through an increased visible deterrent force.

FAMS could not demonstrate how these activities contributed to TSA’s mission. During our assessment of FAMS’ contributions to TSA’s layered approach to security, we determined that FAMS lacked performance measures for the 24 strategic initiatives and most ground-based activities outlined in its strategic plan. Additionally, FAMS’ VIPR operations performance measures fail to determine the program’s effectiveness. FAMS could not provide a budget breakout by division or operational area.

>FAMS Needs to Demonstrate How Ground-Based Assignments Contribute to TSA's Mission 		2018
OIG-18-68 Although CBP had controls over its polygraph examination process, a key control over its review and approval process was not always operating as intended. Specifically, the polygraph quality control program may not have always conducted independent and objective reviews (blind reviews) of polygraph examination results, as required. We also determined that 96 percent of the complaints we reviewed were unfounded or ambiguous. Nevertheless, CBP did not have a formal complaint review process, which led to inconsistent and subjective reviews. This approach risks not finding or properly addressing issues contained in the complaints.

>Most Complaints about CBP's Polygraph Program Are Ambiguous or Unfounded 		2018
OIG-18-71 We found that FEMA overpaid its employees because it mistakenly believed the Department’s payroll provider had an automated control to prevent payments over the annual cap, and because it did not follow its own premium pay policy. We also found that FEMA has no effective policy or practice to determine the Fair Labor Standards Act status of FEMA employees during disaster deployments, which also contributed to this issue. Since discovering the overpayments, FEMA has been working to calculate how many people were overpaid, but it cannot finish that analysis until it addresses a number of outstanding questions.

>FEMA Paid Employees Over the Annual Premium Pay Cap 		2018
OIG-18-72 DHS did not comply with IPERA because it did not meet one of the six IPERA requirements. Specifically, DHS did not meet its annual reduction targets for 2 of 14 programs. Additionally, we determined that DHS did not provide adequate oversight of the component’s improper testing and reporting.

>Department of Homeland Security's FY 2017 Compliance with the Improper Payments Elimination and Recovery Act of 2010 		2018
OIG-18-74 FEMA needs to continue providing technical assistance to and monitoring of California’s Public Assistance grant funding management.  This helps avoid the risk of exposing millions of taxpayer dollars to fraud, waste, or mismanagement and violating the Robert T. Stafford Disaster Relief and Emergency Assistance Act. In doing so, FEMA can assist California in providing reasonable, but not absolute assurance that Public Assistance subgrant funds are spent in accordance with Federal regulations and FEMA guidelines.

>Special Report: Lessons Learned from Previous Audit Reports Related to California's Practice of Managing Public Assistance Grant Funds 		2018
OIG-18-73 Not all forms DHS and its components use to create NDAs include the required WPEA statement. Further, although many of the settlement agreement templates and settlement agreements in the sample we reviewed included provisions that might restrict or prevent disclosure of information, nearly three-fourths of these documents did not contain the WPEA statement. Omitting the statement in NDAs and personnel settlement agreements could lead to confusion about what information may be disclosed to permissible recipients, which could deter reporting of fraud, waste, or abuse and impede DHS Office of Inspector General (OIG) activities.

>DHS' Non-disclosure Forms and Settlement Agreements Do Not Always Include the Required Statement from the Whistleblower Protection Enhancement Act of 2012 		2018
OIG-18-75 Collectively, our FY 2017 work shows that FEMA continues to face systemic problems and operational challenges, as the variety of findings summarized in this report illustrates In FY 2017, FEMA did not manage disaster relief grants and funds adequately and did not hold grant recipients accountable for properly managing disaster relief funds. We continue to identify problems such as improper contract costs, and ineligible and unsupported expenditures.

In FY 2017, we identified $2.08 billion in questioned costs, which represents 96 percent of the $2.16 billion audited.2 We issued 37 reports concerning FEMA grants, programs, and operations funded by the DRF. Specifically, we conducted 16 grant audits, 13 proactive audits, and 8 program audits. In the last 9 fiscal years, we audited grant funds totaling $13.75 billion and reported potential monetary benefits of $6.55 billion.

>Summary and Key Findings of Fiscal Year 2017 FEMA Disaster Grant and Program Audits 		2018
OIG-18-76 We determined that, from fiscal years 2010 to 2017, the number of assaults against CBP law enforcement officers decreased from 1,089 to 856. During the same time period, assaults of ICE law enforcement officers remained the same at 48. However, the data does not show a clear trend over that time period and the number of assaults varied widely from year to year. Our analysis also shows that, for a number of reasons, the data is unreliable and does not accurately reflect whether assaults have increased or decreased.

>Assaults on CBP and ICE Law Enforcement Officers 		2018
OIG-18-77 We examined whether ICE is effectively overseeing and managing the 287(g) program as it expands. Under the 287(g) program, U.S. Immigration and Customs Enforcement (ICE) delegates authority to state and local law enforcement agencies to help ICE in its immigration enforcement mission in their jurisdictions. After the Executive Order was issued, the 287(g) program expanded quickly, it rose from 36 to 76.  ICE approved 40 additional applicants without planning for a corresponding increase in program management staffing, determining how to promptly deliver needed information technology (IT) equipment to participants, or ensuring participants are fully trained.  



Without effective oversight, it is difficult to monitor and measure performance to determine whether program participants are assisting ICE in its immigration enforcement mission. Further, without the necessary equipment and training, program participants may not be acting as a force multiplier to identify removable aliens. ICE may also not be able to fully expand the program and include new localities interested in participating.

>Lack of Planning Hinders Effective Oversight and Management of ICE's Expanding 287(g) Program 		2018
OIG-18-80 In 2017, CBP made considerable progress developing and implementing a biometric capability to track air passenger exits using facial recognition technology. CBP’s Biometric Entry-Exit Program conducted a pilot at nine airports and demonstrated ability using this technology to match 98 percent of passengers’ identities at departure gates. However, During the pilot, CBP encountered various technical and operational challenges that limited biometric confirmation to only 85 percent of all passengers processed. These challenges included poor network availability, a lack of dedicated staff, and compressed boarding times due to flight delays. Further, due to missing or poor quality digital images, CBP could not consistently match individuals of certain age groups or nationalities.

>Progress Made, but CBP Faces Challenges Implementing a Biometric Capability to Track Air Passengers Departures Nationwide 		2018
OIG-18-79 In December 2014, OIG previously reported on the effectiveness and cost of the UAS program.2 Our report disclosed CBP had not developed performance measures needed to accurately assess program effectiveness and make informed decisions. CBP also did not recognize all UAS operating costs and, as such, the Congress and public may be unaware of the amount of resources invested in the program. This audit determined that CBP has not ensured effective safeguards for surveillance information, such as images and video, collected on and transmitted from its UAS. Without a privacy assessment, CBP could not determine whether ISR Systems contained data requiring safeguards per privacy laws, regulations, and DHS policy. CBP’s failure to implement adequate security controls according to Federal and DHS policy could result in potential loss of confidentiality, integrity, and availability of ISR Systems and its operations.

>CBP Has Not Ensured Safeguards for Data Collected Using Unmanned Aircraft Systems 		2018
OIG-18-78 USCIS has inadequate controls for verifying that foreign nationals seeking lawful permanent residence status meet health-related standards for admissibility. First, USCIS is not properly vetting the physicians it designates as civil surgeons. We determined that USCIS designated physicians with a history of patient abuse or a criminal record as civil surgeons. This is occurring because USCIS does not have adequate policies to ensure only suitable physicians are designated as civil surgeons. Second, when reviewing these foreign nationals’ required medical forms, ISOs are accepting incomplete and inaccurate forms because they are not adequately trained and because USCIS is not enforcing its existing policies. USCIS may be placing foreign nationals at risk of abuse by some civil surgeons. USCIS could also be exposing the U.S. population to contagious or dangerous health conditions from foreign nationals erroneously granted lawful permanent resident status.

>USCIS' Medical Admissibility Screening Process Needs Improvement 		2018
OIG-18-83 U.S. Customs and Border Protection (CBP) is responsible for inspecting all international mail arriving at U.S. airports, with limited exceptions. A major challenge for CBP is preventing imports of opioids and other illegal items mailed from overseas through the U.S. Postal Service (USPS). We conducted this audit to determine whether CBP's air mail inspection processes at JFK airport are effective and have adequate information technology (IT) security controls. CBP has ineffective processes and IT security controls to support air mail inspection operations at John F. Kennedy International Airport (JFK), the largest of nine USPS facilities that receive and handle incoming international mail. Despite legislative requirements to systematically target and widely prevent illegal imports, CBP inspects only a limited number of the hundreds of thousands of pieces of incoming air mail each day, largely due to difficulty inventorying and locating targeted mail, as well as having inadequate guidance, equipment, and resources. These air mail inspection deficiencies hinder CBP's efforts to prevent prohibited items (particularly opioids) from entering the United States.

>CBP's International Mail Inspection Processes Need Improvement at JFK International Airport 		2018
OIG-18-81 DHS support components do not have sufficient processes and procedures to address misconduct. Support Components provide resources, analysis, equipment, research, policy development, and other specific assistance to operational components. These deficiencies exist because no single office or entity

is responsible for managing and overseeing misconduct issues across support components. According to Government Accountability Office (GAO) guidance, it is important for agencies to establish organizational structure, assign responsibility, and delegate authority, so they can achieve their objectives. Support components need to improve their processes and procedures for addressing misconduct. Specifically, support components do not maintain comprehensive data about misconduct  allegations; refer misconduct allegations consistently to OIG; provide guidance for supervisors and investigators on handling misconduct; and manage misconduct allegations effectively.

>DHS Support Components Do Not Have Sufficient Processes and Procedures to Address Misconduct 		2018
OIG-18-84 Special Review - Initial Observations Regarding Family Separation Issues Under the Zero Tolerance Policy 2018
OIG-18-86 We identified a number of serious issues that violate U.S. Immigration and Customs Enforcement’s (ICE) 2011 Performance-Based National Detention Standards and pose significant health and safety risks at the facility.  Specifically, we are concerned about nooses in detainee cells, improper and overly restrictive segregation, and untimely and inadequate detainee medical care.  We recommended that ICE conduct a full review and inspection of the Adelanto ICE Processing Center and the GEO Group’s management of the center to immediately to ensure compliance with ICE’s 2011 Performance-Based National Detention Standards.  Specifically, ICE must review and ensure compliance with: Personal Care Required; Segregation; and Medical Care.  We made one recommendation to improve conditions at the facility.

>Management Alert - Issues Requiring Action at the Adelanto ICE Processing Center in Adelanto, California 		2018
OIG-18-82 Department of Homeland Security shall submit a report not later than October 15, 2017, to the DHS Office of Inspector General listing all grants and contracts awarded by other than full and open competition (OTFOC) during fiscal years 2016 and 2017. We contracted with Williams, Adley & Company-DC, LLC to review the OTFOC report and assess DHS compliance with applicable laws, regulations, and departmental procedures.  Williams Adley concluded that DHS complied with applicable statutes, regulations, and policies governing grants and contracts awarded by OTFOC in FY 2017. During that year, DHS awarded 62 noncompetitive grants worth about $140 million and 121 noncompetitive contracts worth about $118 million through OTFOC. The independent auditors determined that DHS’ Report on OTFOC for FY 2017 as well as the information related to these grants and contracts in the Federal Procurement Data System – Next Generation and USASpending.gov were accurate. The auditors also found that DHS followed written policies and procedures and the requirements of the Federal Funding Accountability and Transparency Act of 2006 when awarding grants and contracts

noncompetitively.

>DHS Grants and Contracts Awarded through Other Than Full and Open Competition FY 2017 		2018
OIG-18-85 The Federal Emergency Management Agency (FEMA), through its Public Assistance (PA) Program, is currently responding to Hurricane Irma — one of the most catastrophic disasters in recent United States history.  FEMA’s damage estimates for Florida and Georgia exceed $4.2 billion, with debris removal operations constituting approximately 36 percent of the total PA cost.  Debris removal costs in Florida and Georgia are estimated to reach approximately $1.5 billion as of May 2018.  FEMA’s guidance for debris monitoring lacks sufficient information to ensure adequate oversight.  In the 2011 OIG report, FEMA’s Oversight and Management of Debris Removal Operations, we identified deficiencies in FEMA’s debris removal guidance.  To resolve these deficiencies, we made 10 recommendations to, in part, strengthen FEMA’s debris removal guidance and procedure.  In response, FEMA released additional criteria pertaining to debris estimating and monitoring to enhance the overall effectiveness of the process.  FEMA removed the detailed responsibilities when it released its Public Assistance Program and Policy Guide (PAPPG).  Going forward from the PAPPG version 1.0, FEMA relies solely on the subrecipient to monitor the debris removal operations, and removes monitoring responsibilities from both FEMA and the State.  Subrecipients now have a greater responsibility to identify issues or concerns during debris removal operations.  We made three recommendations that when implemented will strengthen FEMA’s debris monitoring operations.  FEMA concurred with all recommendations.

>Management Alert - Observations of FEMA's Debris Monitoring Efforts for Hurricane Irma 		2018

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page