DHS generally met deadlines for responding to simple Freedom of Information Act (FOIA) requests, it did not do so for most complex requests.  A significant increase in requests received, coupled with resource constraints, limited DHS’ ability to meet production timelines under FOIA, creating a litigation risk for the Department.  Additionally, DHS has not always fully documented its search efforts, making it difficult for the Department to defend the reasonableness of the searches undertaken.  With respect to responding to congressional requests, we determined DHS has established a timeliness goal of 15 business days or less; however, on average, it took DHS nearly twice as long to provide substantive responses to Congress, with some requests going unanswered for up to 450 business days.  Further, DHS redacted personal information in its responses to congressional committee chairs even when disclosure of the information was statutorily permissible.  This was a descriptive report and contained no recommendations.  In its response, DHS acknowledged FOIA backlogs remain a problem, despite increasing requests processed.  DHS stated its process responding to congressional requests varies greatly and that its redactions are appropriate.

DHS’ capability to counter illicit Unmanned Aircraft Systems (UAS) activity remains limited.  The Office of Strategy, Policy, and Plans did not execute a uniform department-wide approach, which prevented components authorized to conduct counter-UAS operations from expanding their capabilities.  This occurred because the Office of Policy did not obtain funding as directed by the Secretary to expand DHS’ counter-UAS capability.  We made four recommendations to improve the Department’s management and implementation of counter-UAS activities.  The Office of Strategy, Policy, and Plans concurred with all four of our recommendations.      

DHS complied with the Improper Payments Elimination and Recovery Act (IPERA) in fiscal year 2019 by meeting all six of the IPERA requirements.  DHS also complied with Executive Order 13520, Reducing Improper Payments.  Additionally, we reviewed DHS’ processes and procedures for estimating its annual improper payment rates.  Based on our review, we determined DHS did not provide adequate oversight of the components’ improper payment testing and reporting.  We made one recommendation to DHS’ Risk Management and Assurance Division to properly follow the requirements in the DHS Improper Payment Reduction Guidebook. 

DHS does not have a unified approach for procuring and using handheld chemical identification devices despite the widespread use of these devices across multiple components.  We recommended DHS establish a process to coordinate joint needs across components and maximize savings from strategic sourcing opportunities.  We made two recommendations that should help improve unity of effort in procuring and using handheld chemical identification devices.  DHS concurred with recommendation 1 but did not concur with recommendation 2.

Based on our recent and prior audits, inspections, special reviews, and investigations, we consider the most serious management and performance challenges currently facing DHS to be: (1) Managing Programs and Operations Effectively and Efficiently during times of Changes in Leadership, Vacancies, Hiring Difficulties; (2) Coordinating Efforts to Address the Sharp Increase in Migrants Seeking to Enter the United States through our Southern Border; (3) Ensuring Cybersecurity in an Age When Confidentiality, Integrity, and the Availability of Information Technology Are Essential to Mission Operations; (4) Ensuring Proper Financial Planning, Payments, and Internal Controls; and (5) Improving FEMA’s Disaster Response and Recovery Efforts.  Addressing and overcoming these challenges requires firm leadership; targeted resources; and a commitment to mastering management fundamentals, data collection and dissemination, cost-benefit/risk analysis, and performance measurement. 

The Department of Homeland Security did not comply with the Improper Payments Elimination and Recovery Act of 2010 (IPERA) because the Department did not meet two of the six requirements. Specifically, the Department omitted the percent of recaptured amounts from the Other Information section in its Agency Financial Report and did not meet its annual reduction target established for one of eight programs deemed susceptible to significant improper payments.The Department also did not comply with Executive Order 13520, Reducing Improper Payments, because DHS did not make available to the public its Quarterly High-Dollar Overpayment report for the second quarter of fiscal year 2018.

Annual report, Major Management and Performance Challenges Facing the Department of Homeland Security. Pursuant to the Reports Consolidation Act of 2000, the Office of Inspector General is required to issue a statement that summarizes what the Inspector General considers to be the most serious management and performance challenges facing the agency and briefly assess the agency’s progress in addressing those challenges. We acknowledge past and ongoing efforts by Department’s senior leadership to address the challenges identified in this report. At the same time, our aim in this report is two-fold ― to identify areas that need continuing focus and improvement and to point out instances in which senior leadership’s goals and objectives are not executed throughout the Department. We highlight persistent management and performance challenges that hamper the Department’s efforts to accomplish the homeland security mission efficiently and effectively.

Since FY 2014, DHS improved conference spending reporting and implemented policies and procedures to ensure proper oversight and accurate and timely reporting. However, we found instances where DHS did not comply with annual conference reporting requirements. The Department failed to report two conferences costing more than $100,000 each. The Department also did not always report all hosted conferences costing more than $20,000 to OIG within 15 days of the conclusion of each conference. In addition, the Department did not always properly record actual costs accurately and within 45 days of the conclusion of each conference. Although DHS did not always comply with reporting requirements, in most cases, its FY 2016 conference expenses appeared appropriate, reasonable, and necessary.

Between January 2016 and April 2017, DHS OIG received dozens of allegations regarding a variety of issues at the FLETC facility in Glynco, Georgia. Following extensive investigation, DHS OIG determined that many of the allegations could not be substantiated. However, with respect to certain other allegations, DHS OIG’s findings indicate that some of FLETC’s senior managers, including former Director Connie Patrick, failed to exercise the judgment, stewardship, and leadership expected of DHS senior officials. This report focuses on two specific allegations that exemplify the broader issues uncovered by DHS OIG’s investigation. Many of the allegations DHS OIG received regarding FLETC related to the official travel of the former FLETC Director, Connie Patrick. Patrick served as the Director of FLETC from 2002 until her retirement in June 2017. During this time, she frequently traveled domestically and internationally on FLETC-related business. DHS OIG conducted an extensive review of Patrick’s travel for the period January 15, 2014 through June 23, 2016 to identify any instances of impropriety. In addition to multiple complaints about Patrick’s alleged noncompliance with federal, DHS, and FLETC travel rules and regulations, DHS OIG received complaints alleging that Patrick pressured FLETC managers to hire her husband, John Patrick (JP), for a term position within the FLETC Law Enforcement Leadership Institute (LELI). DHS OIG’s investigation determined that JP was hired to a term position with LELI on January 3, 2010 and completed the term on September 11, 2011 — all during Patrick’s tenure as Director of FLETC

Pursuant to the Federal Information Security Modernization Act of 2014, we reviewed the Department’s security program, including its policies, procedures, and system security controls for the enterprise-wide intelligence system. Since our FY 2016 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of the department-wide intelligence system and has implemented programs to monitor ongoing security practices. In addition, the United States Coast Guard is in the process of migrating its intelligence users to a system that is jointly managed by the Defense Intelligence Agency and the National Geospatial Agency.