Summary: OFO continues to experience challenges managing searches of electronic devices, similar to those identified in our first audit report, CBP’s Searches of Electronic Devices at Ports of Entry, issued in December 2018.  Specifically, OFO did not properly document and conduct searches of electronic devices, fully assess the effectiveness of the electronic device search program, or adequately manage electronic device search equipment.  This occurred because, although it plans to do so, OFO has not yet fully implemented corrective actions for four of the five recommendations in our previous audit report, including establishing training for staff.  According to an OFO official, there have been delays in fully implementing the prior recommendations due to reviews of existing policy and a capabilities analysis report, and development of additional training.  In addition, OFO does not have adequate processes for auditing electronic device searches, does not track prosecutions and convictions resulting from referrals to other Federal agencies, and does not adequately monitor search equipment usage, functionality, and inventory.  Unless it corrects previously identified deficiencies and better manages searches and equipment, OFO will limit its ability to detect and deter illegal activities related to terrorism; national security; human, drug, and bulk cash smuggling; and child pornography.  We made five recommendations to improve CBP’s oversight of searches of electronic devices at ports of entry.  CBP concurred with all five recommendations.

CBP officials had legitimate reasons for placing lookouts on American journalists, attorneys, and others suspected of organizing or being associated with the migrant caravan.  However, many CBP officials were unaware of CBP’s policy related to placing lookouts and, therefore, may have inadvertently placed lookouts on these Americans, which did not fully comport with the policy.  Additionally, CBP officials did not remove lookouts promptly once they were no longer necessary and, as a result, subjected some of these U.S. citizens to repeated and unnecessary secondary inspections.  During the same time period, a CBP official requested that Mexico deny entry to caravan associates, including 14 Americans.  Unlike CBP’s legitimate reasons for placing lookouts on these U.S. citizens, CBP had no genuine basis for requesting Mexico to deny entry to these individuals.  On several other occasions throughout Operation Secure Line, other CBP officials also improperly shared the names and sensitive information of U.S. citizens with Mexico.  We made six recommendations that will improve CBP’s controls on placing and removing lookouts and sharing Americans’ sensitive information with foreign countries.  CBP concurred with all six recommendations.

U.S. Customs and Border Protection (CBP) does not conduct COVID-19 testing for migrants who enter CBP custody and is not required to do so.  Instead, CBP relies on local public health systems to test symptomatic individuals.  According to CBP officials, as a frontline law enforcement agency, it does not have the necessary resources to conduct such testing.  For migrants that are transferred or released from CBP custody into the United States, CBP coordinates with DHS, U.S. Immigration and Customs Enforcement, U.S. Department of Health and Human Services, and other Federal, state, and local partners for COVID-19 testing of migrants.  In addition, although DHS generally follows guidance from the Centers for Disease Control and Prevention for COVID-19 preventative measures, the DHS’ multi-layered COVID-19 testing framework does not require CBP to conduct COVID-19 testing at CBP facilities.  Further, DHS’ Chief Medical Officer does not have the authority to direct or enforce COVID-19 testing procedures.  We recommended DHS reassess its COVID-19 response framework to identify areas for improvement to mitigate the spread of COVID-19 while balancing its primary mission of securing the border.  Additionally, we recommended DHS ensure the components continue to coordinate with the DHS Chief Medical Officer and provide available resources needed to operate safely and effectively during the COVID-19 pandemic and any future public health crisis.  We made two recommendations to improve DHS’ response to COVID-19 at the southwest border.  DHS concurred with both recommendations.

CBP did not effectively manage its aviation fleet acquisitions to meet operational mission needs.  Specifically, AMO acquired and deployed 16 multi-role enforcement aircraft (MEA) that did not contain the necessary air and land interdiction capabilities to perform its mission.  In addition, CBP AMO initiated the MEA and medium lift helicopter program without well-defined operational requirements and key performance parameters — critical items in the acquisition planning process.  This occurred because CBP did not provide oversight and guidance to ensure acquisition personnel followed key steps required by the DHS Acquisition Lifecycle Framework.  As a result, AMO expended approximately $330 million procuring multi-role enforcement aircraft that, at the time of acceptance, did not effectively respond to emergent air threats along the northern or southern borders, and experienced schedule delays deploying the medium lift helicopter.  Without effective oversight and guidance, AMO risks aviation acquisitions taking longer to deliver, at a greater cost, and without the needed capabilities.  We made four recommendations aimed at improving CBP’s acquisition management of aviation fleet to meet operational needs.  CBP concurred with three of the four recommendations. 

We found Border Patrol provided adequate medical assistance to the mother and her newborn, and complied with applicable policies. However, we found that Border Patrol’s data about pregnant detainees is limited and the agency lacks the necessary processes and guidance to reliably track childbirths that occur in custody. In addition, our review of a sample of childbirths in custody showed Border Patrol did not always take prompt action to expedite the release of U.S. citizen newborns, resulting in some being held in stations for multiple days and nights. Although some of these instances may have been unavoidable, Border Patrol needs reliable practices to expedite releases because holding U.S. citizen newborns at Border Patrol stations poses health, safety, and legal concerns. Lastly, we found that Border Patrol agents do not have guidelines on interpreting for Spanish-speaking detainees at hospitals. As a result, an agent assigned to hospital watch for the detainee provided interpretation that may not have comported with CBP’s language access guidance. We made four recommendations to improve CBP’s processes for tracking detainee childbirths, its practices for expediting release of U.S. citizen newborns, and its guidance to agents on providing interpretation for detainees. CBP concurred with all four recommendations

CBP needs better oversight and policy to adequately safeguard migrants experiencing medical emergencies or illnesses along the southwest border.  According to CBP’s policies, once an individual is in custody, CBP agents and officers are required to conduct health interviews, and “regular and frequent” “welfare checks” to identify individuals who may be experiencing serious medical conditions.  However, CBP could not always demonstrate staff conducted required medical screenings or consistent welfare checks for all 98 individuals whose medical cases we reviewed.  This occurred because CBP did not provide sufficient oversight and clear policies and procedures, or ensure officers and agents were adequately trained to implement medical support policies.  As a result, CBP may not identify individuals experiencing medical emergencies or provide appropriate care in a timely manner.  CBP concurred with all three of our recommendations, which when implemented, should improve medical attention and procedures for migrants at the southwest border. 

DHS issued notices to appear (NTA), to MPP participants that were mostly accurate and in accordance with laws and regulations.  However, some NTAs were completed inaccurately.  Specifically, of our sample of 106 NTAs from February 2019 through April 2020, U.S. Customs and Border Protection (CBP) served 20 that did not meet legal sufficiency standards or contained inaccurate information.  However, CBP agents and officers documented proactively issuing 105 of 106 NTAs in our sample in person before returning migrants to Mexico.  If CBP serves a legally insufficient NTA, U.S. Immigration and Customs Enforcement cannot prosecute its removal case if a migrant fails to appear for the initial hearing.  Serving NTAs by mail to migrants in Mexico could result in migrants missing their hearings or the Government’s cases being dismissed or challenged.  We recommended that CBP’s Executive Director of the Office of Field Operations’ Admissibility and Passenger Programs and the Deputy Chief of Border Patrol’s Law Enforcement Operations Directorate develop procedures for quality control and supervisory review of NTAs for MPP enrollees to better ensure that officers and agents fill out the NTAs accurately and completely.  We made one recommendation to improve the accuracy and completeness of NTAs issued to MPP participants.  CBP non-concurred with the recommendation due to it being overcome by events when the program was terminated by the Secretary of Homeland Security on June 1, 2021.  We administratively closed the recommendation.

CBP did not always protect MPC apps from cybersecurity threats.  This occurred because app version updates were not always scanned for vulnerabilities and CBP did not always identify vulnerabilities detected in scans.  CBP also did not complete seven required security and privacy compliance reviews of MPC apps because it did not establish a schedule for the reviews or track and centrally store review documentation.  In addition, CBP did not obtain the information needed for the reviews, had competing priorities, and did not ensure app developers created a process for a required internal audit.  Finally, CBP did not implement Department server configuration requirements for its MPC servers.  We made eight recommendations that, when implemented, should improve the security of CBP’s MPC program.  CBP concurred with all eight recommendations.