Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Sort ascending Fiscal Year
OIG-20-70 Management Alert - CBP Needs to Award A Medical Services Contract Quickly to Ensure No Gap in Services 2020
OIG-20-67 During our unannounced inspections of five U.S. Customs and Border Protection (CBP) facilities in the Laredo and San Antonio areas of Texas in February 2020, three Border Patrol stations and two Office of Field Operation ports of entry we visited appeared to be operating in compliance with the Transport, Escort, Detention, and Search (TEDS) standards we evaluated. We verified accessibility to water, food, toilets, sinks, basic hygiene supplies, and bedding. We observed clean facilities and verified that temperatures and ventilation in holding rooms were appropriate. Of the five facilities we visited, only one could provide on-site showers to detainees, but during our visits, no detainees were approaching the detention time threshold where a shower would be required. Because Border Patrol leadership directed all Border Patrol stations to implement Phase 2 of the enhanced medical screening ahead of the prescribed schedule outlined in CBP Directive 2100-004, the Border Patrol stations we visited were conducting alien intake health assessments using CBP Form 2500. These Ports of Entry had implemented Phase 1, but were not yet required to conduct Phase 2 assessments at the time of our inspection. We did not make any recommendations in this report.

>Five Laredo and San Antonio Area CBP Facilities Generally Complied with the National Standards on Transport, Escort, Detention, and Search
2020
OIG-20-66 DHS components used inconsistent processes for administrative forfeitures under the Civil Asset Forfeiture Reform Act of 2000 (CAFRA).  Specifically, we found inconsistencies among DHS components regarding the forms used to notify property owners and the process for responding to claims.  Further, CBP inappropriately used waivers to extend deadlines for responding to claims.  We recommended DHS implement a department-wide structure to oversee component forfeiture activities across DHS by designating an office at headquarters for this role.  Additionally, DHS should develop Department-wide policies and procedures, as well as review component policies, to ensure forfeiture processes and practices are consistent.  We made two recommendations to improve oversight across DHS and provide consistent processes for handling administrative forfeitures.  DHS concurred with recommendation two, which we consider resolved and open, but did not concur with recommendation one, which is unresolved and open.

>DHS Inconsistently Implemented Administrative Forfeiture Authorities Under CAFRA
2020
OIG-20-64 We determined CBP’s use of tear gas on these dates, in response to physical threats, appeared to be within CBP’s use of force policy.  However, U.S. Border Patrol obtained an acoustic device and used it in an “alert tone” mode on November 25, 2018, which did not conform to CBP’s Use of Force policy because Border Patrol did not get advance authorization to have a device with this capability.  CBP’s Use of Force policy would have permitted use of the alert tone in a manner reasonable and necessary for self-defense or the defense of another person in threatening, emergent situations.  However, the policy does not authorize the carrying of any weapon for duty use that is not authorized, included on the Authorized Equipment List, or specifically approved by the LESC director.  Using the acoustic device in alert mode may increase the risk of temporary or permanent hearing loss to those exposed to the sound and thereby increase the Government’s liability.  CBP’s own internal investigation of the November 25, 2018 incident regarding the acoustic device was incomplete and inaccurate and did not provide all the information CBP needed to determine whether the CBP officer and Border Patrol agents involved had complied with the use of force policy.  In addition, not all Border Patrol agents had the required training and certification to carry less-lethal devices.  This occurred because Border Patrol lacked internal controls to ensure agents had fulfilled these requirements.  Border Patrol agents using less-lethal devices for which they are not certified could result in unintended serious injury or death, increasing the Government’s liability.  We made four recommendations to CBP to ensure compliance with its Use of Force policy and improve its investigative process.  CBP concurred with all four recommendations.

>U.S. Customs and Border Protection Compliance with Use of Force Policy for Incidents on November 25, 2018 and January 1, 2019 - Law Enforcement Sensitive
2020
OIG-20-65 We determined that children brought to Port Isabel on July 15, 2018, waited extended periods, and in many cases overnight, to be reunited with their parents.  U.S. Immigration and Customs Enforcement (ICE) was not prepared to promptly reunify all children who arrived at Port Isabel on the first day of attempted mass reunifications.  ICE and U.S. Health and Human Services had fundamentally different understandings about the timing and pace of reunifications, and ICE personnel at Port Isabel underestimated the resources necessary to promptly out-process the parents of arriving children.  As a result, some children waited in vehicles at Port Isabel, while others waited in unused detention cells, though all children were in climate-controlled environments and had continuous access to food, water, and restrooms.  As the mass reunifications continued, ICE personnel responded to processing and space issues, which generally resulted in shorter wait times for children who arrived at Port Isabel closer to the court’s July 26, 2018 deadline.  The report contains no recommendations.

>Children Waited for Extended Periods in Vehicles to Be Reunified with Their Parents at ICE's Port Isabel Detention Center in July 2018
2020
OIG-20-62 Since 2017, DHS has continued to make progress in meeting its Digital Accountability and Transparency Act of 2014 (DATA Act) reporting requirements, but challenges remain.  To enable more effective tracking of Federal spending, DHS must continue to take action to accurately align its budgetary data with the President’s budget, reduce award misalignments across DATA Act files, improve the timeliness of financial assistance reporting, implement and use government-wide data standards, and address risks to data quality.  Without these actions, DHS will continue to experience challenges in meeting its goal of achieving the highest possible data quality for submission to USAspending.gov.  We made five recommendations to help strengthen DHS’ controls for ensuring complete, accurate, and timely spending data.  The Department concurred with all five recommendations. 

>DHS Has Made Progress in Meeting DATA Act Requirements, But Challenges Remain
2020
OIG-20-59 determined ICE’s Homeland Security Investigations (HSI) is effectively contributing to the Federal Bureau of Investigation’s (FBI) Joint Terrorism Task Force (JTTF) counterterrorism efforts by leveraging its authorities, experience, skills, and staffing.  However, existing agreements and guidance on HSI’s participation in the JTTF and its terrorism financing investigations are outdated.  Additionally, we determined existing agreements and policy impose restrictions that delay and hinder sharing and access to information in the JTTF.  We recommended DHS JTTF contributors evaluate and update agreements governing JTTF participation as needed.  HSI should renegotiate and update the 2003 agreement on terrorism financing, as well as update its related guidance accordingly.  We also recommended DHS coordinate with Department of Justice and Department of State, as well as within the DHS, to develop agreements to allow for the more direct sharing of critical investigative information.  We made five recommendations that aim to improve counterterrorism efforts and information sharing.  DHS concurred with two recommendations and non-concurred with three.

>HSI Effectively Contributes to the FBI’s Joint Terrorism Task Force, But Partnering Agreements Could Be Improved (REDACTED)
2020
OIG-20-60 The Federal Emergency Management Agency’s (FEMA) Individuals and Households Program (IHP) has no assurance of applicants’ eligibility for Small Business Administration (SBA) Dependent Other Needs Assistance (ONA) payments.  According to OMB Circular A-123, Appendix C, when documentation or verification is non-existent to support eligibility payment decisions it must be considered improper.  FEMA did not collect sufficient income and dependent documentation or verify self-reported information to determine whether applicants below the income threshold, known as Failed Income Test (FIT), were eligible for SBA Dependent ONA payments.  FEMA believed requiring documentation or verification would delay the disbursement of assistance and relied on an honor system to make eligibility and payment decisions.  We determined, according to FEMA-provided data, it has paid, and we are questioning, the more than $3.3 billion in improper payments to applicants deemed as FIT for SBA Dependent ONA since 2003.  Additionally, FEMA has not evaluated the program risk associated with not collecting or verifying income information.  Per Federal requirements, agencies must conduct risk assessments to determine whether programs are susceptible to improper payments.  Rather, FEMA assessed IHP at the overall program level and did not specifically evaluate each IHP form of assistance, such as SBA Dependent ONA.  These weaknesses have allowed applicants self-certifying income and dependent information to receive less oversight, despite posing the greatest risk for improper payments.  FEMA cannot assure Congress and taxpayers it is a prudent steward of Federal resources, and adequately assesses the risks of improper payments.  FEMA did not concur with all three report recommendations.  Therefore, these recommendations are considered unresolved and open.

>FEMA Has Paid Billions in Improper Payments for SBA Dependent Other Needs Assistance since 2003
2020
OIG-20-44 We identified debris removal contract performance issues and concerns.  In the report, we discuss our observations regarding the use of pre-disaster debris removal contracts in Florida following Hurricane Irma.  We also emphasize how FEMA can benefit from implementing effective controls to track systemic issues after a disaster and ensure FEMA follows procedures for uploading required documentation to support debris removal costs for proper grant management.  The report contains no recommendations.

>Pre-Disaster Debris Removal Contracts in Florida
2020
OIG-20-61 The DHS Chief Information Officer (CIO) and most component CIOs had conducted strategic planning efforts to help prioritize legacy Information Technology (IT) systems and infrastructure to better accomplish mission goals.  However, due to a lack of standard guidance and funding, not all components have complied with or fully embraced Department-wide IT modernization initiatives to adopt cloud-based computing, and to consolidate data centers.  Meanwhile, DHS continues to rely on deficient and outdated IT systems to perform mission-critical operations.  Additionally, DHS has not yet leveraged the Modernizing Government Technology Act mandate to accelerate ongoing IT modernization efforts, as DHS and its components questioned whether the benefits of the Act outweighed the additional effort needed to use the resources provided under the Act.  Until DHS addresses these issues, it will continue to face significant challenges to accomplish mission operations efficiently and effectively.  We made three recommendations for the DHS OCIO to develop guidance for implementing cloud technology and migrating legacy IT systems to the cloud, coordinate with components to develop and finalize a data center migration approach, and establish a process to assign risk ratings for major legacy IT investments.  The Department concurred with all three recommendations.

>Progress and Challenges in Modernizing DHS' IT Systems and Infrastructure
2020
OIG-20-58 The Federal Emergency Management Agency did not properly award or oversee its contract with Corporate Lodging Consultants (CLC) to administer disaster survivors’ hotel stays.  These deficiencies occurred because FEMA officials did not ensure staff responsible for the Transitional Sheltering Assistance (TSA) contract award and oversight had the guidance and training they needed to be effective.  As a result, FEMA released personally identifiable information for about 2.3 million disaster survivors, increasing the survivors’ risk to identity theft.  We made six recommendations that when implemented should strengthen FEMA contracting and compliance with Federal Acquisition Regulations and DHS requirements.  FEMA concurred with all six of our recommendations.

>FEMA Did Not Properly Award and Oversee the Transitional Sheltering Assistance Contract
2020
OIG-20-55 U.S. Customs and Border Protection (CBP) does not comprehensively plan and conduct its covert testing, use test results to address vulnerability, or widely share lessons learned.  CBP’s two covert testing groups do not use risk assessments or intelligence to plan and conduct covert tests at ports of entry and U.S. Border Patrol checkpoints, do not plan coordinated tests, and do not design system-wide tests.  This occurred because CBP has not provided adequate guidance on risk- and intelligence-based test planning, directed the groups to coordinate, given them the required authority, or established performance goals and measures for covert testing.  Following testing, CBP does not widely share covert test results, consistently make recommendations, or ensure corrective actions are taken.  Results are not widely shared because CBP has not defined roles and responsibilities for such sharing.  Covert testing groups do not make recommendations or ensure corrective actions are implemented due to insufficient authority and policies directing these actions.  Finally, CBP does not effectively manage covert testing groups to ensure data reliability, completeness, and compliance with security requirements due to leadership changes and limited staff.  Without comprehensive planning, incorporating lessons learned from test results, and program management accountability, CBP cannot ensure it addresses vulnerabilities, which may be exploited and threaten national security.  We recommended CBP develop policies and procedures for conducting covert testing and assign roles and responsibilities for oversight of covert testing groups.  We made seven recommendations that will strengthen its covert testing program.  CBP concurred with all seven recommendations.

>CBP Needs a Comprehensive Process for Conducting Covert Testing and Resolving Vulnerabilities - (REDACTED)
2020
OIG-20-57 The Puerto Rico Electric Power Authority (PREPA) complied with Federal procurement requirements for its noncompetitive procurement of the Whitefish contract.  However, the contract costs may not have complied with Federal cost principles that costs must be reasonable to be eligible for Federal awards.  PREPA’s oversight of the Cobra contract did not comply with PA program guidelines.  Finally, FEMA’s Public Assistance grant to PREPA for the Cobra contract did not fully comply with PA program guidelines.  We made two recommendations for FEMA to provide technical assistance to Puerto Rico to ensure compliance with Federal regulations and PA program guidelines.  We made two other recommendations for FEMA to develop guidance to verify its subrecipients’ oversight of time and material contracts and determine the reasonableness and eligibility of time and material contract costs.  FEMA concurred with three of the recommendations and did not concur with one recommendation.

>FEMA's Public Assistance Grant to PREPA and PREPA's Contracts with Whitefish and Cobra Did Not Fully Comply with Federal Laws and Program Guidelines
2020
OIG-20-56 DHS generally met deadlines for responding to simple Freedom of Information Act (FOIA) requests, it did not do so for most complex requests.  A significant increase in requests received, coupled with resource constraints, limited DHS’ ability to meet production timelines under FOIA, creating a litigation risk for the Department.  Additionally, DHS has not always fully documented its search efforts, making it difficult for the Department to defend the reasonableness of the searches undertaken.  With respect to responding to congressional requests, we determined DHS has established a timeliness goal of 15 business days or less; however, on average, it took DHS nearly twice as long to provide substantive responses to Congress, with some requests going unanswered for up to 450 business days.  Further, DHS redacted personal information in its responses to congressional committee chairs even when disclosure of the information was statutorily permissible.  This was a descriptive report and contained no recommendations.  In its response, DHS acknowledged FOIA backlogs remain a problem, despite increasing requests processed.  DHS stated its process responding to congressional requests varies greatly and that its redactions are appropriate.

>DHS' Process for Responding to FOIA and Congressional Requests
2020
OIG-20-50 We contracted this audit with Cotton & Company LLP, which found that FEMA did not ensure the Florida Department of Emergency Management (FDEM) monitored the Polk County School Board (PCSB) to ensure it established and implemented policies, procedures, and practices to account for and expend PA grant funding in accordance with Federal regulations and FEMA guidance.  For example, PCSB was unable to support $46,168 in food spoilage costs; requested and received funding through a Florida Public Assistance grant for ineligible contract costs incurred under Project 2658 for debris removal and related costs; and charged $897 in unallowable costs associated with ineligible fringe benefits for substitute employees.  We made 13 recommendations that, when implemented, should improve PCSB’s management of FEMA Public Assistance funds.  FEMA concurred with our 13 recommendations.

>Early Warning Audit of FEMA Public Assistance Grants to Polk County School Board, Florida
2020
OIG-20-54 U.S. Immigrations and Customs Enforcement (ICE) does not follow its written policy when conducting disciplinary reviews of Senior Executive Employees (SES) employees, which risks creating an appearance that SES employees receive more favorable treatment than non-SES employees.  We reviewed the disciplinary proceedings of the former SES official to evaluate whether ICE’s deviation from the written policy, or any other evidence, in that case indicated that the official received favorable treatment, as alleged.  We did not find evidence of actual favoritism or inappropriate influence in the official’s disciplinary or security clearance review processes.  We recommended that ICE finalize and issue its draft policy documenting the process for disciplining SES members.  We made one recommendation that will enhance transparency in ICE’s disciplinary program.  ICE concurred with our recommendation and took action to resolve and close it.

>Special Report - ICE Should Document Its Process for Adjudicating Disciplinary Matters Involving Senior Executive Service Employees
2020
OIG-20-51 We contracted this audit with Cotton & Company LLP, which found that FEMA did not ensure Monroe County, Florida (the County) established and implemented policies, procedures, and practices to ensure it accounted for and expended Public Assistance program grant funds awarded to disaster areas in accordance with Federal regulations and FEMA guidance.  Specifically, the County did not allocate anticipated and actual insurance proceeds totaling $5 million to reduce FEMA’s share of disaster costs; charged $265,928 for ineligible stand-by time and other ineligible expenses; and requested $84,681 in unsupported and ineligible costs for multiple tasks including clearing emergency access and costs related to flooding.  Additionally, the County overstated $34,378 in force account labor costs that were unreasonable and therefore ineligible for grant funding; overpaid a debris removal contractor, resulting in $2,403 in ineligible costs; and charged $1,080 to PW 1512 for security costs that were unsupported and are therefore ineligible for grant funding. We made 18 recommendations that that, when implemented, should improve Monroe County, Florida’s management of FEMA Public Assistance funds.  FEMA concurred with our 18 recommendations.

>Early Warning Audit of FEMA Public Assistance Grants in Monroe County, Florida
2020
OIG-20-53 According to the Securing Our Agriculture and Food Act (SAFA), the program should provide oversight, lead policy initiatives, and coordinate with DHS components and Federal agencies.  However, the Countering Weapons of Mass Destruction Office (CWMD) has not yet carried out a program to meet SAFA’s requirements.  This occurred because CWMD believes it does not have clearly defined authority from the Secretary to carry out the requirements of the SAFA.  In addition, since its establishment in December 2017, CWMD has not prioritized SAFA requirements but instead has focused its resources on other mission areas.  As a result, CWMD has limited awareness of DHS’ ongoing efforts and cannot ensure it is adequately prepared to respond to a terrorist attack against the Nation’s food, agriculture, or veterinary systems.  We made three recommendations to DHS’ CWMD to improve oversight, policy initiatives, and coordination of the Department’s efforts to protect the Nation’s food, agriculture, and veterinary systems. 

>DHS Is Not Coordinating the Department's Efforts to Defend the Nation's Food, Agriculture, and Veterinary Systems against Terrorism
2020
OIG-20-47 Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems for Fiscal Year 2019 2020
OIG-20-48 We contracted this audit with Cotton & Company LLP, which found that FEMA did not ensure Lee County, Florida (the County) established and implemented policies, procedures, and practices to ensure it accounted for and expended PA program grant funds awarded to disaster areas in accordance with Federal regulations and FEMA guidance.  Specifically, the County requested FEMA funding for $994,425 in unsupported force account labor, equipment, and materials; was unable to provide supporting documentation for $16,210 in costs incurred to operate an emergency shelter; did not maintain adequate documentation to support $267,452 in costs incurred for road repair services; did not include all required provisions in its contracts to obtain disaster recovery services related to Hurricane Irma; and had not evaluated the risk of subrecipients’ noncompliance with Federal requirements, obtained subrecipient audit reports, or developed plans for monitoring subrecipients.  We made nine recommendations that, when implemented, should improve Lee County, Florida’s management of FEMA Public Assistance funds.  FEMA concurred with all nine recommendations.

>Early Warning Audit of FEMA Public Assistance Grants to Lee County, Florida
2020
OIG-20-49 We determined that the city of Houston has adequate policies, procedures, and business practices that comply with Federal procurement regulations and FEMA guidelines to expend FEMA grant funds.  We found Houston may have inappropriately included the $73.8 million cost of Houston First Corporation’s (Houston First) disaster damages in its damage estimate, even though it was not an eligible applicant for them.  We did not examine procurement policies and procedures related to Houston First because the entity was outside the scope of our audit.  During the audit, FEMA acknowledged it would reiterate in writing to the City of Houston the importance of proper oversight for all procurements executed by Houston First.  This report contains no recommendations. 

>Houston, Texas Has Adequate Policies, Procedures, and Business Practices to Manage Its FEMA Grant
2020
OIG-20-52 U.S. Customs and Border Protection has not demonstrated the acquisition capabilities needed to effectively execute the Analyze/Select Phase of the Wall Acquisition Program.  Specifically, CBP did not conduct an Analysis of Alternatives to assess and select the most effective, appropriate, and affordable solutions to obtain operational control of the southern border as directed, but instead relied on prior, outdated border solutions to identify materiel alternatives for meeting its mission requirement.  CBP did not use a sound, well-documented methodology to identify and prioritize investments in areas along the border that would best benefit from physical barriers.  Additionally, the Department did not complete the required plan to execute the strategy to obtain and maintain control of the southern border, as required by its Comprehensive Southern Border Security Study and Strategy.  Without an Analysis of Alternatives, a documented and reliable prioritization process, or a plan, the likelihood that CBP will be able to obtain and maintain complete operational control of the southern border with mission-effective, appropriate, and affordable solutions is diminished.  We made three recommendations to improve CBP’s ongoing investments for obtaining operational control of the southern border.  DHS concurred with recommendation 2 but did not concur with recommendations 1 and 3. 

>CBP Has Not Demonstrated Acquisition Capabilities Needed to Secure the Southern Border
2020
OIG-20-46 We contracted this audit with Cotton & Company LLP, which found FEMA did not ensure Collier County, Florida (the County) established and implemented policies, procedures, and practices to account for and expend Public Assistance (PA) program grant funds awarded in disaster areas in accordance with Federal regulations and FEMA guidance.  Specifically, the County could not provide documentation to support $4,602 in force account costs claimed.  Additionally, the subrecipient monitoring process needs improvement.  The State has not evaluated the risk of subrecipients’ noncompliance with Federal requirements, obtained subrecipient audit reports, or developed plans for monitoring subrecipients.  We made four recommendations that, when implemented, should improve Collier County, Florida’s management of FEMA PA funds.  FEMA concurred with our four recommendations. 

>Early Warning Audit of FEMA Public Assistance Grants to Collier County, Florida
2020
OIG-20-45 We found violations of U.S. Immigration and Customs Enforcement (ICE) detention standards undermining the protection of detainees’ rights and the provision of a safe and healthy environment.  Although the conditions varied among the facilities and not every problem was present at each, our observations, interviews with detainees and staff, and review of documents revealed several common issues.  At three facilities, we found segregation practices infringing on detainee rights.  Detainees at all four facilities had difficulties resolving issues through the grievance and communication systems, including allegations of verbal abuse by staff.  Two facilities had issues with classifying detainees according to their risk levels, which could affect safety.  Lastly, we identified living conditions at three facilities that violate ICE standards.  We recommended the Acting Director of ICE ensure the Enforcement and Removal Operations field offices overseeing the detention facilities covered in the report address identified issues and ensure facility compliance with relevant detention standards.  We made one recommendation that will help ICE ensure compliance with detention standards. ICE concurred with the recommendation.

>Capping Report: Observations of Unannounced Inspections of ICE Facilities in 2019
2020
OIG-20-43 DHS’ capability to counter illicit Unmanned Aircraft Systems (UAS) activity remains limited.  The Office of Strategy, Policy, and Plans did not execute a uniform department-wide approach, which prevented components authorized to conduct counter-UAS operations from expanding their capabilities.  This occurred because the Office of Policy did not obtain funding as directed by the Secretary to expand DHS’ counter-UAS capability.  We made four recommendations to improve the Department’s management and implementation of counter-UAS activities.  The Office of Strategy, Policy, and Plans concurred with all four of our recommendations.      

>DHS Has Limited Capabilities to Counter Illicit Unmanned Aircraft Systems
2020
OIG-20-41 The Federal Emergency Management Agency (FEMA) Missouri, and Joplin Schools did not properly manage and oversee this disaster award.  Specifically, FEMA and Missouri did not provide proper grant management and oversight of Joplin’s subgrant activities.  Joplin Schools disregarded Missouri’s authority as the grantee and did not always comply with Federal requirements and FEMA policies as required.  This occurred because Joplin Schools heavily relied on the advice of its grant management contractor.  As a result of the grant management and oversight issues, Joplin Schools did not follow Federal procurement standards when it awarded $187.3 million in non-exigent disaster-related contracts, including $609,676 in ineligible contractor direct administrative costs.  We provided five recommendations to help improve FEMA and Missouri’s grant oversight and management process.  We also included four recommendations for FEMA to disallow or not fund $187.3 million in ineligible contract costs.  FEMA determined approximately $56 million, the net obligated amount, was eligible for reimbursement.  FEMA concurred with all nine recommendations and completed actions to close recommendations 1 to 4 and 8.  Recommendations 5 to 7 are resolved and open with a target completion date of June 1, 2020. Recommendation 9 is considered unresolved and open

>Inadequate Management and Oversight Jeopardized $187.3 Million in FEMA Grant Funds Expended by Joplin Schools, Missouri
2020
OIG-20-42 We surveyed U.S. Immigration and Customs Enforcement (ICE) detention facilities from April 8-20, 2020 regarding their experiences and challenges managing COVID-19 among detainees in their custody and among their staff.  The facilities that responded to our survey described various actions they have taken to prevent and mitigate the pandemic’s spread among detainees.  These actions include increased cleaning and disinfecting of common areas, and isolating new detainees, when possible, as a precautionary measure.  However, facilities reported concerns with their inability to practice social distancing among detainees, and to isolate or quarantine individuals who may be infected with COVID-19.  Regarding staffing, facilities reported decreases in current staff availability due to COVID-19, but have contingency plans in place to ensure continued operations.  The facilities also expressed concerns with the availability of staff, as well as protective equipment for staff, if there were an outbreak of COVID-19 in the facility.  Overall, almost all facilities stated they were prepared to address COVID-19, but expressed concerns if the pandemic continued to spread.  At the time of our survey, 23 facilities reported having detainees who had tested positive for COVID-19; this number had risen to 48 facilities as of May 11, 2020.

>Early Experiences with COVID-19 at ICE Detention Facilities
2020
Department of Homeland Security Section - Top Challenges Facing Federal Agencies: COVID-19 Emergency Relief and Response Efforts 2020
OIG-20-39 KPMG found FEMA did not always ensure that the Virgin Islands Emergency Management Agency (VITEMA), and Virgin Islands Water and Power Authority (VIWAPA) established and implemented policies, procedures, and practices to account for and expend PA disaster grant funds in accordance with Federal regulations and FEMA guidance.  Specifically: 1) VITEMA did not have policies and procedures to ensure the timely submission of management costs for reimbursement; 2) VIWAPA did not fully ensure contract costs were reasonable and allowable; and 3) Neither VITEMA nor VIWAPA had fully implemented FEMA’s Grants Manager and Grants Portal system.  This occurred because FEMA did not consistently provide adequate oversight.  Because of these deficiencies, there is increased risk the PA program may be mismanaged and funds may be used for unallowable activities.  We made three recommendations that, when implemented, should improve FEMA’s, VITEMA’s, and VIWAPA’s management of FEMA PA funds.  FEMA concurred with all three recommendations. 

>Capacity Audit of FEMA Grant Funds Awarded to the USVI Water and Power Authority
2020
OIG-20-40 Two years since enactment, DHS and its components have mostly complied with SAVE Act requirements.  The SAVE Act requires the Office of the Chief Readiness Support Officer (OCRSO), as delegated by DHS, to collect and review components’ vehicle use data, including their analyses of the data and plans for achieving the right types and sizes of vehicles to meet mission needs.  Most components developed their plans as required.  However, only two of the 12 components we reviewed fully met requirements to analyze and document vehicle use and cost data to help them achieve the right type and size of fleet vehicles to meet their missions.  This occurred because DHS did not require components to include data analyses in their OCRSO-reviewed submissions, as mandated by the SAVE Act.  Had ORSCO thoroughly evaluated component submissions, it would have identified that components did not fully comply with SAVE Act requirements.  DHS concurred with all four recommendations that, when implemented, should improve the Department’s oversight over its vehicle fleets. 

>DHS Has Made Progress in Meeting SAVE Act Requirements But Challenges Remain for Fleet Management
2020
OIG-20-38 During 2019, there was a surge in Southwest Border crossings between ports of entry, resulting in 851,508 Border Patrol apprehensions and contributing to what senior U.S. Customs and Border Protection (CBP) officials described as an “unprecedented border security and humanitarian crisis.”  Our unannounced inspections revealed that, under these challenging circumstances, CBP struggled to meet detention standards.  Specifically, several Border Patrol stations we visited exceeded their maximum capacity.  Although Border Patrol established temporary holding facilities to alleviate overcrowding, it struggled to limit detention to the 72 hours generally permitted, as options for transferring detainees out of CBP custody to long-term facilities were limited.  Also, even after deploying medical professionals to more efficiently provide access to medical care, overcrowding made it difficult for the Border Patrol to manage contagious illnesses.  Finally, in some locations, Border Patrol did not meet certain standards for detainee care, such as offering children access to telephone calls and safeguarding detainee property.  In contrast to Border Patrol, which could not control apprehensions, CBP’s ports of entry could limit detainee access, and generally met applicable detention standards.  Supplementing a May 2019 Management Alert recommendation, we made two additional recommendations regarding access of unaccompanied alien children to telephones and proper handling of detainee property.  CBP concurred with the recommendations.

>Capping Report: CBP Struggled to Provide Adequate Detention Conditions During 2019 Migrant Surge
2020
OIG-20-37 The Cybersecurity and Infrastructure Security Agency (CISA) does not effectively coordinate and share best practices to enhance security across the commercial facilities sector.  Specifically, CISA does not coordinate within DHS on security assessments to prevent potential overlap, does not always ensure completion of required After Action Reports to share best practices with the commercial facilities sector, and does not adequately inform all commercial facility owners and operators of available DHS resources.  This occurred because CISA does not have comprehensive policies and procedures to support its role as the commercial facilities’ Sector-Specific Agency (SSA).  Without such policies and procedures, CISA cannot effectively fulfill its SSA responsibilities and limits its ability to measure the Department’s progress toward accomplishing its sector-specific objectives.  CISA may also be missing opportunities to help commercial facility owners and operators identify threats and mitigate risks, leaving the commercial facilities sector vulnerable to terrorist attacks and physical threats that may cause serious damage and loss of life.  We made three recommendations to improve CISA’s coordination and outreach to safeguard the commercial facilities sector.  CISA concurred with all three recommendations.

>DHS Can Enhance Efforts to Protect Commercial Facilities from Terrorism and Physical Threats
2020
OIG-20-36 We identified 16 allegations of race-based harassment involving cadets between 2013 and 2018 that the Coast Guard Academy (the Academy) was aware of and had sufficient information to investigate and address through internal hate and harassment procedures.  The OIG identified issues in how the Academy addressed 11 of them.  First, in six incidents, the Academy did not thoroughly investigate the allegations, and/or did not discipline cadets when investigations documented violations of cadet regulations or Coast Guard policy.  In two of these instances, cadets committed similar misconduct again.  The Academy also did not fully include civil rights staff as required in six instances (including two of the instances noted previously).  Therefore, civil rights staff could not properly track these incidents to proactively identify trends and offer the Academy assistance.  In addition, in one incident involving a potential hate allegation, the Academy did not follow the Coast Guard process for hate incidents.  Finally, our review determined that race-based harassment is underreported at the Academy for various reasons, including concerns about negative consequences for reporting allegations.  Underreporting is especially concerning because our questionnaire results and interviews indicate harassing behaviors continue at the Academy.  We made five recommendations that will enhance the Academy’s ability to address harassment and hate allegations, including ensuring the Academy consistently investigates allegations, requiring the reasons for disciplinary decisions be documented after race- or ethnicity-based harassment investigations, informing civil rights staff of all misconduct that could reasonably relate to race or ethnicity; and improving training related to preventing and addressing race-based or ethnicity-based harassment or hate incidents.  The Coast Guard concurred with all recommendations

>The U.S. Coast Guard Academy Must Take Additional Steps to Better Address Allegations of Race-Based Harassment and Prevent Such Harassment on Campus
2020
OIG-20-35 U.S. Customs and Border Protection (CBP) Office of Field operations (OFO) personnel at ports of entry had separated 60 asylum-seeking families between May 6 and July 9, 2018, despite CBP’s claim that it had separated only 7 such families.  More than half of those separations were based solely on the asylum-seeking parents’ prior non-violent immigration violations, which appeared to be inconsistent with official DHS public messaging.  After a June 27, 2018 court ruling, CBP issued specific guidance, and the ports separated fewer families in the prior months.  Despite the new guidance, we continue to have concerns about DHS’ ability to accurately identify and address all family separations due to data reliability issues.  In late June 2018, CBP modified its system for tracking aliens at the ports of entry to capture family separation data consistently, but it could not provide a reliable number of families separated before June 2018.  We made one recommendation that will help CBP’s data collection.  CBP concurred with our recommendation.

>CBP Separated More Asylum-Seeking Families at Ports of Entry Than Reported and For Reasons Other Than Those Outlined in Public Statements
2020
OIG-20-32 FEMA is not effectively designating Surge Capacity Force (SCF) volunteers and managing the SCF program during disaster operations.  In 2017, FEMA was not prepared to deploy SCF Tier 4 volunteers rapidly and efficiently because FEMA had neither a clear commitment from agencies outside DHS to participate in SCF, nor a roster of volunteers capable of rapidly deploying.  FEMA did not adequately measure SCF performance because it did not have mechanisms to collect data and feedback to gauge program success.  FEMA did not effectively manage the SCF financial program because it relied heavily on the financial controls of volunteers’ home agencies without guarding against breakdowns in those controls.  Finally, FEMA did not close mission assignments promptly because it did not make closing them a priority in what officials described as a series of “overwhelming” catastrophes.  We made four recommendations for FEMA to improve designation of SCF volunteers and management of the SCF program.  FEMA concurred with three of our four recommendations.

>FEMA Needs to Effectively Designate Volunteers and Manage the Surge Capacity Force
2020
OIG-20-34 U.S. Customs and Border Protection (CBP) identified and targeted high-risk cargo shipments, CBP did not always prevent air carriers from transporting high-risk air cargo from foreign airports into the United States.  This occurred because neither CBP nor TSA developed adequate policies and procedures to ensure air carriers resolved referrals timely or appropriately.  We made four recommendations to CBP and TSA to mitigate a number of vulnerabilities in the Air Cargo Advance Screening Program.  CBP and TSA concurred with all four recommendations. 

>CBP's ACAS Program Did Not Always Prevent Air Carriers from Transporting High-Risk Cargo into the United States
2020
OIG-20-33 The Transportation Security Administration (TSA) does not monitor the Advanced Imaging Technology (AIT) to ensure it continues to fulfill needed capabilities.  Although the AIT met the requirement for system availability, TSA did not monitor the AIT’s probability of detection rate and throughput rate requirements set forth in TSA’s operational requirements document.  These issues occurred because TSA has not established comprehensive guidance to monitor performance of the AIT system.  Without continuous monitoring and oversight, TSA cannot ensure the AIT is meeting critical system performance requirements—a consistent weakness found in prior DHS OIG reports.  We made two recommendations designed to improve TSA’s monitoring of the AIT system.  TSA concurred with our recommendations.

>TSA Needs to Improve Monitoring of the Deployed Advanced Imaging Technology System
2020
OIG-20-31 DHS complied with the Improper Payments Elimination and Recovery Act (IPERA) in fiscal year 2019 by meeting all six of the IPERA requirements.  DHS also complied with Executive Order 13520, Reducing Improper Payments.  Additionally, we reviewed DHS’ processes and procedures for estimating its annual improper payment rates.  Based on our review, we determined DHS did not provide adequate oversight of the components’ improper payment testing and reporting.  We made one recommendation to DHS’ Risk Management and Assurance Division to properly follow the requirements in the DHS Improper Payment Reduction Guidebook. 

>Department of Homeland Security's FY 2019 Compliance with the Improper Payments Elimination and Recovery Act of 2010 and Executive Order 13520, Reducing Improper Payments
2020
OIG-20-29 KPMG, LLC found the Federal Emergency Management Agency (FEMA) did not provide adequate guidance to the Virgin Islands Emergency Management Agency (VITEMA) and the Virgin Islands Housing Finance Agency (VIHFA) and that VITEMA and VIHFA did not adequately manage FEMA Public Assistance (PA) funds.  Also, VITEMA and VIHFA did not always ensure the accuracy of project funding information or promptly notify FEMA about significant project cost overruns.  This occurred because FEMA did not provide the necessary guidance to and oversight of VITEMA and VIHFA to properly manage PA funds.  Because of these deficiencies, PA programs are at increased risk of mismanagement and expenditure of funds for unallowable activities.  We made seven recommendations to improve VITEMA’s and VIHFA’s management of FEMA PA funds, ensuring they are expended according to Federal regulations and FEMA guidance.  FEMA concurred with the recommendations.

>Capacity Audit of FEMA Grant Funds Awarded to the U.S. Virgin Islands Housing and Finance Authority
2020
OIG-20-30 KPMG, LLP found that the Federal Emergency Management Agency (FEMA) did not always ensure Virgin Islands Territorial Emergency Management Agency (VITEMA) and the Virgin Islands Department of Education (VIDE) established and implemented policies, procedures, and practices to account for and expend Public Assistance (PA) grant funds according to Federal regulations and FEMA guidance.  For example, VIDE did not have policies and procedures to address procurement-related conflicts of interest and related disciplinary actions.  This occurred because FEMA did not adequately train VIDE personnel and did not review these policies and procedures.  We made five recommendations that, when implemented, should improve management of FEMA PA grant funds, ensuring the funds are expended according to Federal regulations and FEMA guidance.  FEMA concurred with the recommendations. 

>Capacity Audit of FEMA Grant Funds Awarded to the U.S. Virgin Islands Department of Education
2020
OIG-20-28 TSA's Challenges With Passenger Screening Canine Teams (Redacted) 2020
OIG-20-27 Harris County, Texas needs additional technical assistance and monitoring to ensure grants management comply with Federal procurement regulations.  The County’s procurement policies, procedures, and business practices were not adequate to expend disaster grant funds in accordance with Federal procurement regulations and Federal Emergency Management Agency (FEMA) guidelines.  We recommended FEMA disallow $2.7 million in ineligible costs and require Texas to work with the County to incorporate Federal procurement regulations when using Federal funds, and review procurement activities before the County awards future contracts.  We made three recommendations that will help improve the procurement capability of Harris County, Texas.  FEMA concurred with all three recommendations. 

>Harris County, Texas, Needs Continued Assistance and Monitoring to Ensure Proper Management of Its FEMA Grant
2020
OIG-20-26 Capacity Audit of FEMA Grant Funds Awarded to the Puerto Rico Department of Education 2020
OIG-20-25 Williams-Adley determined that the Federal Emergency Management Agency (FEMA) did not always ensure that Department of Transportation and Public Works (DTOP) established and implemented policies, procedures, and practices to account for and expend PA grant funds according to Federal regulations and FEMA guidance.  Specifically, DTOP did not have (1) an effective grants management process; (2) sufficient internal controls in the procurement process; and (3) sufficient controls over its processes for claiming Force Account Labor costs.  This occurred because FEMA and Central Office of Recovery, Reconstruction and Resiliency (COR3) did not adequately oversee DTOP’s grant management activities.  We made three recommendations to improve COR3’s and DTOP’s management of FEMA Public Assistance funds, ensuring they are expended according to Federal regulations and FEMA guidance.  FEMA concurred with the recommendations.

>Capacity Audit of FEMA Grant Funds Awarded to the Puerto Rico Department of Transportation and Public Works
2020
OIG-20-24 Williams-Adley determined that the Federal Emergency Management Agency (FEMA) did not ensure the Puerto Rico Central Office of Recovery, Reconstruction, and Resiliency (COR3) and the Puerto Rico Aqueduct and Sewer Authority (PRASA) establish and implement policies, procedures, and practices to account for and expend Public Assistance (PA) grant funds according to Federal regulations and FEMA guidance.  Specifically, PRASA did not follow established policies and procedures for: (1) recording the capacity size and rate of its force account equipment; and (2) ensuring each vendor had a certificate of eligibility before receiving a contract award.  We made two recommendations to improve PRASA’s management of FEMA PA funds, ensuring they are expended according to Federal regulations and FEMA guidance.

>Capacity Audit of FEMA Grant Funds Awarded to The Puerto Rico Aqueduct and Sewer Authority
2020
OIG-20-23 The Federal Emergency Management Agency’s (FEMA) Individuals and Households Program (IHP) has a robust process for collecting and verifying information provided by underinsured disaster applicants.  However, FEMA does not collect sufficient supporting documentation or verify applicants claiming to have no insurance are eligible for home repair assistance.  Rather, according to FEMA, it relies on applicant self-certifications because no comprehensive repository of homeowner’s insurance data exists, and any additional verification processes would delay home repair payments.  As a result, FEMA made and we are questioning, more than $3 billion in improper and potentially fraudulent payments to individuals since 2003.  Additionally, FEMA did not properly assess and report improper payment risks within IHP because it disregarded significant internal control deficiencies and prior audit findings when it evaluated program risks.  Therefore, IHP applicants who claimed no homeowner’s insurance received less oversight even though they posed the greatest risk for improper and fraudulent payments.  Without implementing changes to its home repair assistance processes, FEMA cannot ensure it is being a prudent steward of Federal resources and adequately assessing its risks of improper payments and fraud.  We made two recommendations to FEMA to improve its IHP home repair documentation, verification, and risk management processes.  FEMA non-concurred with the two report recommendations, resulting in both recommendations being unresolved and open.

>FEMA Has Made More than $3 Billion in Improper and Potentially Fraudulent Payments for Home Repair Assistance since 2003
2020
OIG-20-21 Management of FEMA Public Assistance Grant Funds Awarded to the Sewerage and Water Board of New Orleans Related to Hurricanes Katrina, Isaac, and Gustav 2020
OIG-20-22 Capacity Audit of FEMA Grant Funds Awarded to the Puerto Rico Department of Housing 2020
OIG-20-19 DHS’ funding and payments for PALMS violated Federal appropriations law.  Specifically, DHS violated the bona fide needs rule in using fiscal year (FY) 2011 component funds in FYs 2012 and 2013 for e-Training services and PALMS implementation respectively, when the funds were not legally available for those needs.  As a result of the bona fide needs rule and purpose statute violations, DHS may also have violated the Antideficiency Act in FYs 2013 – 2015 when the Department augmented appropriations for the Human Resources Information Technology program with component funds. We made nine recommendations to address violations of Federal appropriations law and to improve controls to prevent such potential violations in the future.

>PALMS Funding and Payments Did Not Comply with Federal Appropriations Law
2020
Investigation of Alleged Violations of Immigration Laws at the Tecate, California, Port of Entry by U.S. Customs and Border Protection Personnel (OSC File No. DI-18-5034); OSC Final Letter to President; OSC Referral to DHS 2020