Contingency Contract Management
DOD Needs to Develop and Finalize Background Screening and Other Standards for Private Security Contractors Gao ID: GAO-09-351 July 31, 2009Currently in Iraq, there are thousands of private security contractor (PSC) personnel supporting DOD and State, many of whom are foreign nationals. Congressional concerns about the selection, training, equipping, and conduct of personnel performing private security functions in Iraq are reflected in a provision in the fiscal year 2008 National Defense Authorization Act (NDAA) that directs DOD to develop guidance on PSCs. This report examines the extent (1) that DOD and State have developed and implemented policies and procedures to ensure that the backgrounds of PSC employees have been screened and (2) that DOD has developed guidance to implement the provisions of the NDAA and (3) that DOD and State have addressed measures on other issues related to PSC employees in Iraq. To address these objectives, GAO reviewed DOD and State guidance, policies, and contract oversight documentation and interviewed agency and private security industry officials.
State and DOD have developed policies and procedures to conduct background screenings of PSC personnel working in Iraq who are U.S. citizens, but only State has done so for foreign nationals. Homeland Security Presidential Directive 12 (HSPD-12) directs U.S. government agencies to establish minimum background screening requirements in order to issue access credentials. But DOD has not developed departmentwide procedures for conducting background screenings of its foreign national PSC personnel. Disagreements among the various DOD offices responsible for developing and implementing these policies and procedures hindered timely execution of the HSPD-12 requirements, and the completion of this development and implementation has been hampered by the lack of a focal point to resolve these disagreements. For example, officials at the Office of the Under Secretary of Defense for Intelligence interpret HSPD-12 as requiring a government screening process for foreign national contractor personnel that is equivalent to the National Agency Check with Written Inquiries (NACI) currently used for U.S. citizen contractor personnel. But officials at the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics maintain that a NACI-equivalent screening for foreign nationals would not be feasible, given the inherent difficulty of screening foreign nationals and the inconsistent quality of criminal and employment records from one country to another, and further, such an approach would will severely limit the numbers of foreign national contractor personnel DOD could use. The offices also differ as to who should approve background screenings, known as adjudication. The Commander of Multi-National Forces-Iraq has established a screening process for PSCs, but GAO has identified several shortcomings that limit the effectiveness of this process. For example, the process directs contractors to obtain background screening for entities that will not provide data to contractors. While DOD has acknowledged the inherent force protection risk it assumes when using contractor employees, without the timely development of standardized policies and procedures, DOD lacks full assurance that all its PSCs are properly screened. While DOD is developing guidance to meet the requirements of the 2008 National Defense Authorization Act, the draft guidance does not meet all of the requirements of that act. For example, the draft guidance does not address the requirement for establishing minimum standards for background screening of PSCs. Instead it directs the combatant commanders to establish standards for their respective areas of responsibility, though it does not establish time frames within which they should do so. Without addressing these concerns, DOD's draft guidance only partially meets the requirements of the 2008 National Defense Authorization Act. DOD and State have taken actions on other issues related to PSCs in Iraq. For example, they have implemented similar processes to ensure that PSC personnel are trained, and to account for PSC weapons. Both agencies have also developed policies related to alcohol use by PSCs
RecommendationsOur recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director: Team: Phone:GAO-09-351, Contingency Contract Management: DOD Needs to Develop and Finalize Background Screening and Other Standards for Private Security Contractors
This is the accessible text file for GAO report number GAO-09-351
entitled 'Contingency Contract Management: DOD Needs to Develop and
Finalize Background Screening and Other Standards for Private Security
Contractors' which was released on July 31, 2009.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Report to Congressional Committees:
United States Government Accountability Office:
GAO:
July 2009:
Contingency Contract Management:
DOD Needs to Develop and Finalize Background Screening and Other
Standards for Private Security Contractors:
GAO-09-351:
GAO Highlights:
Highlights of GAO-09-351, a report to congressional committees.
Why GAO Did This Study:
Currently in Iraq, there are thousands of private security contractor
(PSC) personnel supporting DOD and State, many of whom are foreign
nationals. Congressional concerns about the selection, training,
equipping, and conduct of personnel performing private security
functions in Iraq are reflected in a provision in the fiscal year 2008
National Defense Authorization Act (NDAA) that directs DOD to develop
guidance on PSCs. This report examines the extent (1) that DOD and
State have developed and implemented policies and procedures to ensure
that the backgrounds of PSC employees have been screened and (2) that
DOD has developed guidance to implement the provisions of the NDAA and
(3) that DOD and State have addressed measures on other issues related
to PSC employees in Iraq. To address these objectives, GAO reviewed DOD
and State guidance, policies, and contract oversight documentation and
interviewed agency and private security industry officials.
What GAO Found:
State and DOD have developed policies and procedures to conduct
background screenings of PSC personnel working in Iraq who are U.S.
citizens, but only State has done so for foreign nationals. Homeland
Security Presidential Directive 12 (HSPD-12) directs U.S. government
agencies to establish minimum background screening requirements in
order to issue access credentials. But DOD has not developed
departmentwide procedures for conducting background screenings of its
foreign national PSC personnel. Disagreements among the various DOD
offices responsible for developing and implementing these policies and
procedures hindered timely execution of the HSPD-12 requirements, and
the completion of this development and implementation has been hampered
by the lack of a focal point to resolve these disagreements. For
example, officials at the Office of the Under Secretary of Defense for
Intelligence interpret HSPD-12 as requiring a government screening
process for foreign national contractor personnel that is equivalent to
the National Agency Check with Written Inquiries (NACI) currently used
for U.S. citizen contractor personnel. But officials at the Office of
the Under Secretary of Defense for Acquisition, Technology, and
Logistics maintain that a NACI-equivalent screening for foreign
nationals would not be feasible, given the inherent difficulty of
screening foreign nationals and the inconsistent quality of criminal
and employment records from one country to another, and further, such
an approach would will severely limit the numbers of foreign national
contractor personnel DOD could use. The offices also differ as to who
should approve background screenings, known as adjudication. The
Commander of Multi-National Forces-Iraq has established a screening
process for PSCs, but GAO has identified several shortcomings that
limit the effectiveness of this process. For example, the process
directs contractors to obtain background screening for entities that
will not provide data to contractors. While DOD has acknowledged the
inherent force protection risk it assumes when using contractor
employees, without the timely development of standardized policies and
procedures, DOD lacks full assurance that all its PSCs are properly
screened.
While DOD is developing guidance to meet the requirements of the 2008
National Defense Authorization Act, the draft guidance does not meet
all of the requirements of that act. For example, the draft guidance
does not address the requirement for establishing minimum standards for
background screening of PSCs. Instead it directs the combatant
commanders to establish standards for their respective areas of
responsibility, though it does not establish time frames within which
they should do so. Without addressing these concerns, DOD‘s draft
guidance only partially meets the requirements of the 2008 National
Defense Authorization Act.
DOD and State have taken actions on other issues related to PSCs in
Iraq. For example, they have implemented similar processes to ensure
that PSC personnel are trained, and to account for PSC weapons. Both
agencies have also developed policies related to alcohol use by PSCs.
What GAO Recommends:
GAO recommends that the Secretary of Defense designate a focal point to
ensure that the appropriate DOD offices coordinate, develop, and
implement policies on background screenings and that DOD establish
standards to meet the requirements of the 2008 NDAA and inform Congress
as to when the guidance will be completed. DOD concurred with two
recommendations and partially concurred with three.
View [hyperlink, http://www.gao.gov/products/GAO-09-351] or key
components. For more information, contact William M. Solis, (202) 512-
8365, solisw@gao.gov.
[End of section]
Contents:
Letter:
Results in Brief:
Background:
State and DOD Have Developed Procedures to Conduct Background
Screenings of U.S. Citizens; Only State Has Developed Departmentwide
Procedures to Screen Foreign and Local National Personnel:
Draft DOD Regulation Does Not Fully Meet the Legislative Requirements
of Section 862 of the National Defense Authorization Act for Fiscal
Year 2008:
State and DOD Have Developed Policies and Processes on Other Private
Security Issues Including Training, Weapons Accountability, and
Alcohol:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendix I: Objectives, Scope, and Methodology:
Appendix II: Comments from the Department of Defense:
Related GAO Products:
Abbreviations:
AT&L: Under Secretary of Defense for Acquisition, Technology, and
Logistics:
DCMA: Defense Contract Management Agency:
DOD: Department of Defense:
HSPD-12: Homeland Security Presidential Directive 12:
JCC-I/A: Joint Contracting Command-Iraq/Afghanistan:
MNC-I: Multi-National Corps-Iraq:
MNF-I: Multi-National Force-Iraq:
NACI: National Agency Check with Written Inquiries:
NDAA: National Defense Authorization Act:
PSC: private security contractor:
USD-I: Under Secretary of Defense for Intelligence:
[End of section]
United States Government Accountability Office:
Washington, DC 20548:
July 31, 2009:
Congressional Committees:
In Iraq, security concerns have led both the Department of Defense
(DOD) and Department of State (State) to rely upon armed private
security contractors to perform a variety of important security
functions. These functions include providing static security for the
United States--that is, controlling buildings and facilities, providing
security for high-ranking U.S. officials, and escorting supply convoys.
According to a June 2009 report by the Commission on Wartime
Contracting in Iraq and Afghanistan[Footnote 1], DOD and State estimate
that more than 16,263 armed private security personnel (12,942 with
DOD, 3,321 with State) are working in Iraq under contracts with the
U.S. government. [Footnote 2] According to these estimates 77 percent
of private security contractor personnel are foreign nationals, 11
percent are Iraq nationals, and 12 percent are U.S. citizens or
citizens of coalition countries, such as those from the United Kingdom
and Australia.
DOD and State private security contractors subject prospective
employees to background screenings that typically include searches of
past criminal activity and a credit check. However, our past work and
the work of others have raised concerns about the approaches taken by
the U.S. government to ensure that background screenings are complete
and thorough. For example, in 2006 we reported that DOD and private
security contractors had difficulty conducting comprehensive background
screening for U.S. and foreign nationals because of inaccurate,
missing, or inaccessible data.[Footnote 3] Additionally, we reported
that military commanders and other military officials were concerned
about the risks that contractor personnel, particularly foreign and
local nationals, posed to U.S. forces due to limitations in the
background screening process. Furthermore, there have been
congressional concerns about the selection, training, equipping, and
conduct of personnel performing private security functions in Iraq.
These concerns are reflected in Section 862 of the National Defense
Authorization Act for fiscal year 2008 which directs the Secretary of
Defense, in coordination with the Secretary of State, to prescribe
regulations by May 2008 for the use of private security contractors in
an area of combat operations.
In July 2008, we reported that DOD and State had improved oversight and
coordination over private security contractors in Iraq but we also
raised concerns about the ability to sustain the oversight needed and
indicated that we would issue a follow-on report on other private
security contractor issues related to selection, training, and weapons
accountability as well as DOD's implementation of provisions of Section
862 of the National Defense Authorization Act for fiscal year 2008.
[Footnote 4] This report addresses those issues and expands upon the
extent to which DOD and State have taken measures to ensure that
private security contractor personnel have been screened. Due to broad
congressional interest, we have conducted this engagement under the
authority of the Comptroller General to conduct evaluations at his own
initiative. Specifically, our objectives were to determine (1) the
extent to which DOD and State have developed and implemented policies
and procedures to ensure that the backgrounds of private security
contractor personnel have been screened, (2) the extent to which DOD
has developed guidance to address the elements of Section 862 of the
National Defense Authorization Act for fiscal year 2008, and (3) the
measures the two agencies have taken to ensure that private security
contractor personnel are trained, the steps taken to account for
private security contractor weapons, and the development of policies to
govern alcohol use among private security contractor personnel in Iraq.
To address these objectives we reviewed DOD and State documentation,
including contract materials, government policies, and records of
government reviews and inspections. We interviewed officials from
various DOD and State offices, including the offices of the Under
Secretary of Defense for Personnel and Readiness, the Under Secretary
of Defense for Acquisitions, Technology, and Logistics, the Under
Secretary of Defense for Intelligence, and State's Bureau of Diplomatic
Security. In Iraq we met with DOD officials, including contracting
officials at the Joint Contracting Command-Iraq/Afghanistan and the
Defense Contract Management Agency, as well as officials within Multi-
National Forces-Iraq. We also met with State Department officials in
Iraq responsible for oversight of the State's Worldwide Personal
Protective Services contract, including the Regional Security Officer.
To obtain the industry's perspective on these issues, we interviewed
officials from two private security industry associations and officials
from 11 private security firms who currently provide or have recently
provided private security services in Iraq. To corroborate statements
about training by DOD and State officials and private security firms,
we reviewed 215 compliance audit checklists from DOD inspections that
were conducted from March 2008 to January 2009. Similarly, we obtained
and reviewed the two most recent inspection reports for each of State's
three Worldwide Personal Protective Services contractors. We did not
evaluate the quality of training provided by DOD and State.
We conducted this performance audit from August 2008 through June 2009,
in accordance with generally accepted government auditing standards.
Those standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on audit objectives. We believe that the
evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives. A detailed description of
our scope and methodology is included in appendix I of this report.
Results in Brief:
The Departments of State and Defense have both developed policies and
procedures to conduct background screenings of private security
contractor personnel working in Iraq who are U.S. citizens; however,
only State has developed and implemented standardized policies and
procedures to screen foreign national personnel, including those
employed by private security contractors. Homeland Security
Presidential Directive 12 (HSPD-12) directs U.S. government agencies to
establish minimum background screening requirements to be met before
employees and contractors can be issued an access credential. State has
developed a procedure for conducting background investigations of its
contractor personnel, U.S. citizens, and foreign and local nationals
which, according to State officials, meets the requirements of HSPD-12.
By contrast, DOD has not, as of June 2009, developed departmentwide
procedures for conducting background screenings of its foreign and
local national private security contractor personnel. The completion of
minimum standards and background screening procedures has been hampered
by a lack of a focal point to resolve disagreements among the various
DOD offices responsible for developing and implementing background
screening policy and procedures. These disagreements have hindered
timely execution of the HSPD-12 requirements, as illustrated by the
following.
* With regard to the screening process, officials within the Under
Secretary of Defense for Intelligence (USD-I) have interpreted HSPD-12
as requiring a government screening process for foreign national
contractor personnel (including local national contractor employees)
that would be equivalent to the background screening conducted for U.S.
citizen contractor personnel. Officials within another DOD office, the
Under Secretary of Defense for Acquisition, Technology, and Logistics
(AT&L), maintain that this approach is unrealistic and will severely
limit the numbers of foreign national contractor personnel the
department could use to support U.S. forces in contingency operations.
AT&L noted that conducting an equivalent screening for foreign
nationals would not be feasible, given the inherent difficulty of
screening foreign nationals and the inconsistent quality of criminal
and employment records from one country to another. As we reported in
2006, commanders are responsible for the safety and security of their
installations.[Footnote 5] AT&L believes that processes established by
combatant commanders to screen contractors, such as those in Iraq, in
conjunction with contractor-led background screenings, provides
reasonable assurance that the security risk posed by foreign national
contractor personnel is minimal.
* With regard to the process of approving background screenings, known
as adjudication, AT&L officials stated that U.S. government employees
serving as contracting officer's representatives are the final
adjudicators of background screening results. USD-I officials, however,
disagree with AT&L contending that DOD policy prohibits the contracting
officer representatives from being final adjudicators and noting that
contracting officer representatives lack the necessary training and
time to do so.
In Iraq, the Commander, Multi-National Forces-Iraq (MNF-I), has
established a process aimed at ensuring that all private security
contractors, including U.S. citizens, Iraqi nationals, and other
foreign nationals have been screened. However, we identified several
shortcomings that limit the effectiveness of this process. For example,
contractors do not have access to many of the data sources they are
required to use to screen employees, such as databases maintained by
the Federal Bureau of Investigation (FBI) and the Central Intelligence
Agency (CIA). Additionally, as we have previously reported, contractors
have access to a limited range of criminal records data, and there may
be limited data on foreign national contractor personnel who may have
spent minimal if any time in the United States. [Footnote 6]
Furthermore, officials we spoke to from the office in Iraq responsible
for approving private security contractor requests to carry weapons did
not have a full understanding of how contractors conducted their
background screenings. Without the timely development and
implementation of standardized policy and guidance that is compliant
with overall U.S. government policy, and without greater understanding
at the contracting officer representative and combatant command level
of what a proper background screening and adjudication should entail,
DOD lacks full assurance that all of its private security contractor
personnel have been properly screened.
While DOD has developed a draft interim final rule intended to meet the
requirements of Section 862 of the National Defense Authorization Act
of Fiscal Year 2008, hereafter referred to as Section 862 of the FY2008
NDAA, our analysis of a May 2009 version of the draft regulation
indicates that it does not address all of the requirements of the law.
For example, the draft delegates the responsibility of developing
specific private security contractor guidance and procedures to the
geographic combatant commanders without fully establishing all of the
minimum processes as required under Section 862. The law directs DOD to
develop requirements for the screening and security of private security
contractor personnel and the draft instructs geographic combatant
commanders to develop procedures consistent with principles established
in existing DOD instructions and directives. However, while the draft
makes reference to existing DOD regulations about these areas, neither
the draft nor the referenced documents articulate a process or
requirements that geographic combatant commanders can use to ensure
that all private security contractor personnel meet screening and
security requirements. In addition, while the law instructs that DOD
develop minimum processes and requirements for private security
contractor personnel operating in an area of combat operations, which
by definition includes both Iraq and Afghanistan, the draft regulation
only points to an agreement between DOD and State that is specific to
Iraq and directs it be used as a framework for the development of
guidance and procedures regardless of location. Moreover, the draft
instruction does not establish time frames for the combatant commanders
to develop such guidance and procedures. Without developing minimum
departmentwide processes in a timely manner to assist commanders in
developing theaterwide standards and a timeline for completion, DOD
will not be able to ensure that its policies related to private
security contractors are consistent across the geographic combatant
commands and available at the onset of a combat operation.
Additionally, the delay in publishing draft guidance to meet Section
862 of the FY2008 NDAA has affected the completion of other
requirements contained in the Act. For example, because the guidance
has not been finalized, the Federal Acquisition Regulation has not been
revised to require the insertion into each covered contract or task
order a contract clause addressing the selection, training, equipping,
and conduct of personnel performing private security functions under
contracts.
The Departments of State and Defense have also taken actions on other
issues related to private security contractors in Iraq. For example,
State and DOD have implemented similar processes to determine if
private security contractor personnel have been trained. These
processes include periodic reviews of contractor training records and
site visits to contractor training facilities in Iraq. The departments
have also developed and implemented processes to account for private
security contractor weapons that include periodic weapons inventories.
In addition, private security contractors indicated that the government
of Iraq also conducts periodic inventories of weapons. State, DOD, and
private security contractors have also developed and implemented
policies related to the use of alcohol by private security contractor
personnel.
We are making five recommendations to DOD to establish a focal point to
ensure that the appropriate offices in DOD coordinate, develop, and
implement policies and procedures to conduct and adjudicate background
screenings in a timely manner; establish minimum processes and
requirements for the selection, accountability, training, equipping,
and conduct of personnel performing private security functions; direct
the geographic combatant commanders to develop and publish regulations,
orders, directives, instructions, and procedures for private security
contractors operating during a contingency operation within their area
of responsibility; provide a report to Congress with the timelines for
completing the minimum processes discussed in the recommendation above;
and revise the Federal Acquisition Regulation to require the insertion
into each covered contract a clause addressing the selection, training,
equipping, and conduct of personnel performing private security
functions under these contracts. In commenting on a draft of this
report, DOD concurred with two of the five recommendations and
partially concurred with three. DOD partially concurred with our
recommendation that a focal point be established, our recommendation
that minimum process and requirements be developed regarding private
security contractor personnel, and our recommendation that DOD direct
the geographic combatant commanders to develop and publish procedures
for private security contractors operating within their area of
responsibility. DOD commented that they have already or are in the
process of implementing aspects of our recommendations. However, we do
not believe that DOD's response thoroughly addressed the intent of our
recommendations and believe that all of our recommendations remain
valid. The full text of DOD's written comments is reprinted in appendix
II.
Background:
Private security contractors are defined as private companies, or
personnel, that provide physical security for persons, places,
buildings, facilities, supplies, or means of transportation. These
contractors provide security services for a variety of U.S. government
agencies in Iraq; however, they are principally hired by DOD and State.
DOD private security services contracts include a contract to provide
security for DOD--controlled facilities in Iraq, known as the Theater
Wide Internal Security Services contract. According to DOD officials,
four contractors employing more than 8,000 guards, supervisors, and
operations personnel are performing task orders issued under their
contracts. The State Department's private security services contracts
include a contract to provide security and support, known as the
Worldwide Personal Protective Services contract, a contract to provide
security for the U.S. Embassy Baghdad, and a security contract managed
by State's Bureau of International Narcotics and Law Enforcement
Affairs.
In August 2004, the President issued HSPD-12 to require that United
States government agencies (including DOD and State) collaborate to
develop a federal standard for secure and reliable forms of
identification for all U.S. government employees and contractors
needing regular physical access to federal facilities. In February
2005, to comply with HSPD-12, the Department of Commerce's National
Institute of Standards and Technology issued implementing guidance; the
Federal Information Processing Standards 201-1, which define a
governmentwide personal identification verification system. HSPD-12
requires that all U.S. government agencies mandate the use of the
standard identification credential for all employees and contractors--
U.S. citizens and foreign nationals alike--who need regular physical
access to federal facilities, including U.S. military installations
abroad. As part of this process, all U.S. government employees and
contractors who are issued an approved credential are to undergo a
National Agency Check with Written Inquiries (NACI)[Footnote 7], or, at
minimum, an FBI National Criminal History Check (a fingerprint check
against a FBI database). We have previously reported on the challenges
associated with applying a similar process to foreign nationals,
including the limited applicability of U.S.-based databases of the
names of criminals to foreign nationals.[Footnote 8] Federal
Information Processing Standard 201-1 applies to foreign nationals
working for the U.S. government overseas and requires a process for
registration and approval using a State Bureau of Diplomatic Security
approved method, except in the case of employees under the command of a
U.S. area military commander. However, the standards do not offer any
guidance as to what process should be used overseas. In addition to the
HSPD-12 requirements, DOD and State have been instructed to comply with
other requirements intended to protect the safety of property and
personnel. For example, DOD policy makes military commanders
responsible for enforcing security measures intended to ensure that
property and personnel are protected.[Footnote 9] Likewise, the Omnibus
Diplomatic Security and Antiterrorism Act of 1986 requires the
Secretary of State to develop and implement policies and programs,
including funding levels and standards, to provide for the security of
U.S. government diplomatic operations abroad.[Footnote 10]
Section 862 of the FY2008 NDAA[Footnote 11] requires that the Secretary
of Defense, in coordination with the Secretary of State, prescribe
regulations on the selection, training, equipping, and conduct of
personnel performing private security functions under a covered
contract[Footnote 12] in an area of combat operations. Section 862 of
the FY2008 NDAA states that the regulations shall, at a minimum,
establish processes to be used in an area of combat operations for the
following:
* registering, processing, accounting for, and keeping appropriate
records of personnel performing private security functions;
* authorizing and accounting for weapons to be carried by, or available
to be used by, personnel performing private security; and:
* registration and identification of armored vehicles, helicopters, and
other military vehicles operated by contractors performing private
security functions.
In addition, the regulations shall establish requirements for
qualification, training, screening (including, if practicable, through
background checks), and security for personnel performing private
security functions in an area of combat operations.
Section 862 of the FY2008 NDAA also states that the regulations must
establish a process by which to report the following incidents: (1) a
weapon is discharged by personnel performing private security functions
in an area of combat operations; (2) personnel performing private
security functions in an area of combat operations are killed or
injured; (3) persons are killed or injured, or property is destroyed,
as a result of conduct by contractor personnel; (4) a weapon is
discharged against personnel performing private security functions in
an area of combat operations; or (5) active, non-lethal countermeasures
are employed by the personnel performing private security functions in
an area of combat operations in response to a perceived immediate
threat to these personnel. In addition, the regulations must establish
a process for the independent review and, if practicable, investigation
of these incidents and incidents of alleged misconduct by personnel
performing private security functions in an area of combat operations.
The regulations are also to include guidance to the combatant
commanders on the issuance of (1) orders, directives, and instructions
to private security contractors regarding, for example, security and
equipment; (2) predeployment training requirements; and (3) rules on
the use of force.
Fragmentary orders also establish guidance and requirements governing
private security contractors in Iraq. In December 2007, MNF-I issued
Fragmentary Order 07-428 to consolidate what previously had been
between 40 and 50 separate fragmentary orders relating to regulations
applicable to private security contractors in Iraq. The fragmentary
order establishes authorities, responsibilities and coordination
requirements for MNC-I to provide oversight for all armed DOD
contractors and civilians in Iraq including private security
contractors. In March 2009, MNF-I superseded this order by issuing
Fragmentary Order 09-109. This Fragmentary Order contains information
related to the roles and responsibilities of contract oversight
personnel and required contract clauses including clauses related to
background screening, training, and weapons accountability. One such
clause requires that all contractors working in the Iraq theater of
operations shall comply with and shall ensure that their personnel
supporting MNF-I forces are familiar with and comply with all
applicable orders, directives, and instructions issued by the MNF-I
Commander relating to force protection and safety.
State and DOD Have Developed Procedures to Conduct Background
Screenings of U.S. Citizens; Only State Has Developed Departmentwide
Procedures to Screen Foreign and Local National Personnel:
State Has Developed a Background Screening Process for Private Security
Contractor Personnel, Including Foreign and Local National Personnel:
State has developed a process for conducting background screenings of
its private security contractor personnel, U.S. citizens, and foreign
and local nationals alike, which, according to State officials, meets
the requirements of HSPD-12. Initially, private security contractors
submit the resumes of all prospective employees to be reviewed by a
State Department contracting officer representative. After this
prescreening, the Worldwide Personal Protective Services contract
requires firms to screen employees using a screening process approved
by State's Bureau of Diplomatic Security. The process includes
examining a prospective employee's past work history, police records,
prior military service, and a credit check. The contractor is
responsible for reviewing the results of the initial screening and,
based on the results, forwards a list of the candidates to the
contracting officer representative. Then, State's Bureau of Diplomatic
Security conducts and adjudicates its own background investigation of
prospective employees. All personnel performing work on the contract
must possess a security clearance, a determination of eligibility for
moderate or high-risk public trust positions, or have had an
investigative check conducted by regional security officers of local or
foreign nationals equivalent to the public trust determination required
for the position. According to State Department officials, the
department requires that foreign national private security contractor
personnel have a Moderate Risk Public Trust determination, which is
equivalent to a Secret clearance, but it does not grant access to
classified information. The Moderate Risk Public Trust determination
includes checking a prospective contractor employee's name against both
local and national data sources. These data sources include the
consular name-check database that is used by U.S. embassies to access
information used to approve or deny visa applications. The system
contains records provided by numerous U.S. agencies and includes
information on persons with visa refusals, immigration violations,
criminal histories, and terrorism concerns. In addition, prospective
employees are screened by Regional Security Officers in the U.S.
embassy in their home countries and if necessary, the Regional Security
Officers may interview prospective employees. For example, when State
Department officials in Uganda uncovered prospective employees using
false documentation, the certificates were not granted to Ugandans
until the Regional Security Officer had completed a personal interview.
Moreover, in Iraq, prospective Iraqi employees sometimes undergo
polygraph examinations. State Department officials told us that this
process was HSPD-12-compliant based on their interpretation of an
Office of Management and Budget memorandum that states that
investigations related to making a public trust determination can be
sufficient to meet HSPD-12 requirements.
DOD Has Developed Procedures to Conduct Background Screenings of
Private Security Contractor Personnel Who Are U.S. Citizens but Has Not
Developed Procedures to Screen Foreign and Local Nationals:
Federal Information Processing Standards 201-1 require that contractor
personnel, including private security contractors in Iraq, undergo a
National Agency Check with Written Inquiries investigation or its
equivalent prior to being issued an access credential. While DOD has
established procedures to apply this requirement to private security
contractor personnel who are U.S. citizens, it has not, as of June
2009, developed a process and procedures to apply this requirement to
foreign and local nationals. According to DOD Instruction 3020.41, the
comprehensive policy document on the management of contractors
authorized to accompany the Armed Forces, USD-I is responsible for
developing and implementing procedures for conducting background
screenings of contractor personnel authorized to accompany the U.S.
Armed Forces. The instruction, which was issued in October 2005 by the
Under Secretary of Defense for Acquisition, Technology, and Logistics
(AT&L), also directs USD-I to coordinate with AT&L, to develop these
procedures, and to draft appropriate contract clauses. In November
2008, DOD issued a Directive-Type Memorandum to begin the process of
bringing DOD policy into alignment with HSPD-12. [Footnote 13] However,
while the memorandum directs USD-I to coordinate with AT&L and the
Office of the Under Secretary of Defense for Personnel and Readiness
(P&R) to develop the department's policy for conducting background
screenings of contractor personnel, it does not provide specifics on
what the policy should contain. P&R, the office responsible for DOD's
HSPD-12 compliance, is currently drafting a DOD Instruction that
includes standards for conducting background screenings of U.S.
citizens, but does not yet include standards for screening foreign
nationals because according to officials from P&R, they have not
received input from USD-I. As of May 2009, USD-I officials were unable
to provide an estimate of when the foreign national screening standards
would be complete.
The lack of a focal point to resolve disagreements among the offices
responsible for developing and implementing DOD's background screening
policies and procedures has hindered timely execution of the HSPD-12
requirements. For example, officials from USD-I have interpreted HSPD-
12 as requiring a government screening and adjudication process for
foreign nationals that would be equivalent to the National Agency Check
with Written Inquiries investigation used for U.S. citizens. Officials
within AT&L maintain that this approach is unrealistic and would
severely limit the numbers of foreign national contractor personnel the
department could use to support U.S. forces in contingency operations.
According to AT&L officials a National Agency Check with Written
Inquiries equivalent screening for foreign nationals would not be
feasible, given the difficulty of screening foreign nationals and the
inconsistent quality of criminal and employment records from one
country to another. As previously noted, private security contractors
currently conduct their own background screenings of prospective
employees. Based on these results, firms make final hiring decisions.
AT&L officials believe that contractor-led background screenings, in
conjunction with processes established by combatant commanders to
screen contractors, such as those in place in Iraq, provides reasonable
assurance that the security risk posed by foreign national contractor
personnel is minimal. As we reported in 2006, commanders are
responsible for the safety and security of their installations.
[Footnote 14]
Additionally, AT&L officials maintain that U.S. government employees
serving as contracting officer representatives are the final
adjudicators of background screening results. However, USD(I) officials
disagree and have stated that DOD policy prohibits contracting officer
representatives from being final adjudicators, and note that they lack
the necessary training and time to do so. As early as 2004 we noted
that DOD had a lack of personnel available to provide oversight.
[Footnote 15] Most recently we noted in our 2008 report that DOD was
strained to provide a sufficient number of contract oversight personnel
and military personnel needed better training on their responsibilities
to provide contract oversight over private security contractors.
[Footnote 16] An April 2009 report by the Special Inspector General for
Iraq Reconstruction found similar concerns, noting that contracting
officer representatives received limited training and had insufficient
available time to devote to their oversight responsibilities.[Footnote
17] As a result of these disagreements, DOD has not developed minimum
background screening standards as required by DOD Instruction 3020.41
and HSPD-12. While DOD has acknowledged the inherent force protection
risk it assumes when using contractor personnel, without the
development and implementation of departmentwide background screening
procedures that apply to all private security contractor personnel,
including foreign nationals, DOD does not have full assurance that all
of its private security contractor personnel have been properly
screened.
In Iraq, MNF-I Has Established a Background Screening Process for DOD
Private Security Contractors, but the Existing Process Has Several
Shortcomings:
By direction of the MNF-I commander, MNF-I, the U.S.-led military
organization responsible for conducting the war in Iraq, has
established a process in Iraq aimed at ensuring that all private
security contractors, U.S. citizens, Iraqi nationals, and other foreign
nationals providing security services to DOD have been screened.
According to MNF-I guidance, which shall be incorporated into all
contracts and solicitations where arming of contracted employees is
contemplated in Iraq, private security contractors and subcontractors
in Iraq are required to:
* conduct background screenings of employees;
* verify with the MNC-I[Footnote 18] Provost Marshal that no employee
has been barred by any commander within Iraq; and:
* certify after completing all checks that all persons armed under the
contract are not prohibited under U.S. law from possessing a weapon or
ammunition.[Footnote 19]
In addition, in Iraq DOD has developed background screening measures
that are intended to act as an additional safeguard after contractor-
conducted screening procedures. For example, MNC-I officials told us
that every private security contractor employee serving in Iraq also
must receive a badge issued by MNF-I. According to officials, as part
of the badge process, host and foreign national personnel are subjected
to a background screening using several U.S. government automated
systems and undergo an interview conducted by MNF-I intelligence
officials. In addition, MNF-I guidance establishing minimum
requirements for access to MNF-I installations throughout the Iraq
Theater of Operations states that all host and foreign national private
security contractor personnel are subjected to screening using an
automated system unique to Iraq that collects biometric information
such as photographs, fingerprints, and iris scans.
While force protection officials we spoke with in Iraq were generally
satisfied with the current background screening process and felt that
it sufficiently accounted for the security of U.S. installations, our
work identifies several shortcomings that limit the effectiveness of
this process. For example, we found that some of the current background
screening requirements established by MNF-I were unrealistic because
they directed contractors to use data sources that were not readily
available to private firms. According to MNF-I guidance, which shall be
incorporated into all contracts and solicitations where arming of
contracted employees is contemplated in Iraq, private security
contractors should, to the extent possible, use FBI, Country of Origin
Criminal Records, Country of Origin US Embassy Information Request, CIA
records and/or any other equivalent records systems as sources.
However, as we noted in our past work, contractors may not have access
to certain data sources, such as FBI databases. Moreover, these data
sources provide only limited data on foreign national contractor
personnel who may have spent minimal if any time in the United States.
[Footnote 20] While private companies may have access to other sources
of background screening information, these data sources have similar
limitations when applied to prospective foreign national personnel. As
a result, contractors have adopted their own methods, such as obtaining
Interpol-issued Certificates of Good Conduct, which one private
security contractor official told us his company requires as a
prerequisite to an interview. We reviewed a copy of one such
certificate and observed that the certificate signifies that the bearer
has never been the subject of a police inquiry. However, according to
the official these certificates are not available in every country.
Further, only the individual, and not the company, may obtain this
certificate. Therefore, there may be incentives for prospective
employees to forge or alter the certificates in order to gain
employment.
In addition, MNF-I officials we spoke to who were responsible for
contractor oversight did not have a full understanding of the screening
process, the process' limitations, or of how contractors conducted
their background screenings. For example, MNF-I officials told us that
the office responsible for approving civilian arming requests--known as
the arming authority--reviewed background screening results prior to
approving arming requests. However, officials from the arming authority
stated that they did not see the results of the background screenings
and did not interpret or adjudicate based on the results. Officials
were also unaware of what the background screening entailed, and stated
background screening was the private security contractor's
responsibility.
According to MNF-I officials, contracting officer representatives are
responsible for ensuring that private security personnel files contain
all of the necessary information, including background screening
results. However, officials responsible for providing contract
oversight in Iraq stated that contracting officers and contracting
officer representatives only check to ensure that the correct
documentation is maintained; they do not try to interpret or adjudicate
the background screening results. Officials added that they are not
trained to interpret or adjudicate the results.
Moreover, while some of the name-checks and biometric data collection
associated with issuing badges and requests for arming authority use
data collected in Iraq, such as information collected from suspected
insurgents, the current screenings rely primarily upon U.S.-based
databases of criminal and terrorist information. As we have previously
reported, background checks that are reliant upon U.S.-based databases,
such as the automated process, described above, may not be effective in
screening foreign nationals who have not lived or traveled to the
United States. [Footnote 21] Without training to ensure that military
commanders and contracting officials understand the department's
policies and procedures for background screening as well as their roles
and responsibilities, DOD will not have reasonable assurance that
contractor personnel have been screened.
The existing MNF-I process also does not provide contractors with
standards on what the background screening should entail and how the
results should be interpreted, particularly for foreign national
personnel. According to MNF-I guidance, which shall be incorporated
into all contracts and solicitations where arming of contracted
employees is contemplated in Iraq, DOD private security contractors are
required to develop a background screening plan and submit the results
of the background screening to their contract's contracting officer
representative upon completion. The Theater Wide Internal Security
Services contract also requires that private security contractors
conduct the appropriate criminal and financial background screenings
identified in chapters 2 and 3 of Army Regulation 190-56.[Footnote 22]
For example, the regulation requires that the contractor conduct a
security screening check of applicants for security guard positions, to
include a check of arrest and criminal history records of the state in
which the prospective employee has resided during the most recent 5
years. It also requires that prospective security contractor employees
be subjected to a National Agency Check with Written Inquiries.
However, the regulation does not provide instructions on how to apply
these screenings to non-U.S. citizens. [Footnote 23] Our review of the
background screening plans submitted by the four Theater Wide Internal
Security Services contractors found that the processes the plans
described were not consistent in their approach to screen personnel,
particularly for foreign national personnel. Our review of the plans
found that they did not provide specific details as to how the company
would go about screening foreign nationals. For example, while one plan
states that all prospective foreign national employees are subjected to
a criminal record check, it does not explain what records will be
checked, the time period examined, or how the company intends to
evaluate derogatory information. Furthermore, one of the plans we
reviewed failed to address screening foreign national personnel at all.
The plans were generally more specific in their descriptions of how
they intended to screen U.S. national personnel. However, as we have
previously reported, contractors have access to a limited range of
criminal records data, and particularly in foreign countries these data
can be of questionable quality.[Footnote 24] Furthermore, while DOD
officials in Iraq stated that they were comfortable that the screening
process was sound because contractors' screening processes were part of
the evaluation criteria used to award the contracts, as previously
noted officials responsible for evaluating these plans have not been
trained to do so. Without minimum standards screening firms will use
varying techniques to screen personnel and DOD will not have reasonable
assurance that a minimum level of safety and protection has been met.
Draft DOD Regulation Does Not Fully Meet the Legislative Requirements
of Section 862 of the National Defense Authorization Act for Fiscal
Year 2008:
Section 862 of the FY2008 NDAA directed the Secretary of Defense, in
coordination with the Secretary of State, to develop regulations on the
selection, training, equipping, and conduct of private security
contractor personnel under a covered contract in an area of combat
operations. The public law lists a number of minimum processes and
requirements, which the regulations are to establish. While DOD has
drafted an interim final rule[Footnote 25],which is intended to meet
the requirements of the public law, our analysis of a May 2009 version
of the draft regulation indicates that it does not address all of the
requirements of the law.
The draft delegates the responsibility of developing specific private
security contractor guidance and procedures to the geographic combatant
commanders without fully establishing all of the minimum processes as
required under Section 862.[Footnote 26] For example, the law directs
DOD to develop requirements for the screening and security of private
security contractor personnel. The draft instructs geographic combatant
commanders to develop procedures consistent with principles established
in existing DOD instructions and directives.[Footnote 27] However,
while the draft makes reference to existing DOD regulations regarding
these areas, neither the draft nor the referenced documents articulate
a process or requirements that geographic combatant commanders can use
to ensure that all private security contractor personnel meet screening
and security requirements.[Footnote 28] The draft regulation also
establishes that all incidents listed in Section 862 (a)(2)(D)[Footnote
29] shall be reported, documented, and independently reviewed or
investigated. However, the regulation does not specify who should
report or document incidents, what information should be recorded, how
the incident should be investigated, or to whom the incident report
should be sent. Furthermore, it leaves the implementation of procedures
for reporting, reviewing, and investigating incidents to the combatant
commanders. In addition, while the law instructs that DOD develop
minimum processes and requirements for private security contractor
personnel operating in an area of combat operations[Footnote 30],the
draft regulation only points to an agreement between DOD and State that
is specific to Iraq and directs it be used as a framework for the
development of guidance and procedures regardless of location.[Footnote
31] Specifically, the draft references a December 2007 Memorandum of
Agreement between DOD and State, which provides that private security
contractor personnel who wish to possess and carry firearms in Iraq,
must fulfill the core standards of background checks, security
clearances, training with annual refreshers on topics such as the rules
for the use of force, weapons qualification consistent with U.S. Army
standards, and use of weapon types authorized by DOD and State.
[Footnote 32] As noted in our discussion on background screenings,
absent minimum departmentwide processes, combatant commanders may
develop less comprehensive guidance and procedures and the guidance and
procedures developed may widely vary from theater-to-theater. Moreover,
the draft regulation does not establish a time frame for combatant
commanders to develop and issue the implementing guidance and
procedures. Without developing minimum departmentwide processes in a
timely manner to assist commanders in developing theaterwide standards
and a timeline for completion, DOD will not be able to ensure that its
policies related to private security contractors are consistent across
the geographic combatant commands and available at the onset of a
combat operation.
Our review of a May 2009 version of the draft regulation found that it
does establish some processes. For example, the draft regulation
establishes a process for requesting permission to arm private security
contractor personnel. This process includes written acknowledgment by
the security contractor and its individual personnel that such
personnel are not prohibited under U.S. law to possess firearms and
requires documentation of individual training that includes weapons
qualification and training on the rules of the use of force. The draft
also states that individual training and qualification standards must
meet, at a minimum, one of the military department's established
standards. With regard to the registration, processing, and accounting
of private security contractor personnel, the draft regulation
references a draft update to DOD Instruction 3020.41, which designates
the Synchronized Predeployment and Operational Tracker (SPOT) as the
joint Web-based database to maintain contractor accountability and
visibility of DOD-funded contracts supporting contingency operations.
[Footnote 33] The draft regulation also identifies SPOT as the
repository for registering and identifying military vehicles operated
by private security contractor personnel. DOD officials stated that
they interpreted Section 862's vehicle identification requirements as
the need to register vehicles in a database using a unique identifier
as opposed to identifying vehicles with a visual identifier such as a
placard. Officials stated identifying vehicles using a visual
identifier would expose private security contractors to enemy attacks.
However, during our trip to Iraq in 2008, we observed that many DOD
private security contractors affixed readable numbers on their
vehicles.[Footnote 34]
While DOD was required to develop this guidance by July 2008, as of
June 2009 the guidance has not been finalized. According to DOD
officials, promulgation of the guidance has taken considerable time due
to coordination efforts with State and the federal rule-making process,
which requires a draft rule be published for public comment in the
Federal Register when it has an impact beyond the agency's internal
operations. Because of this delay, the Federal Acquisition Regulation
(FAR) has not been revised to require that covered contracts and task
orders contain a contract clause to address the selection, training,
equipping and conduct of personnel performing private security
functions. According to DOD officials, the FAR will not be revised to
implement the regulation until the regulation has been finalized.
State and DOD Have Developed Policies and Processes on Other Private
Security Issues Including Training, Weapons Accountability, and
Alcohol:
State Has Developed Detailed Private Security Contractor Training
Requirements and an Inspection Process:
According to officials in State's Bureau of Diplomatic Security,
contractors performing under State's Worldwide Personal Protective
Services contract are required to provide 164 hours of personal
protective security training. The training curriculum includes topics
such as the organization of a protective detail, firearms proficiency,
driver training, and defensive tactics. According to officials in
State's Bureau of Diplomatic Security, this training curriculum was
reviewed and approved by State's Diplomatic Security Training Center.
In addition, officials in the Bureau of Diplomatic Security approve the
course instructors after reviewing the instructors' resumes and other
qualifications. Our review of State's Worldwide Personal Protective
Services contract found that it contained detailed training
requirements for private security contractor personnel. For example,
the contract identified very detailed weapons qualification training
requirements. These requirements include establishing a minimum number
of hours of weapons training, the acceptable venues for conducting the
training, and the materials the contractor must furnish. The contract
also determines the specific topics to be covered in the weapons
training including procedures on safe weapon handling, proper
marksmanship techniques, and firing positions. The requirements also
establish the minimum number of rounds that must be fired per each
weapon being used for training.
To determine if private security contractor personnel are trained,
officials from State's Diplomatic Security Training Center and the
Office of Protective Operations periodically visit contractor training
facilities to monitor training. According to State officials, during
these inspections officials review the certifications of training
instructors, observe individual training modules, and review individual
student training records. According to State officials, the department
is also in the process of conducting a comprehensive review of all
three Worldwide Personal Protective Services contractor training
programs. Officials stated that this is the first comprehensive review
under the Worldwide Personal Protective Services contract and as part
of this review officials are reviewing a full training curriculum at
each contractor's training location. Officials stated that these
reviews will result in recommendations for immediate improvements to
each company's training program and may result in changes to the
overall high-threat curriculum. To confirm that State conducted
training inspections, we reviewed the two most recent inspection
reports of each of the three private security contractors providing
services under State's largest security contract, Worldwide Personal
Protective Services. Our review of the records confirmed that State had
inspected each contractor and that the reviews were conducted by State
subject matter experts. For example, one inspection report we reviewed
included a State firearms expert observing the firearms proficiency
portion of the training. In each inspection report we reviewed, State
concluded that the contractors met training requirements. We also
observed that each inspection included suggestions for improvement even
when training requirements were met. Officials also stated that in
Iraq, Regional Security Officers provide daily oversight and as part of
this oversight they are responsible for ensuring that the training
standards are met.
DOD Has Established Broad Training Requirements for Private Security
Contractor Personnel and Employs a Two-Step Process to Determine If
Private Security Contractor Personnel Have Been Trained:
Much like State, DOD has established contractual training requirements
for private security contractor personnel. However, DOD's training
requirements are generally broader than State's. For example, while
State's training requirements establish a detailed training curriculum
that includes a minimum number of hours of training, DOD private
security training requirements are more broadly defined. For example,
Annex A of Fragmentary Order 09-109 which identifies requirements that
must be included in DOD contracts where private security contractors
will be armed, establishes that documentation should be maintained to
attest that each armed private security contractor employee has been
successfully familiarized with and met qualification requirements
established by any DOD or other U.S. government agency for each weapon
they are authorized to possess. Similarly, the order requires that
employees be trained on the law of armed conflict and the rules for the
use of force but does not provide specifics to be included in the
training. Contracts also contain provisions to ensure that training
does not lapse. For example, DOD contracts performed in Iraq or
Afghanistan must provide that if the contractor fails to retrain an
armed employee within 12 months of the last training date the employee
will lose authorization to possess and carry a weapon in Iraq.
Individual task orders may reiterate employee training requirements.
Fragmentary Order 09-109 makes contracting officer representatives
responsible for monitoring the contractor's performance and compliance
with contractual requirements, including compliance with all applicable
laws, regulations, orders, and directives. These representatives are co-
located on the contractor site to facilitate day-to-day contract
oversight. According to DOD officials, contracting officer
representatives periodically review individual private security
contractor personnel training records to ensure that the training
requirements have been met. Additionally, the Defense Contract
Management Agency (DCMA) conducts reviews to ensure that contracting
officer representatives are providing proper oversight. In February
2008, DCMA began to use a series of checklists developed by DCMA to
guide inspections of contracting officer representatives and confirm
that these representatives are maintaining the appropriate
documentation and providing sufficient contractor oversight. According
to DCMA officials, these checklists were developed by taking contract
requirements and other DOD guidance and translating them into a tool
that could be used for an objective evaluation. These checklists may
vary by contract and have been tailored for specific areas of contract
performance. For example, while aspects of training may be found on
multiple checklists, DCMA has developed a specific training checklist.
Among the items checked are that contractors determined that personnel
had been trained on the required subjects, that a training plan had
been submitted for approval, and that training remained current. To
confirm that these inspections covered training, we reviewed 215
completed checklists. While each checklist varied in length and scope,
our review of the checklists found that they contained 7 to 54 total
items and among those items were several training-related items. For
example, one checklist asked if the contractor ensured that all guard
force personnel were trained and authorized to be armed before
beginning their duties. Another checklist we reviewed asked if the
contractor's training records validated training, certifications, and
recertification. Of the checklists we reviewed, the checklists
generally documented no concerns about training. However, 7 of the
checklists contained observations that raised concerns about the
training of personnel. Four checklists contained observations that
indicated that personnel were qualified with a different weapon than
the one they were assigned. Another checklist indicated that personnel
deployed with little to no training noting that personnel learned
everything about their posts once they were deployed. Two checklists
observed that personnel were not trained in all of the required
training subjects.
Additionally, according to DOD officials, the department conducts
periodic site visits of private security contractors' Iraq-based
training facilities. However, because DOD personnel responsible for
providing oversight of DOD's private security contracts in Iraq are
based in Iraq and not elsewhere, such as the United States, these
inspections do not regularly include facilities located outside of
Iraq, such as contractors' U.S. training facilities. For example, an
official at one private security firm we visited indicated that no one
from DOD had ever inspected the firm's U.S.-based training facility.
Unlike State, which maintains personnel in Iraq and in the U.S. to
provide contract oversight, DOD's contracts are administered by the
Joint Contracting Command for Iraq and Afghanistan and its personnel
responsible for private security contract oversight are all located in
Iraq.
State and DOD Have Developed a Process to Account for Weapons Held by
Private Security Contractors:
According to State officials, the Worldwide Personal Protective
Services contract requires a quarterly inventory of all U.S. government-
and contractor-furnished property, including weapons. According to
State officials, all operational weapons are government furnished and
are issued to the private security contractors by the regional security
officer. The regional security officer conducts an annual sight
inventory, which is corroborated with the contractors' quarterly
inventories and records from the State Department branch that acquired
the weapons. In addition, officials stated that the quarterly
inventories are tracked by officials in State's high-threat protection
office and verifies this during periodic program management reviews.
In Iraq, DOD has established a process that includes granting arming
authority to private security contractor personnel, and conducting
reviews of weapons inventories and inspections of private security
contractor armories. DCMA also conducts reviews to ensure that private
security contractor personnel are properly authorized to carry weapons.
In addition, DOD antiterrorism/force protection officials conduct
yearly assessments of every MNF-I installation or forward operating
base with over 300 personnel, known as vulnerability assessments.
During these assessments officials check physical security measures and
verify that armed contractors, including private security contractor
personnel, are carrying the required arming authorization letter and
meeting the requirements to be compliant with the arming authority
requirements. Officials stated that ultimately contracting officer
representatives are responsible for ensuring that DOD's private
security contractors adhere to the arming regulations. Officials felt
that while there were many good contracting officer representatives,
there were some that would benefit from additional training on their
responsibilities, instead of learning these things on the job.
Recent audits by State's Office of the Inspector General and the
Special Inspector General for Iraq Reconstruction found that weapons
were properly accounted for. In April 2009, State's Office of the
Inspector General published results of a performance audit of security
contractor Triple Canopy and concluded that the firm established sound
inventory controls at the two facilities State inspected in Iraq.
[Footnote 35] To reach this conclusion, the office conducted an
inventory of weapons and reviewed inventory documents maintained by the
contractor and by the Regional Security Officer. In June 2009, a joint
audit of security firm Blackwater, by State's Office of Inspector
General and the Special Inspector General for Iraq Reconstruction,
reached similar conclusions. [Footnote 36] The audit team was able to
verify all weapons randomly selected from weapons assigned to
Blackwater personnel. The report attributed their ability to verify the
weapons to the level of State oversight through quarterly physical
inventories and other periodic reconciliations by State personnel.
Additionally, a January 2009 audit of security firm Aegis (a private
security contractor) by the Special Inspector General for Iraq
Reconstruction observed weapons inventory tests at four locations in
Iraq and determined that all items were accounted for.[Footnote 37]
State and DOD have Developed and Implemented Alcohol Policies for
Private Security Contractor Personnel in Iraq:
State, DOD, and private security contractors have developed and
implemented policies related to the use of alcohol by private security
contractor personnel. State has established policies that govern when
private security contractors can consume alcohol. For example, State's
Worldwide Personal Protective Services contract prohibits private
security contractor personnel from consuming alcohol while on duty and
within 6 hours prior to going on duty. Although State does not prohibit
alcohol consumption by private security contractor personnel, private
security contractors with State told us that they have established
policies to govern employee alcohol consumption. Private security
contractors with DOD contracts told us that their employees were
subject to General Order #1 and thus were prohibited from possessing or
consuming alcohol while in Iraq. General Order #1, which was
established by the Commanding General of MNC-I, prohibits military
personnel or contractors employed by or accompanying U.S. forces from
the introduction, purchase, possession, sale, transfer, manufacture or
consumption of any alcoholic beverage within MNC-I's area of
responsibility. However, General Order #1 does not apply to private
security contractors who support the State Department. Private security
contractors we spoke with told us that personnel who violate the
established alcohol policies are subject to disciplinary actions and
depending on the severity of the use may have their employment
terminated. When asked how often individuals have been let go due to
alcohol, the contractors indicated that it is not very often. For
example, one firm stated that out of an average staffing level of more
than 650 non-Iraqi personnel, it has only terminated 7 employees due to
violations of the alcohol policy.
Conclusions:
Homeland Security Presidential Directive 12 and its implementing
guidance intend to create a consistent, federalwide approach to ensure
that federal employees and contractors with regular access to federal
facilities and installations are sufficiently screened for security
risk. As we reported in 2006, military commanders and other officials
are aware of the risks that contractors pose to U.S. forces in part
because of the difficulties in screening employees, particularly
foreign and host country nationals. While State and DOD have developed
policies and procedures to ensure that U.S. citizen personnel and
contractors are screened, only the State Department has developed
departmentwide procedures to screen foreign national personnel. Efforts
within DOD have been stalled by disagreement over how to develop and
implement policies and procedures that comply with HSPD-12 while
fulfilling DOD's need to provide private security contractor personnel
to fulfill security requirements in Iraq. While we acknowledge the
difficulties of conducting background screenings of foreign national
personnel, the armed nature of private security contractor personnel
presents the need for assurance that all reasonable steps have been
taken to provide for their thorough vetting and minimize the risk they
present. Without a coordinated DOD-wide effort to develop and implement
standardized policies and procedures to ensure that contractor
personnel, particularly foreign national private security contractor
personnel, have been screened, DOD cannot provide this assurance. Even
with established policies and procedures in place, there are inherent
risks involved with employing foreign national personnel, making it
critical that military commanders and contracting officials understand
the risks and limitations associated with background screenings of
foreign national personnel. Additionally, until DOD expands and
finalizes guidance related to private security contractors, including
the development of timelines for combatant commanders, it will not have
fully responded to the congressional concerns which led to the
development of Section 862 of the National Defense Authorization Act of
Fiscal Year 2008.
Recommendations for Executive Action:
We recommend the five following actions to help ensure that DOD
develops a departmentwide approach to properly screening private
security contractor personnel, including non-United States citizens. We
recommend that the Secretary of Defense appoint a focal point, at a
sufficiently senior level and with the necessary authority to ensure
that the appropriate offices in DOD coordinate, develop, and implement
policies and procedures to conduct and adjudicate background screenings
in a timely manner. More specifically the focal point should:
* direct the Office of the Under Secretary of Defense for Intelligence,
in consultation with the Under Secretary of Defense for Personnel and
Readiness and the Under Secretary of Defense for Acquisition,
Technology, and Logistics, to develop departmentwide procedures for
conducting and adjudicating background screenings of foreign national
contractor personnel and establish a time frame for implementation;
* develop an effective means to communicate to MNF-I the new procedures
so that MNF-I officials can adjust their existing background screening
policies and procedures, if necessary, to comport with the procedures;
and:
* develop a training program to ensure that military commanders and
contracting officials, including contracting officers and contracting
officers' representatives, understand the department's policies and
procedures for background screening as well as their roles and
responsibilities.
To ensure that DOD fully meets the requirements of Section 862 of the
2008 National Defense Authorization Act we recommend that the Secretary
of Defense direct the Under Secretary of Defense for Acquisition,
Technology, and Logistics to:
* establish minimum processes and requirements for the selection,
accountability, training, equipping, and conduct of personnel
performing private security functions under a covered contract during a
combat operation;
* direct the geographic combatant commanders, through the Chairman of
the Joint Chiefs of Staff, to develop and publish the regulations,
orders, directives, instructions, and procedures for private security
contractors operating during a contingency operation within their area
of responsibility;
* provide a report to Congress with the timelines for completing the
minimum processes discussed in the recommendation above; and:
* revise the Federal Acquisition Regulation to require the insertion
into each covered contract a clause addressing the selection, training,
equipping, and conduct of personnel performing private security
functions under such, contract.
Agency Comments and Our Evaluation:
In commenting on a draft of this report, DOD concurred with two of the
five recommendations and partially concurred with three.
DOD partially concurred with our recommendation that the Secretary of
Defense appoint a focal point at a sufficiently senior level and with
the necessary authority to ensure that the appropriate DOD offices
coordinate, develop and implement policies and procedures to conduct
and adjudicate background screenings in a timely manner. In DOD's
response, the department noted that the Assistant Deputy Under
Secretary of Defense for Program Support has been designated to be
responsible for monitoring the registration, processing, and accounting
of private security contractor personnel in an area of contingency
operations. As we noted in this report, the Office of the Under
Secretary of Defense for Intelligence (USD-I) is responsible for
developing DOD's background screening policy in conjunction with the
Office of the Under Secretary of Defense for Acquisition, Technology,
and Logistics (AT&L) and the Office of the Under Secretary of Defense
for Personnel and Readiness (P&R). While we don't dispute the role that
the Assistant Deputy Under Secretary of Defense for Program Support has
to monitor the registration, processing, and accounting of private
security contractor personnel, we do not believe that this office is
the correct office to resolve disagreements among the offices
responsible for developing DOD's background screening policy. DOD also
noted that it is in the process of institutionalizing the Operational
Contract Support Functional Capabilities Integrations Board. According
to DOD, the board will provide the senior level oversight to provide
cross-component alternatives and recommendations on current and future
capability needs, policies, and investments. Since the board has not
yet been established, we were unable to determine if the board would
have sufficient authority to implement our recommendation or if USD-I
will be included on the board. Unless the board is given the authority
to resolve the policy differences between the USD-I and AT&L and direct
the development of background screening polices, the disagreements that
have hampered the development of screening policies and procedures will
continue.
In addition, DOD stated that it does not conduct its own background
investigations on foreign nationals and lacks the infrastructure to do
so. The department stated that it depends on the Office of Personnel
Management (OPM) to conduct its background investigations. While this
may be true for background investigations that lead to the granting of
security clearances, our report was focused on background screenings
that do not lead to the granting of security clearances. As we noted in
this report, contractors are responsible for conducting background
screenings for their foreign national employees using standards,
processes, and procedures developed by the contractors themselves or as
in Iraq, developed by the military. In addition, in Iraq, MNF-I has
developed their own background screening process to supplement
contractor-led screening of private security contractor personnel.
However, as we noted, the process used in Iraq has several
shortcomings. We believe that in order to meet the intent of this
recommendation, the department needs to develop departmentwide
standards and procedures for conducting and adjudicating background
screenings to assure itself that screenings are providing as much
background information as possible and that the department has a common
understanding of what information is or is not included in a contractor-
conducted background screening. Without this information, military
commanders may be unaware of the risks foreign national private
security contractor personnel may pose. Regarding the department's
comment that it will ensure that the Defense Federal Acquisition
Regulation is modified, it is unclear how the clause can be modified
until standards are developed to include in the clause.
DOD also partially concurred with our recommendation that the Secretary
of Defense direct the Under Secretary of Defense for Acquisition,
Technology, and Logistics to establish minimum processes and
requirements for the selection, accountability, training, equipping,
and conduct of personnel performing private security functions under a
covered contract during a combat operation. As we noted, Section 862 of
the fiscal year 2008 NDAA directed the Secretary of Defense, in
coordination with the Secretary of State, to develop regulations on the
selection, training, equipping, and conduct of private security
contractor personnel under a covered contract in an area of combat
operations. DOD responded that the Interim Final Rule published in the
July 17, 2009, issue of the Federal Register meets the requirements of
Section 862 of the fiscal year 2008 NDAA and that the department was
also soliciting input from the geographical combatant commanders on
this subject. While the Interim Final Rule published in the Federal
Register on July 17TH contains some minor variations from the May 2009
draft Interim Final Rule we reviewed for the purposes of this report,
our criticisms of the draft Interim Final Rule continue to be
applicable to the Interim Final Rule published in the Federal Register.
As we noted in our report, the Interim Final Rule directs geographic
combatant commanders to develop procedures consistent with principles
established in existing DOD instructions and directives and makes
reference to existing DOD regulations regarding these areas. However,
neither the draft nor the referenced documents articulate a process or
requirements that geographic combatant commanders can use to ensure
that all private security contractor personnel meet screening and
security requirements. The Interim Final Rule published in the Federal
Register on July 17TH contains these same shortcomings. We continue to
believe that DOD should establish minimum processes and requirements
for the selection, accountability, training, equipping, and conduct of
private security contractor personnel to meet the intent of our
recommendation. These processes and requirements could be strengthened,
if necessary, by the geographic combatant commanders. As we noted,
without these minimum standards DOD will not have reasonable assurance
that a minimum level of safety and protection has been met. In the
past, DOD has taken a similar approach. In December 2006, DOD updated
the department's antiterrorism instruction. [Footnote 38] The
instruction established minimum DOD antiterrorism measures, while
providing military commanders and civilians with the flexibility and
adaptability to develop measures that are more stringent if conditions
warrant.
In addition, DOD partially concurred with our recommendation that the
Secretary of Defense direct the Under Secretary of Defense for
Acquisition, Technology, and Logistics to direct the geographic
combatant commanders to develop and publish the regulations, orders,
directives, instructions, and procedures for private security
contractors operating during a contingency operation within their area
of responsibility. DOD stated that this had already been accomplished
in large part through the issuance of Multi-National Forces-Iraq
Operations Order 09-01in Iraq and OPORD 09-03 in Afghanistan. However,
the orders cited by DOD are specific to Iraq and Afghanistan and are
not applicable to other geographic commands. Therefore, we believe
additional guidance should be developed for other geographic commands.
DOD concurred with the remainder of our recommendations. However, DOD
did not indicate what, if any, specific actions it would take to
address the intent of our recommendations. Therefore, we believe DOD
needs to more clearly identify what steps it will take to implement
these recommendations. The full text of DOD's written comments is
reprinted in appendix II. The Department of State did not provide
formal written comments on a draft of this report.
We are sending copies of this report to other interested congressional
committees, the Secretary of Defense, and the Secretary of State. In
addition, this report will be available at no charge on GAO's Web site
at [hyperlink, http://www.gao.gov].
If you or your staff have any questions on the matters discussed in
this report, please contact me at (202) 512-8365. Contact points for
our Offices of Congressional Relations and Public Affairs may be found
on the last page of this report. Key contributors to this report were
Carole Coffey, Assistant Director; Johana Ayers, Assistant Director,
Acquisitions and Sourcing Management; Vincent Balloon; Laura Czohara;
Robert Grace; Jason Pogacnik; Karen Thornton; Cheryl Weissman; and
Natasha Wilder.
Signed by:
William M. Solis:
Director, Defense Capabilities and Management:
List of Committees:
The Honorable Carl Levin:
Chairman:
The Honorable John McCain:
Ranking Member:
Committee on Armed Services:
United States Senate:
The Honorable John F. Kerry:
Chairman:
The Honorable Richard G. Lugar:
Ranking Member:
Committee on Foreign Relations:
United States Senate:
The Honorable Joseph I. Lieberman:
Chairman:
The Honorable Susan M. Collins:
Ranking Member:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
The Honorable Daniel K. Inouye:
Chairman:
Subcommittee on Defense:
Committee on Appropriations:
United States Senate:
The Honorable Daniel K. Akaka:
Chairman:
The Honorable George V. Voinovich:
Ranking Member:
Subcommittee on Oversight of Government Management, the Federal
Workforce, and the District of Columbia:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
The Honorable Ike Skelton:
Chairman:
The Honorable Howard P. "Buck" McKeon:
Ranking Member:
Committee on Armed Services:
House of Representatives:
The Honorable Howard L. Berman:
Chairman:
The Honorable Ileana Ros-Lehtinen:
Ranking Member:
Committee on Foreign Affairs:
House of Representatives:
The Honorable Edolphus Towns:
Chairman:
The Honorable Darrell Issa:
Ranking Member:
Committee on Oversight and Government Reform:
House of Representatives:
The Honorable John P. Murtha:
Chairman:
Subcommittee on Defense:
Committee on Appropriations:
House of Representatives:
The Honorable John Tierney:
Chairman:
The Honorable Jeff Flake:
Ranking Member:
Subcommittee on National Security and Foreign Affairs:
Committee on Oversight and Government Reform:
House of Representatives:
The Honorable Robert Andrews:
House of Representatives:
The Honorable David Price:
House of Representatives:
[End of section]
Appendix I: Objectives, Scope, and Methodology:
Our scope was limited to contracts and contractors with a direct
contractual relationship with either the Department of Defense (DOD)or
the Department of State. For DOD, our analysis of contract materials
was limited to contractors performing under DOD's largest security
contract in terms of employment, the Theater Wide Internal Security
Services contract. Similarly for State, our contract analysis was
limited to contractors performing under the agency's largest contract
for security services in terms of employment, the Worldwide Personal
Protective Services contract. Because contractor personnel requiring
security clearances are subject to a standard government-led and
adjudicated screening process, for reporting purposes, our scope in
assessing background screening policies and procedures is limited to
those covering private security contractor personnel who do not require
a security clearance.
To determine the extent to which DOD and State have developed and
implemented policies and procedures to ensure that the backgrounds of
private security contractor personnel have been screened, we obtained
and reviewed government-wide and DOD documents including Homeland
Security Presidential Directive 12 and DOD regulations related to
vetting, background screening, and operational contract support such as
DOD Instruction 3020.41 dealing with operational contract support, Army
Regulation 196.56 on vetting and screening of security guards, and DOD
Iraq-theater-specific private security contractor guidance including
Fragmentary Order 07-428, Fragmentary Order 08-605, and Fragmentary
Order 09-109. Additionally, we obtained and reviewed State
documentation related to the processes used to conduct background
screening including the Foreign Affairs Handbook. We also interviewed
officials from various DOD and State offices who were responsible for
developing and implementing policies and procedures related to the
background screening of private security contractor personnel including
officials from the offices of the Under Secretary of Defense for
Personnel and Readiness, the Under Secretary of Defense for
Acquisitions, Technology and Logistics, the Under Secretary of Defense
for Intelligence, and State's Bureau of Diplomatic Security. In Iraq we
met with officials from the Defense Contract Management Agency, the DOD
agency tasked with administering DOD security contracts, several
contracting officers' representatives who provide day to day oversight
of security contracts, officials from Multi-National Force-Iraq, and
State Department officials responsible for oversight of the agency's
Worldwide Personal Protective Services contract, including the Regional
Security Officer. Additionally, we obtained and reviewed contracts for
security services awarded by both DOD and State to determine what
screening requirements were included in the contracts and obtained
copies of contractor background screening plans to determine how
contractors intended to screen foreign national employees.
To determine the extent to which DOD has developed regulations to
address the elements of Section 862 of the National Defense
Authorization Act for Fiscal Year 2008, we obtained and reviewed the
Act. We also obtained and reviewed DOD's draft regulation--DOD
Instruction 3020.pp--being developed by officials in the Office of the
Under Secretary of Defense for Acquisition, Technology, and Logistics
(AT&L). We also met with officials from AT&L to discuss the progress
made in developing this regulation. Our assessment of the extent to
which DOD's draft policy meets the requirements of Section 862 of the
National Defense Authorization Act for Fiscal Year 2008 is based on our
review of the draft regulation as it was written on May 2009. We did
not evaluate the effectiveness of the draft regulation because it has
not yet been finalized and is subject to change.
To determine the extent to which DOD and State have implemented
processes to ensure that private security contractor personnel in Iraq
are trained, we reviewed DOD and State contracts for security services
in Iraq and interviewed DOD and State officials responsible for
ensuring that these requirements have been met. To corroborate
statements made by DOD, State, and private security firm officials, we
also obtained and reviewed compliance audit checklists from inspections
conducted on Theater Wide Internal Security Services contractors by the
Defense Contract Management Agency. We selected completed checklists
from inspections of the two Theater Wide Internal Security Services
contractors we interviewed through the course of our audit. From the
full list of completed checklists from the two contractors, we then
eliminated checklists related to inspections that were not relevant to
our audit, including checklists related to trafficking-in-persons and
life support. In total, we reviewed 215 compliance audit checklists
from inspections that were conducted from March 2008 through January
2009. Similarly, to ensure that State conducted training inspections of
its Worldwide Personal Protective Services contractors, we obtained and
reviewed the two most recent inspection reports for each of its three
Worldwide Personal Protective Services contractors. We did not evaluate
the quality of training provided by DOD and State.
To examine the measures the two departments have taken to account for
weapons used by private security contractors in Iraq, we obtained and
reviewed DOD and State arming guidance and policies. This guidance
includes Fragmentary Order 07-428 and Fragmentary Order 09-109. We also
interviewed DOD and State officials responsible for providing arming
authority for private security contractor personnel including officials
in MNC-I's arming office and officials in the office of the U.S.
Embassy Baghdad's Regional Security Officer. We also met with officials
from 11 private security firms who currently provide or have recently
provided private security services in Iraq. Finally we reviewed recent
reports from various audit agencies such as the State Department's
Office of the Inspector General and the Special Inspector General for
Iraq Reconstruction related to weapons accountability.
To determine what policies DOD and State had developed to govern
alcohol use among private security contractor personnel in Iraq, we
reviewed DOD and State contracts for security services to determine if
the contracts included any statements on the use of alcohol, obtained
copies of department policies such as U.S. Central Command's General
Order 1, which governs the conduct of contractors in Iraq. We also
discussed alcohol policies with officials from 8 private security firms
who currently provide or have recently provided private security
services in Iraq.
To obtain the industry's perspective on background screening, training,
and other issues, we interviewed officials from three private security
industry associations and officials from 11 private security firms who
currently provide or have recently provided private security services
in Iraq. We selected firms that represented the variety of security
services and approaches used in Iraq. For example, we selected firms
that provided both high-and low-visibility security services. We also
selected firms with large contracts and firms with small contracts. In
addition, to ensure that our discussions with DOD and State private
security contractors about background screening were applicable to a
wide range of nationalities, we selected firms that recruited employees
from a variety of nationalities, including those from the United
States, United Kingdom, Peru, and Uganda. Of the 11 firms, we met with
9 who currently provide or had recently provided security services to
DOD. Of those 9, we met with 3 of the 5 firms who provide security
services under the Theater Wide Internal Security Services contract.
For State, we met with all 3 of the department's Worldwide Personal
Protective Services contractors.
To achieve our objectives we also reviewed various reviews conducted by
DOD and State including those released by DOD's Office of the Inspector
General and State's Office of the Inspector General. We also examined
recent reports issued by the Special Inspector General for Iraq
Reconstruction. These reports dealt with issues related to contract
management and oversight, weapons accountability, and training. We
conducted this performance audit from August 2008 through June 2009 in
accordance with generally accepted government auditing standards. Those
standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on audit objectives. We believe that the
evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives. We visited or contacted the
following organizations during our review:
The Department of Defense:
* Office of the Under Secretary of Defense for Acquisition, Technology,
and Logistics, Washington, D.C.
* Office of the Under Secretary of Defense for Intelligence, Arlington,
Va.
* Office of the Under Secretary of Defense for Personnel and Readiness,
Washington, D.C.
* Office of General Counsel, Washington, D.C.
* Office of the J4, Washington, D.C.
* U.S. Central Command, Tampa, Fla.
* Defense Contract Management Agency, Baghdad, Iraq:
* Multi-National Forces-Iraq, Baghdad, Iraq:
* Multi-National Corps-Iraq, Baghdad, Iraq:
* Multi-National Division-Baghdad, Baghdad, Iraq:
* Joint Contracting Command Iraq/Afghanistan, Baghdad, Iraq:
Department of the Army:
* Army Corps of Engineers Gulf Regional Division, Baghdad, Iraq:
* Army Corps of Engineers, Logistics Movement Coordination Center,
Baghdad, Iraq:
Department of State:
* Bureau of Diplomatic Security, Washington, D.C.
* Office of Acquisitions Management, Arlington, Va.
* Office of the Legal Adviser, Arlington, Va, Baghdad, Iraq:
* Secretary of State's Panel on Personal Protective Services in Iraq,
Washington, D.C.
* US Embassy Iraq, Baghdad, Iraq:
Department of Justice:
* Criminal Division, Washington, D.C.
* Federal Bureau of Investigation, Washington, D.C.
Other agencies and offices:
* U.S. Agency for International Development (USAID), Washington, D.C.
* Foreign & Commonwealth Office, London, United Kingdom:
Industry associations and background screening firms:
* Private Security Contractor Association of Iraq, Baghdad, Iraq:
* International Peace Operations Association, Washington, D.C.
* British Association of Private Security Companies, London, United
Kingdom:
* employeescreenIQ, Cleveland, Ohio:
Private Security Contractors:
* Aegis, London, United Kingdom:
* Armor Group, London, United Kingdom:
* Blackwater (now known as Xe), Baghdad, Iraq; Moyock, N.C.
* Blue Hackle, Baghdad, Iraq:
* Control Risks Group, London, United Kingdom:
* Dyncorps International, West Falls Church, Va.
* Erinys International, London, United Kingdom:
* Olive Group, Baghdad, Iraq:
* Raymond Associates, Clifton Park, N.Y.
* SOC-SMG, Minden, Nev.
* Triple Canopy Inc., Herndon, Va.
[End of section]
Appendix II: Comments from the Department of Defense:
Office Of The Under Secretary Of Defense:
Acquisition, Technology And Logistics:
3000 Defense Pentagon:
Washington, DC 20301-3000:
Mr. William M. Solis:
Director, Defense Capabilities and Management:
U.S. Government Accountability Office:
441 G Street, N.W.
Washington, DC 20548:
July 24, 2009:
Dear Mr. Solis:
This is the Department of Defense (DoD) response to the GAO draft
report, GAO09-315, `Contingency Contract Management: DoD Needs to
Develop and Finalize Background Screening and Other Standards for
Private Security Contractors,' dated June 24, 2009 (GAO Code 351083).
Detailed comments on the report are enclosed.
Sincerely,
Signed by: Illegible, for:
Gary J. Motsek:
Assistant Deputy Under Secretary of Defense (Program Support):
Enclosures: As stated:
[End of letter]
GAO Draft Report - Dated June 24, 2009:
GAO Code 351083/GAO-09-315:
"Contingency Contract Management: DoD Needs to Develop and Finalize
Background Screening and Other Standards for Private Security
Contractors"
Department Of Defense Comments To The Recommendations:
Recommendation 1: The GAO recommends that the Secretary of Defense
appoint a focal point, at a sufficiently senior level and with the
necessary authority, to ensure that the appropriate offices in DoD
coordinate, develop, and implement policies and procedures to conduct
and adjudicate background screenings in a timely manner. More
specifically the focal point should:
A. direct the Under Secretary of Defense for Intelligence, in
consultation with the Under Secretary of Defense for Personnel and
Readiness and the Under Secretary of Defense for Acquisitions,
Technology and Logistics, to develop department-wide procedures for
conducting and adjudicating background screenings of foreign national
contractor personnel and establish a time frame for implementation;
B. develop an effective means to communicate to Multi National Forces-
Iraq (MNF-I) the new procedures so that MNF-I officials can adjust
their existing background screening policies and procedures, if
necessary, to comport with the procedures; and,
C. develop a training program to ensure that military commanders and
contracting officials, including contracting officers and contracting
officers' representatives. understand the department's policies and
procedures for background screening as well as their roles and
responsibilities.
DOD Response: Partially concur. The Assistant Deputy Under Secretary of
Defense for Program Support, under the authority, direction, and
control of the Deputy Under Secretary of Defense for Logistics and
Materiel Readiness, has been designated to be responsible for
monitoring the registration, processing, and accounting of Private
Security Contractor (PSC) personnel in an area of contingency
operations. The DoD is in the process of institutionalizing the
`Operational Contract Support Functional Capabilities Integrations
Board' in accordance with DoDD 7045.0 Capability Portfolio Management
(CPM), dated September 25, 2008, and Section 854 of the John Warner
National Defense Authorization Act (NDAA) of 2007 (Public Law 109-364),
`Joint Policies on Requirements Definition, Contingency Program
Management, and Contingency Contracting'. This board represents senior
level oversight designed to advise and support the Capability Portfolio
Management process which includes integrating, synchronizing, and
coordinating portfolio content to ensure alignment to strategic
priorities and capability demands of the Department. This board
provides cross component alternatives and recommendations on current
and future capability needs, policies and investments.
Recommendation 1A: Direct Under Secretary of Defense for Intelligence
in consultation with Under Secretary of Defense for Personnel and
Readiness and Under Secretary of Defense for Acquisition, Technology
and Logistics to develop departmentwide procedures for conducting and
adjudicating background screenings of foreign national contractor
personnel and establish a time frame for implementation.
DOD Response: Partially-concur. DoD does not conduct its own
investigations and has no infrastructure in place to conduct
investigations on foreign nationals or to process such cases through
the Department of State (DoS). DoD is wholly reliant upon the Office of
Personnel Management (OPM), its investigative service provider, to
conduct all investigative leads. The Under Secretary of Defense for
Intelligence has in the past and will continue to encourage OPM to
coordinate with the DoS to develop procedures to conduct National
Agency Check with Inquiries equivalent investigations outside of the
United States. The Functional Capabilities Integrations Board will
ensure the appropriate modifications to Defense Federal Acquisition
Regulation 52.225-19 `Contractor Personnel in a Designated Operational
Area or Supporting a Diplomatic or Consular Mission Outside the United
States' which will a) adequately reflect the intent of congress, b)
realistically consider theater dependant vetting capabilities, and c)
balances the Counter Insurgence Operations requirements of the field
commanders.
Recommendation 1B: Develop an effective means to communicate to Multi
National Forces-Iraq (MNF-I) the new procedures so that MNF-I officials
can adjust their existing background screening policies and procedures,
if necessary, to comport with the procedures.
DOD Response: Concur. See response to IA.
Recommendation 1C: Develop a training program to ensure that military
commanders and contracting officials, including contracting officer
representatives (COR) and contracting officer technical representatives
(COTR), understand the department's policies and procedures for
background screening as well as their roles and responsibilities.
DOD Response: Concur. This requirement needs to be clearly enunciated
in the Federal Acquisition Regulation/Defense Federal Acquisition
Regulation for our contracting officials, and incorporated as a key
element into our existing training programs for our military, civilian
and contracting representatives.
Recommendation 2: The GAO recommends that the Secretary of Defense
direct the Under Secretary of Defense for Acquisition, Technology, and
Logistics to establish minimum process and requirements for the
selection, accountability, training, equipping, and conduct of
personnel performing private security functions under a covered
contract during a combat operation.
DoD Response: Partially concur. Section 862 of the FY 2008 National
Defense Authorization Act clearly identifies Congressional intent on
this issue. To meet the statutory requirements, DoD in conjunction with
Department of State (DoS) authored a new directive entitled 'Private
Security Contractors (PSCs) Operating in Contingency Operations.' This
interagency document was just published in the July 17, 2009 issue of
the Federal Register as an Interim Final Rule. After the period of
public review expires, an enhanced edition of this document will be
published as a DoD directive. In the interim, Office of the Department
is coordinating the required Federal Acquisition Regulation and Defense
Federal Acquisition Regulation clauses needed to implement the
congressional intent outline in the `Private Security Contractors
(PSCs) Operating in Contingency Operations' document. Recognizing there
is no one size tits all solution to vetting PSC, the Department is also
soliciting input from the Geographical Commanders on this subject.
DoD Regulation 5200.8, "Security of DoD Installations and Resources".
requires DoD Components to develop training, qualification, and
suitability requirements for dedicated security forces (including
contracted security forces where employed). The Operational Contract
Support Capabilities Integrations Board will develop enchantments to
the processes, procedures, and requirements for selection,
accountability, training, equipping, and conduct of personnel
performing private security functions under a covered contract during a
combat operations should be worked via the Operational Contract Support
Functional Capabilities Integrations Board in concert with Under
Secretary of Defense for Acquisition, Technology and Logistics, Under
Secretary of Defense for Intelligence, Under Secretary of Defense for
Personnel and Readiness, and DoD components.
Recommendation 3: The GAO recommends that the Secretary of Defense
direct the Under Secretary of Defense for Acquisition, Technology, and
Logistics to direct the geographic combat commander to develop and
publish the regulations, orders, directives, instructions and
procedures for private security contractors operating during a
contingency operation within their area of responsibility.
DoD Response: Partially concur. DoD has accomplished this task, in
large part, through to the publication of Multi National Forces-Iraq
Operations Order 09-01 "Requirements, Communications, Procedures, and
Responsibilities for Control, Coordination, Management and Oversight of
Armed Contractors/DoD Civilians and Private Security companies (PSC)"
in Iraq and OPORD 09-03 "Department of Defense (DoD) Armed Contractors
and PSCs (AC/PSCs) in Afghanistan. These dynamic documents are updated
as conditions dictate.
Recommendation 4: The GAO recommends that the Secretary of Defense
direct the Under Secretary of Defense for Acquisitions, Technology and
Logistics to provide a report to Congress with the timelines for
completing the minimum processes discussed in the recommendation above.
DOD Response: Concur.
Recommendation 5: The GAO recommends that the Secretary of Defense
direct the Under Secretary of Defense for Acquisitions, Technology and
Logistics to revise the Federal Acquisition Regulation to require the
insertion into each covered contract a clause addressing the selection,
training, equipping, and conduct of personnel performing private
security functions under such contract.
DOD Response: Concur. DoD requirements are already included in the
Defense Federal Acquisition Regulation 52.225-19 `Contractor Personnel
in a Designated Operational Area or Supporting a Diplomatic or Consular
Mission Outside the United States.' Interagency requirements will be
addressed in the forth coming Federal Acquisition Regulation
requirements directed by the newly published Interim Final Report.
[End of section]
Related GAO Products:
Rebuilding Iraq: DOD and State Department Have Improved Oversight and
Coordination of Private Security Contractors in Iraq, but Further
Actions Are Needed to Sustain Improvements. [hyperlink,
http://www.gao.gov/products/GAO-08-966]. Washington, D.C.: July 31,
2008.
Military Operations: Implementation of Existing Guidance and Other
Actions Needed to Improve DOD's Oversight and Management of Contractors
in Future Operations. [hyperlink,
http://www.gao.gov/products/GAO-08-436T]. Washington, D.C.: January 24,
2008.
Military Operations: Background Screenings of Contractor Employees
Supporting Deployed Forces May Lack Critical Information, but U.S.
Forces Take Steps to Mitigate the Risk Contractors May Pose.
[hyperlink, http://www.gao.gov/products/GAO-06-999R]. Washington, D.C.:
September 22, 2006.
Rebuilding Iraq: Actions Still Needed to Improve the Use of Private
Security Providers. [hyperlink,
http://www.gao.gov/products/GAO-06-865T]. Washington, D.C.: June 13,
2006.
Military Operations: High-Level DOD Action Needed to Address Long-
standing Problems with Management and Oversight of Contractors
Supporting Deployed Forces. [hyperlink,
http://www.gao.gov/products/GAO-07-145]. Washington, D.C.: December 18,
2006.
Electronic Government: Agencies Face Challenges in Implementing New
Federal Employee Identification Standard. [hyperlink,
http://www.gao.gov/products/GAO-06-178]. Washington, D.C.: February 1,
2006.
[End of section]
Footnotes:
[1] The Commission on Wartime Contracting in Iraq and Afghanistan, At
What Cost? Contingency Contracting in Iraq and Afghanistan, June 2009.
[2] DOD estimates are as of March 31, 2009, and State estimates are as
of February 28, 2009.
[3] GAO, Military Operations: Background Screenings of Contractor
Employees Supporting Deployed Forces May Lack Critical Information, but
U.S. Forces Take Steps to Mitigate the Risk Contractors May Pose,
[hyperlink, http://www.gao.gov/products/GAO-06-999R] (Washington, D.C.:
Sept. 22, 2006).
[4] GAO, Rebuilding Iraq: DOD and State Department Have Improved
Oversight and Coordination of Private Security Contractors in Iraq, but
Further Actions Are Needed to Sustain Improvements, [hyperlink,
http://www.gao.gov/products/GAO-08-966] (Washington, D.C.: July 31,
2008).
[5] GAO, Military Operations: Background Screenings of Contractor
Employees Supporting Deployed Forces May Lack Critical Information, but
U.S. Forces Take Steps to Mitigate the Risk Contractors May Pose,
[hyperlink, http://www.gao.gov/products/GAO-06-999R] (Washington, D.C.:
Sept. 22, 2006).
[6] [hyperlink, http://www.gao.gov/products/GAO-06-999R].
[7] A NACI consists of searches of the Office of Personnel Management
Security/Suitability Investigations Index, the Defense Clearance and
Investigations Index, the Federal Bureau of Investigation
Identification Division's name and fingerprint files, and other files
or indexes when necessary. It also includes written inquiries and
searches of records covering specific areas of an individual's
background during the past 5 years (inquiries sent to current and past
employers, schools attended, references, and local law enforcement
authorities).
[8] [hyperlink, http://www.gao.gov/products/GAO-06-999R].
[9] DOD Instruction 5200.08, Security of DOD Installations and
Resources, December 10, 2005.
[10] Pub. L. No. 99-399 (1986).
[11] As amended by Section 853 of the Duncan Hunter National Defense
Authorization Act for Fiscal Year 2009.
[12] Section 864 of the FY2008 NDAA defines a "covered contract" as (a)
a contract of a federal agency for the performance of services in an
area of combat operations; (b) a subcontract at any tier under such a
contract; or (c) a task order or delivery order issued under such a
contract or subcontract.
[13] The Directive-Type Memoranda became effective November 26, 2008,
and states that it shall be converted to a new DOD Instruction within
180 days.
[14] [hyperlink, http://www.gao.gov/products/GAO-06-999R].
[15] GAO, Contract Management: Contracting for Iraq Reconstruction and
for Global Logistics Support, [hyperlink,
http://www.gao.gov/products/GAO-04-869T] (Washington, D.C.: June 15,
2004).
[16] GAO, Rebuilding Iraq: DOD and State Department Have Improved
Oversight and Coordination of Private Security Contractors in Iraq, but
Further Actions Are Needed to Sustain Improvements, [hyperlink,
http://www.gao.gov/products/GAO-08-966] (Washington, D.C.: July 31,
2008).
[17] Special Inspector General for Iraq Reconstruction, Need to Enhance
Oversight of Theater Wide Internal Security Services Contracts, SIGIR-
09-017 (Arlington, Va.: Apr. 24, 2009).
[18] MNC-I, part of MNF-I, is the tactical unit responsible for the
command and control of operations throughout Iraq.
[19] This requirement was established to ensure compliance with the
Lautenberg Amendment to the Gun Control Act of 1968 (Pub. L. No. 90-
168). For example, pursuant to section 922 (g)(9) of Title 18 of the
U.S. Code it is unlawful for any person who has been convicted in any
court of a misdemeanor crime of domestic violence to possess any
firearm or ammunition.
[20] [hyperlink, http://www.gao.gov/products/GAO-06-999R].
[21] GAO, Electronic Government: Agencies Face Challenges in
Implementing New Federal Employee Identification Standard, [hyperlink,
http://www.gao.gov/products/GAO-06-178] (Washington, D.C.: Feb. 1,
2006).
[22] Army Regulation 190-56 prescribes policies and procedures for the
selection, management, employment, training, and certification of
Department of the Army security personnel and contract and contractor
security personnel involved in the protection and safeguarding of
personnel and property. It is applicable worldwide; however, outside of
the continental U.S. commanders are instructed to consider such factors
as host nation support and status of forces agreements when
implementing its policies and procedures.
[23] Army Regulation 190-56 provides that commanders of Army commands
outside of the continental U.S. will establish necessary security
screening procedures for security guard personnel to ensure that the
spirit and intent of the regulation are met.
[24] [hyperlink, http://www.gao.gov/products/GAO-06-999R].
[25] An interim rule is a rulemaking document that is effective
immediately and may request comments in the Federal Register. An
interim rule responds to an emergency situation and is usually followed
by a rule document that confirms that the interim rule is final and may
include further amendments. The DOD draft regulation on private
security contractors states that it is being published as an Interim
Final Rule because there is insufficient policy and guidance regulating
the actions of DOD and other governmental private security contractors
and their movements in the battlespace. It will be effective upon
publication in the Federal Register and has a 45 day comment period.
[26] The draft regulation states the relevant Chief of Mission will
develop and issue implementing instructions for non-DOD private
security contractor personnel consistent with the standards set forth
by the geographic combatant commanders.
[27] The draft regulation makes specific reference to DOD Directive
3020.49; DOD Instruction 3020.41; CJCS Instruction 3121.01B; DOD 5200.8-
R; DOD Directive 2311.01E; and DOD Directive 5210.56.
[28] Additional regulations referenced in the draft regulation provide
policy objectives and establish responsibilities regarding
qualification, training, screening and security of private security
contractors, but do not articulate processes. For instance, DOD 5200.08-
R, Physical Security Program (Apr. 9, 2007, incorporating Change 1,
May, 27, 2009) states as an objective the standardization of personal
identification and authentication at DOD installations and facilities,
using the Common Access Card as the universal authority of individual
authenticity and establishes that a NACI or equivalent national
security clearance is required for permanent issuance of the
credential. DOD Instruction 3020.41, Program Management for Acquisition
and Operational Contract Support in Contingency Operations (draft
update), establishes policy for integration of DOD contractor personnel
into military contingency operations overseas, but for specific
procedures relating to contingency personnel providing private security
services it references the forthcoming DOD Instruction, which will be
based on the interim final rule. DOD Directive 5210.56, Use of Deadly
Force and the Carrying of Firearms by DOD Personnel Engaged in Law
Enforcement and Security Duties (Nov. 1, 2001), directs heads of DOD
components to ensure that local commanders develop criteria, consistent
with this Directive and local law, for the carrying of firearms and the
use of force by contract security forces.
[29] Section 862 (a)(2)(D) was amended by Section 853 of the Duncan
Hunter National Defense Authorization Act for Fiscal Year 2009.
[30] An area of combat operation is defined in section 862 (c) of the
FY2008 NDAA as an area, including Iraq and Afghanistan, to be
designated by the Secretary of Defense.
[31] The summary statement of the draft regulation notes that the
Memorandum of Agreement provides appropriate procedures for private
security contractors in Iraq, but the draft regulation is needed to
implement equivalent procedures in Afghanistan.
[32] Pursuant to the Memorandum of Agreement, the Secretaries of
Defense and State agreed to jointly develop, implement, and follow core
standards, policies, and procedures for the accountability, oversight,
and discipline of private security contractors in Iraq.
[33] While DOD Instruction 3020.41 is not applicable to State, in July
2008, DOD entered a Memorandum of Understanding with State and USAID,
which designates SPOT as a central repository for information on
deployed contractors under DOD, State, and USAID contracts.
[34] GAO, Rebuilding Iraq: DOD and State Department Have Improved
Oversight and Coordination of Private Security Contractors in Iraq, but
Further Actions Are Needed to Sustain Improvements, [hyperlink,
http://www.gao.gov/products/GAO-08-966]. (Washington, D.C.: July 31,
2008).
[35] U.S. Department of State, Office of Inspector General, Performance
Audit of the Triple Canopy Contract for Personal Protective Services in
Iraq, Report Number MERO-IQO-09-03 (April 2009).
[36] U.S. Department of State, Office of Inspector General, Special
Inspector General for Iraq Reconstruction, Joint Audit of Blackwater
Contract and Task Orders for Worldwide Personal Protective Services in
Iraq, Report Numbers AUD/IQO-09-16, SIGIR 09-021 (June 2009).
[37] Special Inspector General for Iraq Reconstruction, Oversight of
Aegis's Performance on Security Services Contracts in Iraq with the
Department of Defense, SIGIR-09-010 (January 2009).
[38] DOD Instruction 2000.16, DOD Antiterrorism Standards, December 8,
20006.
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Phone:
The price of each GAO publication reflects GAO‘s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO‘s Web site,
[hyperlink, http://www.gao.gov/ordering.htm].
Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional
information.
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
