Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-19-12 The County received about $28.1 million in Public Assistance grant awards from Florida — a FEMA grantee — for damages from severe storms, tornadoes, straight-line winds, and flooding in April and May 2014. Jackson County was the first subgrantee in Florida to be approved for a grant award obligation under the Federal Emergency Management Agency’s (FEMA) Public Assistance Alternative Procedures (PAAP) pilot program. The Sandy Recovery Improvement Act of 20131 authorized PAAP and authorized FEMA to implement alternative procedures through the PAAP pilot program. Florida did not fulfill its grantee responsibility to ensure the County followed applicable Federal grant management requirements, and FEMA did not ensure the grantee carried out its responsibilities.

>FEMA Should Recover $3,061,819 in Grant Funds Awarded to Jackson County, Florida 		2019
OIG-19-11 CBP has a statutory responsibility to collect revenue owed to the U.S. Government that arises from the importation of goods into the United States. Although in fiscal year 2017 CBP collected $40 billion in duties, taxes, and fees, more than $4.3 billion in its allowance for doubtful account for cumulative duties, taxes, and fees remained delinquent and uncollectible — some dating back almost 40 years This outstanding cumulative debt will continue to increase without completing the viability analysis worksheets to enable the timely pursuit or termination of delinquent debt, and the ability to monitor and properly track debt collection and write-offs.

>CBP Did Not Maximize its Revenue Collection Efforts for Delinquent Debt Owed from Importers 		2019
OIG-19-10 The Trade Facilitation and Trade Enforcement Act of 2015 (TFTEA) requires U.S. Customs and Border Protection (CBP) to establish standard operating procedures (SOP) for searching, reviewing, retaining, and sharing information in communication, electronic, or digital devices at U.S. ports of entry. We determined that CBP’s Office of Field Operations (OFO) did not always conduct the searches at U.S. ports of entry according to its SOPs. Specifically, because of inadequate supervision to ensure OFO officers properly documented searches, OFO cannot maintain accurate quantitative data or identify and address performance problems related to these searches. These deficiencies in supervision, guidance, and equipment management, combined with a lack of performance measures, limit OFO’s ability to detect and deter illegal activities related to terrorism; national security; human, drug, and bulk cash smuggling; and child pornography.

>CBP's Searches of Electronic Devices at Ports of Entry 		2019
OIG-19-09 FEMA Should Recover $413,074 of Public Assistance Grant Funds Awarded to Nashville-Davidson County, Tennessee, for a May 2010 Flood 2019
OIG-19-06 FEMA awarded the Chippewa Cree Tribe a $32.4 million Public Assistance Program grant for damages from a June 2010 flood disaster. The award provided 100 percent Federal funding to replace the Tribe’s severely damaged health clinic. The Tribe failed to manage a $32.4 million Public Assistance Program grant from FEMA according to Federal regulations and FEMA guidelines. As a result, FEMA has no assurance that expenditures the Tribe claimed for Project 2 (engineering and design), and plans to claim for Projects 132 (facility construction) and 133 (site preparation) are valid, allowable, or eligible. Therefore, FEMA should disallow about $22.3 million of the grant award for these three projects.

>FEMA Should Disallow $22.3 Million in Grant Funds Awarded to the Chippewa Cree Tribe of the Rocky Boy's Indian Reservation, Montana 		2019
OIG-19-07 On January 25, 2017, the President issued two Executive Orders directing the Department of Homeland Security to hire an additional 15,000 law enforcement officers. We conducted this audit to determine whether the Department and its components — specifically FLETC, USBP, and ICE — have the training strategies and capabilities in place to train 15,000 new agents and officers.  Prior to the start of the hiring surge, FLETC’s capacity is already overextended. FLETC is not only responsible for accommodating the anticipated Department hiring surge, but also for an expected increase in demand from other Partner Organizations. Despite observing ongoing work in the development of hiring surge training plans and strategies, challenges exist due to uncertain funding commitments and current training conditions. Absent remedial action, these challenges may impede consistency and lead to a degradation in training and standards. As a result, trainees will be less prepared for their assigned field environment, potentially impeding mission achievability and increasing safety risk to themselves, other law enforcement officers, and anyone within their enforcement authority.

>DHS Training Needs for Hiring 15,000 Border Patrol Agents and Immigration Officers 		2019
OIG-19-08 Following the January 13, 2018, false missile alert in Hawaii, Congress requested we examine the Federal Emergency Management Agency’s (FEMA) role in the incident. We concluded that FEMA has limited responsibility for the sending and canceling of state and local alerts. Following the Hawaii false missile alert, three U.S. Senators proposed legislation to define the federal government’s role during false missile alerts, as well as to direct FEMA to recommend best practices in the alerting process. We also identified two areas of concern regarding FEMA’s overall oversight of IPAWS. Although FEMA maintains IPAWS as a messaging platform, state and local alerting authorities must obtain commercially-available emergency alert software to generate a message which passes through IPAWS for authentication and delivery. However, we found that FEMA does not require that this software perform functions critical to the alerting process, such as the ability to preview or cancel an alert. Instead, FEMA only recommends that software vendors include these capabilities as “best practices.”

>FEMA's Oversight of the Integrated Public Alert & Warning System (IPAWS) 		2019
OIG-19-05 We conducted this audit to determine whether the Board accounted for and expended FEMA grant funds according to Federal regulations and FEMA guidelines. The Board sustained an estimated $90.6 million in damages caused by severe storms and flooding that occurred in August 2016. The Ascension Parish School Board (Board) accounted for disaster-related costs correctly, as Federal regulations require. However, the Board did not follow all Federal procurement regulations in awarding $25.6 million in disaster-related contracts, resulting in $9.1 million in ineligible costs. Additionally, there were issues with direct administrative costs related to a Recovery Program and Grants Management services contract. This occurred because the Federal Emergency Management Agency (FEMA) did not ensure the Louisiana Governor’s Office of Homeland Security and Emergency Preparedness (Louisiana) monitored the Board’s subgrant activities for compliance with Federal procurement requirements.

>FEMA Should Disallow $9.1 Million in Public Assistance Grant Funds Awarded to Ascension Parish School Board, Louisiana 		2019
OIG-19-04 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. KPMG noted that the financial statements present fairly, in all material respects, DHS’ financial position as of September 30, 2018.

KPMG issued an adverse opinion on DHS’ internal control over financial reporting of its financial statements as of September 30, 2018. The report identifies the following six significant deficiencies in internal control, the first two of which are considered material weaknesses, and four instances where DHS did not comply with laws and regulations.

>Independent Auditors' Report on DHS' FY 2018 Financial Statements and Internal Control over Financial Reporting 		2019
OIG-19-01 Annual report, Major Management and Performance Challenges Facing the Department of Homeland Security. Pursuant to the Reports Consolidation Act of 2000, the Office of Inspector General is required to issue a statement that summarizes what the Inspector General considers to be the most serious management and performance challenges facing the agency and briefly assess the agency’s progress in addressing those challenges. We acknowledge past and ongoing efforts by Department’s senior leadership to address the challenges identified in this report. At the same time, our aim in this report is two-fold to identify areas that need continuing focus and improvement and to point out instances in which senior leadership’s goals and objectives are not executed throughout the Department. We highlight persistent management and performance challenges that hamper the Department’s efforts to accomplish the homeland security mission efficiently and effectively.

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2019
OIG-19-03 The Office of Inspector General (OIG) is conducting an investigation into allegations that the whistleblower was retaliated against for, among other things, communicating with Members of Congress regarding discrimination and retaliation against the whistleblower. The whistleblower alleged being subjected to retaliatory investigations by CGIS in violation of the Military Whistleblower Protection Act (MWPA). We recently learned that CGIS executed a search warrant against the whistleblower several months after the whistleblower retired from the Coast Guard, but soon after CGIS became aware of the OIG’s whistleblower retaliation investigation. Our information indicates that a CGIS agent obtained the search warrant in connection with a CGIS-directed investigation.

>Management Alert - Coast Guard Investigative Service Search and Seizure of DHS OIG and Congressional Communications 		2019
OIG-19-02 CBP Should Improve Its Air Coordination of the Rio Grande Valley Sector 2019
OIG-18-88 DHS did not complete an assessment of the security value of the Transportation Worker Identification Credential (TWIC) program as required by law.  This occurred because DHS experienced challenges identifying an office responsible for the effort.  As a result, Coast Guard does not have a full understanding of the extent to which the TWIC program addresses security risks in the maritime environment.  This will continue to impact the Coast Guard’s ability to properly develop and enforce regulations governing the TWIC program. For example, Coast Guard did not clearly define the applicability of facilities that have certain dangerous cargo in bulk when developing a final rule to implement the use of TWIC readers at high-risk maritime facilities.  Without oversight and policy improvements in the TWIC program, high-risk facilities may continue to operate without enhanced security measures, putting these facilities at an increased security risk. In addition, Coast Guard needs to improve its oversight of the TWIC program to reduce the risk of transportation security incidents.  Due to technical problems and lack of awareness of procedures, Coast Guard did not make full use of the TWIC card’s biometric features as intended by Congress to ensure only eligible individuals have unescorted access to secure areas of regulated facilities.  During inspections at regulated facilities from FYs 2016 through 2017, Coast Guard only used electronic readers to verify, on average, about one in every 15 TWIC cards against TSA’s canceled card list.  This occurred because the majority of the TWIC readers in the field have reached the end of their service life.  Furthermore, the Coast Guard’s guidance governing oversight of the TWIC program is fragmented, which led to confusion and inconsistent inspection procedures.  This resulted in fewer regulatory confiscations of TWIC cards.  The Department concurred with our four recommendations, and described the corrective actions it is taking and plans to take.

>Review of Coast Guard's Oversight of the TWIC Program 		2018
OIG-18-89-UNSUM We conducted our review of the Science and Technology’s (S&T) insider threat program between January 2017 and June 2017.  S&T is the primary research arm of the Department of Homeland Security (DHS).  Its mission is to strengthen the Nation’s security and resiliency by providing knowledge products and innovative solutions to support DHS mission operations.  Specifically, Congress created S&T in 2003 to conduct basic and applied research, development, demonstration, testing, and evaluation activities relevant to any or all elements of the Department.  S&T oversees laboratories where scientists perform mission-critical research on chemical and biological threats, radiological and nuclear detection, animal diseases, transportation security, and explosives trace identification.  S&T employees, contractors, and business partners—especially those with special or elevated privileges—can potentially use their inside knowledge and access to exploit vulnerabilities and cause harm to mission-critical systems and operations.  We made nine recommendations that, if implemented, should strengthen S&T’s management of insider threat risks.  The Department concurred with all of the recommendations.

>(U) S&T Has Taken Steps to Address Insider Threats, But Management Challenges Remain 		2018
OIG-18-87 CBP facilities we visited appeared to be operating in compliance with the 2015 National Standards on Transport, Escort, Detention, and Search.  With the exception of inconsistent cleanliness of the hold rooms, we observed that unaccompanied alien children had access to toilets and sinks, drinking water, beverages (including milk and juice drinks), as well as snacks and food.  Unaccompanied alien children had access to hygiene items and clean bedding at all facilities we visited.  We did not encounter issues with temperatures or ventilation, access to emergency medical care, inadequate supervision, or access to telephones.  We also observed that CBP Office of Field Operations (OFO) ports of entry had offices and storage spaces redesigned into hold rooms to be able to detain more unaccompanied alien children, family units, and other border crossers referred for processing. We made no recommendations in this report.

>Results of Unannounced Inspections into Conditions for Unaccompanied Alien Children in CBP Custody 		2018
OIG-18-84 Special Review - Initial Observations Regarding Family Separation Issues Under the Zero Tolerance Policy 2018
OIG-18-86 We identified a number of serious issues that violate U.S. Immigration and Customs Enforcement’s (ICE) 2011 Performance-Based National Detention Standards and pose significant health and safety risks at the facility.  Specifically, we are concerned about nooses in detainee cells, improper and overly restrictive segregation, and untimely and inadequate detainee medical care.  We recommended that ICE conduct a full review and inspection of the Adelanto ICE Processing Center and the GEO Group’s management of the center to immediately to ensure compliance with ICE’s 2011 Performance-Based National Detention Standards.  Specifically, ICE must review and ensure compliance with: Personal Care Required; Segregation; and Medical Care.  We made one recommendation to improve conditions at the facility.

>Management Alert - Issues Requiring Action at the Adelanto ICE Processing Center in Adelanto, California 		2018
OIG-18-82 Department of Homeland Security shall submit a report not later than October 15, 2017, to the DHS Office of Inspector General listing all grants and contracts awarded by other than full and open competition (OTFOC) during fiscal years 2016 and 2017. We contracted with Williams, Adley & Company-DC, LLC to review the OTFOC report and assess DHS compliance with applicable laws, regulations, and departmental procedures.  Williams Adley concluded that DHS complied with applicable statutes, regulations, and policies governing grants and contracts awarded by OTFOC in FY 2017. During that year, DHS awarded 62 noncompetitive grants worth about $140 million and 121 noncompetitive contracts worth about $118 million through OTFOC. The independent auditors determined that DHS’ Report on OTFOC for FY 2017 as well as the information related to these grants and contracts in the Federal Procurement Data System – Next Generation and USASpending.gov were accurate. The auditors also found that DHS followed written policies and procedures and the requirements of the Federal Funding Accountability and Transparency Act of 2006 when awarding grants and contracts

noncompetitively.

>DHS Grants and Contracts Awarded through Other Than Full and Open Competition FY 2017 		2018
OIG-18-85 The Federal Emergency Management Agency (FEMA), through its Public Assistance (PA) Program, is currently responding to Hurricane Irma — one of the most catastrophic disasters in recent United States history.  FEMA’s damage estimates for Florida and Georgia exceed $4.2 billion, with debris removal operations constituting approximately 36 percent of the total PA cost.  Debris removal costs in Florida and Georgia are estimated to reach approximately $1.5 billion as of May 2018.  FEMA’s guidance for debris monitoring lacks sufficient information to ensure adequate oversight.  In the 2011 OIG report, FEMA’s Oversight and Management of Debris Removal Operations, we identified deficiencies in FEMA’s debris removal guidance.  To resolve these deficiencies, we made 10 recommendations to, in part, strengthen FEMA’s debris removal guidance and procedure.  In response, FEMA released additional criteria pertaining to debris estimating and monitoring to enhance the overall effectiveness of the process.  FEMA removed the detailed responsibilities when it released its Public Assistance Program and Policy Guide (PAPPG).  Going forward from the PAPPG version 1.0, FEMA relies solely on the subrecipient to monitor the debris removal operations, and removes monitoring responsibilities from both FEMA and the State.  Subrecipients now have a greater responsibility to identify issues or concerns during debris removal operations.  We made three recommendations that when implemented will strengthen FEMA’s debris monitoring operations.  FEMA concurred with all recommendations.

>Management Alert - Observations of FEMA's Debris Monitoring Efforts for Hurricane Irma 		2018
OIG-18-81 DHS support components do not have sufficient processes and procedures to address misconduct. Support Components provide resources, analysis, equipment, research, policy development, and other specific assistance to operational components. These deficiencies exist because no single office or entity

is responsible for managing and overseeing misconduct issues across support components. According to Government Accountability Office (GAO) guidance, it is important for agencies to establish organizational structure, assign responsibility, and delegate authority, so they can achieve their objectives. Support components need to improve their processes and procedures for addressing misconduct. Specifically, support components do not maintain comprehensive data about misconduct  allegations; refer misconduct allegations consistently to OIG; provide guidance for supervisors and investigators on handling misconduct; and manage misconduct allegations effectively.

>DHS Support Components Do Not Have Sufficient Processes and Procedures to Address Misconduct 		2018
OIG-18-83 U.S. Customs and Border Protection (CBP) is responsible for inspecting all international mail arriving at U.S. airports, with limited exceptions. A major challenge for CBP is preventing imports of opioids and other illegal items mailed from overseas through the U.S. Postal Service (USPS). We conducted this audit to determine whether CBP's air mail inspection processes at JFK airport are effective and have adequate information technology (IT) security controls. CBP has ineffective processes and IT security controls to support air mail inspection operations at John F. Kennedy International Airport (JFK), the largest of nine USPS facilities that receive and handle incoming international mail. Despite legislative requirements to systematically target and widely prevent illegal imports, CBP inspects only a limited number of the hundreds of thousands of pieces of incoming air mail each day, largely due to difficulty inventorying and locating targeted mail, as well as having inadequate guidance, equipment, and resources. These air mail inspection deficiencies hinder CBP's efforts to prevent prohibited items (particularly opioids) from entering the United States.

>CBP's International Mail Inspection Processes Need Improvement at JFK International Airport 		2018
OIG-18-78 USCIS has inadequate controls for verifying that foreign nationals seeking lawful permanent residence status meet health-related standards for admissibility. First, USCIS is not properly vetting the physicians it designates as civil surgeons. We determined that USCIS designated physicians with a history of patient abuse or a criminal record as civil surgeons. This is occurring because USCIS does not have adequate policies to ensure only suitable physicians are designated as civil surgeons. Second, when reviewing these foreign nationals’ required medical forms, ISOs are accepting incomplete and inaccurate forms because they are not adequately trained and because USCIS is not enforcing its existing policies. USCIS may be placing foreign nationals at risk of abuse by some civil surgeons. USCIS could also be exposing the U.S. population to contagious or dangerous health conditions from foreign nationals erroneously granted lawful permanent resident status.

>USCIS' Medical Admissibility Screening Process Needs Improvement 		2018
OIG-18-77 We examined whether ICE is effectively overseeing and managing the 287(g) program as it expands. Under the 287(g) program, U.S. Immigration and Customs Enforcement (ICE) delegates authority to state and local law enforcement agencies to help ICE in its immigration enforcement mission in their jurisdictions. After the Executive Order was issued, the 287(g) program expanded quickly, it rose from 36 to 76.  ICE approved 40 additional applicants without planning for a corresponding increase in program management staffing, determining how to promptly deliver needed information technology (IT) equipment to participants, or ensuring participants are fully trained.  



Without effective oversight, it is difficult to monitor and measure performance to determine whether program participants are assisting ICE in its immigration enforcement mission. Further, without the necessary equipment and training, program participants may not be acting as a force multiplier to identify removable aliens. ICE may also not be able to fully expand the program and include new localities interested in participating.

>Lack of Planning Hinders Effective Oversight and Management of ICE's Expanding 287(g) Program 		2018
OIG-18-80 In 2017, CBP made considerable progress developing and implementing a biometric capability to track air passenger exits using facial recognition technology. CBP’s Biometric Entry-Exit Program conducted a pilot at nine airports and demonstrated ability using this technology to match 98 percent of passengers’ identities at departure gates. However, During the pilot, CBP encountered various technical and operational challenges that limited biometric confirmation to only 85 percent of all passengers processed. These challenges included poor network availability, a lack of dedicated staff, and compressed boarding times due to flight delays. Further, due to missing or poor quality digital images, CBP could not consistently match individuals of certain age groups or nationalities.

>Progress Made, but CBP Faces Challenges Implementing a Biometric Capability to Track Air Passengers Departures Nationwide 		2018
OIG-18-79 In December 2014, OIG previously reported on the effectiveness and cost of the UAS program.2 Our report disclosed CBP had not developed performance measures needed to accurately assess program effectiveness and make informed decisions. CBP also did not recognize all UAS operating costs and, as such, the Congress and public may be unaware of the amount of resources invested in the program. This audit determined that CBP has not ensured effective safeguards for surveillance information, such as images and video, collected on and transmitted from its UAS. Without a privacy assessment, CBP could not determine whether ISR Systems contained data requiring safeguards per privacy laws, regulations, and DHS policy. CBP’s failure to implement adequate security controls according to Federal and DHS policy could result in potential loss of confidentiality, integrity, and availability of ISR Systems and its operations.

>CBP Has Not Ensured Safeguards for Data Collected Using Unmanned Aircraft Systems 		2018
OIG-18-75 Collectively, our FY 2017 work shows that FEMA continues to face systemic problems and operational challenges, as the variety of findings summarized in this report illustrates In FY 2017, FEMA did not manage disaster relief grants and funds adequately and did not hold grant recipients accountable for properly managing disaster relief funds. We continue to identify problems such as improper contract costs, and ineligible and unsupported expenditures.

In FY 2017, we identified $2.08 billion in questioned costs, which represents 96 percent of the $2.16 billion audited.2 We issued 37 reports concerning FEMA grants, programs, and operations funded by the DRF. Specifically, we conducted 16 grant audits, 13 proactive audits, and 8 program audits. In the last 9 fiscal years, we audited grant funds totaling $13.75 billion and reported potential monetary benefits of $6.55 billion.

>Summary and Key Findings of Fiscal Year 2017 FEMA Disaster Grant and Program Audits 		2018
OIG-18-76 We determined that, from fiscal years 2010 to 2017, the number of assaults against CBP law enforcement officers decreased from 1,089 to 856. During the same time period, assaults of ICE law enforcement officers remained the same at 48. However, the data does not show a clear trend over that time period and the number of assaults varied widely from year to year. Our analysis also shows that, for a number of reasons, the data is unreliable and does not accurately reflect whether assaults have increased or decreased.

>Assaults on CBP and ICE Law Enforcement Officers 		2018
OIG-18-74 FEMA needs to continue providing technical assistance to and monitoring of California’s Public Assistance grant funding management.  This helps avoid the risk of exposing millions of taxpayer dollars to fraud, waste, or mismanagement and violating the Robert T. Stafford Disaster Relief and Emergency Assistance Act. In doing so, FEMA can assist California in providing reasonable, but not absolute assurance that Public Assistance subgrant funds are spent in accordance with Federal regulations and FEMA guidelines.

>Special Report: Lessons Learned from Previous Audit Reports Related to California's Practice of Managing Public Assistance Grant Funds 		2018
OIG-18-73 Not all forms DHS and its components use to create NDAs include the required WPEA statement. Further, although many of the settlement agreement templates and settlement agreements in the sample we reviewed included provisions that might restrict or prevent disclosure of information, nearly three-fourths of these documents did not contain the WPEA statement. Omitting the statement in NDAs and personnel settlement agreements could lead to confusion about what information may be disclosed to permissible recipients, which could deter reporting of fraud, waste, or abuse and impede DHS Office of Inspector General (OIG) activities.

>DHS' Non-disclosure Forms and Settlement Agreements Do Not Always Include the Required Statement from the Whistleblower Protection Enhancement Act of 2012 		2018
OIG-18-72 DHS did not comply with IPERA because it did not meet one of the six IPERA requirements. Specifically, DHS did not meet its annual reduction targets for 2 of 14 programs. Additionally, we determined that DHS did not provide adequate oversight of the component’s improper testing and reporting.

>Department of Homeland Security's FY 2017 Compliance with the Improper Payments Elimination and Recovery Act of 2010 		2018
OIG-18-71 We found that FEMA overpaid its employees because it mistakenly believed the Department’s payroll provider had an automated control to prevent payments over the annual cap, and because it did not follow its own premium pay policy. We also found that FEMA has no effective policy or practice to determine the Fair Labor Standards Act status of FEMA employees during disaster deployments, which also contributed to this issue. Since discovering the overpayments, FEMA has been working to calculate how many people were overpaid, but it cannot finish that analysis until it addresses a number of outstanding questions.

>FEMA Paid Employees Over the Annual Premium Pay Cap 		2018
OIG-18-68 Although CBP had controls over its polygraph examination process, a key control over its review and approval process was not always operating as intended. Specifically, the polygraph quality control program may not have always conducted independent and objective reviews (blind reviews) of polygraph examination results, as required. We also determined that 96 percent of the complaints we reviewed were unfounded or ambiguous. Nevertheless, CBP did not have a formal complaint review process, which led to inconsistent and subjective reviews. This approach risks not finding or properly addressing issues contained in the complaints.

>Most Complaints about CBP's Polygraph Program Are Ambiguous or Unfounded 		2018
OIG-18-70 Despite dedicating approximately $272 million to ground-based activities, including VIPR operations, FAMS could not demonstrate how these activities contributed to TSA’s mission. Visible Intermodal Prevention and Response (VIPR) operations, in which VIPR teams collaborate with local law enforcement to augment security at transportation hubs through an increased visible deterrent force.

FAMS could not demonstrate how these activities contributed to TSA’s mission. During our assessment of FAMS’ contributions to TSA’s layered approach to security, we determined that FAMS lacked performance measures for the 24 strategic initiatives and most ground-based activities outlined in its strategic plan. Additionally, FAMS’ VIPR operations performance measures fail to determine the program’s effectiveness. FAMS could not provide a budget breakout by division or operational area.

>FAMS Needs to Demonstrate How Ground-Based Assignments Contribute to TSA's Mission 		2018
OIG-18-69 Since FY 2014, DHS improved conference spending reporting and implemented policies and procedures to ensure proper oversight and accurate and timely reporting. However, we found instances where DHS did not comply with annual conference reporting requirements. The Department failed to report two conferences costing more than $100,000 each. The Department also did not always report all hosted conferences costing more than $20,000 to OIG within 15 days of the conclusion of each conference. In addition, the Department did not always properly record actual costs accurately and within 45 days of the conclusion of each conference. Although DHS did not always comply with reporting requirements, in most cases, its FY 2016 conference expenses appeared appropriate, reasonable, and necessary.

>Audit of Department of Homeland Security's Fiscal Year 2016 Conference Spending 		2018
OIG-18-67 Neither type of inspection ICE uses to examine detention facilities ensures consistent compliance with detention standards or comprehensive correction of identified deficiencies. Specifically, because the Nakamoto inspection scope is too broad, ICE’s guidance on procedures is unclear, and Nakamoto’s inspection practices are not consistently thorough, its inspections do not fully examine actual conditions or identify all compliance deficiencies. In contrast, ODO uses effective methods and processes to thoroughly inspect facilities and identify deficiencies, but the inspections are too infrequent to ensure the facilities implement all corrections. Moreover, ICE does not adequately follow up on identified deficiencies or systematically hold facilities accountable for correcting deficiencies, which further diminishes the usefulness of both Nakamoto and ODO inspections.

>ICE's Inspections and Monitoring of Detention Facilities Do Not Lead to Sustained Compliance or Systemic Improvements 		2018
OIG-18-66 In July 2017, FEMA reported that it awarded 252 projects under the PA alternative procedures pilot program valued at $11.9 billion, with just 26 of those projects (10.32 percent) closed. During our fieldwork, we gained access to FEMA’s grant management system of record and reviewed supporting documentation for the project worksheets in our scope to determine if FEMA followed its criteria when validating cost estimates. However, FEMA did not sufficiently document actions that it took to validate subrecipient cost estimates to ensure costs are reasonable. Of the three obligated projects we reviewed during our fieldwork, we did not find evidence that FEMA completed the required steps identified to validate the reasonableness of subrecipient cost estimates.

>Sandy Recovery Improvement Act Review 		2018
OIG-18-65 Between January 2016 and April 2017, DHS OIG received dozens of allegations regarding a variety of issues at the FLETC facility in Glynco, Georgia. Following extensive investigation, DHS OIG determined that many of the allegations could not be substantiated. However, with respect to certain other allegations, DHS OIG’s findings indicate that some of FLETC’s senior managers, including former Director Connie Patrick, failed to exercise the judgment, stewardship, and leadership expected of DHS senior officials. This report focuses on two specific allegations that exemplify the broader issues uncovered by DHS OIG’s investigation. Many of the allegations DHS OIG received regarding FLETC related to the official travel of the former FLETC Director, Connie Patrick. Patrick served as the Director of FLETC from 2002 until her retirement in June 2017. During this time, she frequently traveled domestically and internationally on FLETC-related business. DHS OIG conducted an extensive review of Patrick’s travel for the period January 15, 2014 through June 23, 2016 to identify any instances of impropriety. In addition to multiple complaints about Patrick’s alleged noncompliance with federal, DHS, and FLETC travel rules and regulations, DHS OIG received complaints alleging that Patrick pressured FLETC managers to hire her husband, John Patrick (JP), for a term position within the FLETC Law Enforcement Leadership Institute (LELI). DHS OIG’s investigation determined that JP was hired to a term position with LELI on January 3, 2010 and completed the term on September 11, 2011 — all during Patrick’s tenure as Director of FLETC

>Special Report - Certain Findings Relating to the OIG's Investigation of Allegations Involving FLETC Senior Officials 		2018
OIG-18-64 The County estimated that it had sustained $2.7 million in damages from severe storms and flooding in February 2017. We conducted the audit early in the grant process to identify areas in which the County may need additional technical assistance and monitoring to ensure compliance with Federal requirements. DHS OIG found that the County does not have adequate procurement policies, procedures, and business practices that comply fully with all Federal standards for its planned procurements, totaling approximately $500,000. At the time of our fieldwork, FEMA had not completed project worksheets to define the scope of disaster work. At this early stage in the grant process, Utah needs to provide the County with additional technical assistance and increased monitoring. Doing so should provide FEMA reasonable, but not absolute, assurance that the County will spend the $2.7 million in total estimated disaster-related costs according to Federal requirements.

>Cache County, Utah, Needs Additional Assistance and Monitoring to Ensure Proper Management of Its FEMA Grant 		2018
OIG-18-63 The Diamondhead Water and Sewer District (District), received a Federal Emergency Management Agency (FEMA) grant award of $49.3 million from the Mississippi Emergency Management Agency (Mississippi) for damage resulting from Hurricane Katrina in 2005. We had concerns because it took the District about 10 years to break ground on its new wastewater treatment plant. We also wanted to determine whether FEMA accurately applied its “50 Percent Rule.” we identified $1.5 million of improper procurement, unsupported costs, duplicate insurance benefits, and uncompleted project costs that FEMA should disallow to the District. These problems were largely the result of Mississippi not fulfilling its grantee responsibility to ensure the District properly managed FEMA funds. Mississippi is responsible for monitoring subgrant activities, and is compensated with Federal funds to support subgrant management and oversight. It is FEMA’s responsibility to hold Mississippi accountable for proper grant administration.

>FEMA Should Recover $20.4 Million in Grant Funds Awarded to Diamondhead Water and Sewer District, Mississippi 		2018
OIG-18-62 The Victor Valley Wastewater Reclamation Authority, through its main engineering contractor (Contractor C), presented incorrect data and misinformed FEMA in obtaining a Federal grant of more than $33 million for its pipeline replacement and relocation project. Authority officials wanted to move the pipeline outside of the Mojave Riverbed, but noted the high cost to do so. Authority officials knew that replacing and relocating the pipeline was the most expensive repair option, as their Contractors A and C informed them. However, through Contractor C, Authority officials repeatedly provided FEMA incorrect data that made Alternative 2 appear to be the least expensive. Based on the incorrect information Authority officials provided, FEMA funded $11 million for the replacement and relocation project in 2013 and an additional $22 million in 2014, a total of $33 million. We question the entire $33 million as ineligible because the Authority did not comply with Federal regulations, and FEMA policies and procedures, in preparing cost estimates for FEMA.

>Victor Valley Wastewater Reclamation Authority, California, Provided FEMA Incorrect Information for Its $33 Million Project 		2018
OIG-18-61 We conducted a verification review to determine the adequacy, effectiveness, and timeliness of USCIS' corrective actions to address the seven report recommendations in Better Safeguards Are Needed in USCIS Green Card Issuance, OIG-17-11, November 16, 2016. At the time of our audit fieldwork in spring 2016, USCIS’ efforts to address the errors were inadequate. USCIS conducted a number of efforts to recover the inappropriately issued cards; however, these efforts also were not fully successful. At the time of our audit fieldwork in spring 2016, USCIS’ efforts to address the errors were inadequate. USCIS conducted a number of efforts to recover the inappropriately issued cards; however, these efforts also were not fully successful.

>Verification Review: Better Safeguards Are Needed in USCIS Green Card Issuance (OIG-17-11) 		2018
OIG-18-60 At the time of our audit, Federal Emergency Management Agency (FEMA) estimated that the City of Waterloo, Iowa (City), sustained approximately $1.9 million in damages from severe storms and flooding from September 21 through October 3, 2016. The City did not provide all requested information and explanations necessary to perform our review; therefore, we were unable to assess whether the City’s policies, procedures, and business practices were adequate to account for FEMA Public Assistance grant funds properly. The City’s failure to cooperate with a Federal audit put approximately $1.9 million dollars in potential FEMA grant funding at risk of being deobligated or not funded.

>The City of Waterloo, Iowa Jeopardizes $1.9 Million in Estimated FEMA Grant Funding 		2018
OIG-18-59 Pursuant to the Federal Information Security Modernization Act of 2014, we reviewed the Department’s security program, including its policies, procedures, and system security controls for the enterprise-wide intelligence system. Since our FY 2016 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of the department-wide intelligence system and has implemented programs to monitor ongoing security practices. In addition, the United States Coast Guard is in the process of migrating its intelligence users to a system that is jointly managed by the Defense Intelligence Agency and the National Geospatial Agency.

>Fiscal Year 2017 Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems 		2018
OIG-18-58 "U.S. Citizenship and Immigration Services (USCIS) adjudicates applications for immigration benefits, including applications for permanent resident cards, also known as green cards. In response to congressional concerns, we examined green card application processing times, as well as why processing times vary among USCIS field offices. USCIS regularly posts information on its website about the time it takes field offices to adjudicate green card applications (processing time). Yet, the information is unclear and not helpful to USCIS’ customers because it does not reflect the actual amount of time it takes field offices, on average, to complete green card applications.

>USCIS Has Unclear Website Information and Unrealistic Time Goals for Adjudicating Green Card Applications 		2018
OIG-18-57 The Government Charge Card Abuse Prevention Act of 2012 (Charge Card Act) requires the Office of Inspector General to conduct an annual risk assessment and periodic audits on agency charge card programs. We conducted this audit to determine whether the Department of Homeland Security implemented internal controls to prevent illegal, improper, and erroneous purchases and payments. During fiscal year 2016, DHS reported spending approximately $1.2 billion in purchase, travel, and fleet card transactions. Although the Department has established internal controls for its charge card programs, the components we reviewed did not always follow DHS’ procedures. Our testing results of purchase, travel, and fleet card transactions revealed internal control weaknesses. Specifically, we found major internal control weaknesses that persisted at the United States Coast Guard and some control weaknesses within CBP’s Fleet Card Program.

>Fiscal Year 2016 Audit of the DHS Bankcard Program Indicates Moderate Risk Remains 		2018
OIG-18-56 We reviewed DHS’ information security program in accordance with the Federal Information Security Modernization Act of 2014 (FISMA). Our objective was to determine whether DHS’ information security program and practices were adequate and effective in protecting the information and information systems that supported DHS’ operations and assets in fiscal year 2017.

>Evaluation of DHS' Information Security Program for Fiscal Year 2017 		2018
OIG-18-55 Department of Homeland Security (DHS) Under Secretary for Intelligence and Analysis (USIA) David J. Glawe used a personal email account to send an invitation to his ceremonial swearing-in event to staff members of the United States Senate Committee on Homeland Security and Governmental Affairs. Because the invitation came from a non-DHS email account and resembled a phishing email, Senator Claire McCaskill asked the DHS Office of Inspector General to review the circumstances surrounding the invitation

>Special Review: Swearing-In Ceremony of David J. Glawe, DHS Under Secretary for Intelligence and Analysis 		2018
OIG-18-54 In November 2015, we reported that the Federal Emergency Management Agency’s (FEMA) information technology (IT) management approach did not adequately address technology planning, governance, and system support challenges to effectively support its mission. We issued five recommendations to the FEMA Chief Information Officer (CIO) aimed at improving the agency’s management of IT.1 Specifically, we recommended the CIO finalize key planning documents related to IT modernization; execute against those planning documents; fully implement an IT governance board; improve integration and functionality of existing systems; and implement agency-wide acquisition, development, and operation and maintenance standards.

 

>Management Alert - Inadequate FEMA Progress in Addressing Open Recommendations from our 2015 Report, "FEMA Faces Challenges in Managing Information Technology" (OIG-16-10) 		2018
OIG-18-53 U.S. Senator Claire McCaskill asked us to review ICE’s modification of its intergovernmental service agreement (IGSA) with the City of Eloy in Arizona to procure family detention space in Dilley, Texas. We also reviewed other selected IGSAs to determine whether they complied with applicable laws and regulations. (ICE) is responsible for the detention of removable aliens. ICE commonly uses a type of agreement called an IGSA to reserve space at detention facilities owned or operated by state or local governments. In September 2014, ICE improperly modified an existing IGSA with the City of Eloy (Eloy) in Arizona to establish the 2,400-bed South Texas Family Residential Center in Dilley, Texas, more than 900 miles away. Although ICE could have contracted directly with the private company that operates the South Texas Family Residential Center, CCA, it instead created an unnecessary “middleman” by modifying its existing IGSA with Eloy. Eloy’s sole function under the modification is to act as the middleman between ICE and CCA; Eloy collects about $438,000 in annual fees for this service.

>Immigration and Customs Enforcement Did Not Follow Federal Procurement Guidelines When Contracting for Detention Services 		2018
OIG-18-52 In light of the heightened public and congressional interest in the misuse of government-owned, government-leased, and chartered aircraft, the Department of Homeland Security (DHS) Office of Inspector General (OIG) conducted a special review of the use of government aircraft by the heads of the Department and several of DHS’s operational components. DHS OIG’s review also included a review of other-than-coach-class travel by this same group of senior officials. We determined that each instance of the use of government aircraft by DHS’s senior leaders during the time period of our review generally complied with relevant laws, rules, regulations, policies, and guidance.

With respect to DHS senior leaders’ other-than-coach-class (OTCC) commercial air travel over the same time period, we determined that such travel generally qualified as allowable premium travel. We could not definitively determine, however, whether one trip taken by a former Deputy Secretary met all of the Department’s criteria for allowable OTCC travel. We also identified two specific instances of non-compliance with the Department’s internal request and approval processes for such travel; however, the related travel was properly justified, and the process deviations were quickly identified and corrected by the Department.

>Special Review: DHS Executive Travel Review 		2018

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page