Afghanistan

U.S. Efforts to Vet Non-U.S. Vendors Need Improvement Gao ID: GAO-11-355 June 8, 2011

The Departments of Defense (DOD) and State (State) and the United States Agency for International Development (USAID) have collectively obligated billions of dollars for contracts and assistance to support U.S. efforts in Afghanistan. There are concerns that U.S. funds are being diverted to fund insurgent and criminal activity in Afghanistan. In light of these concerns, under the authority of the Comptroller General of the United States, we initiated a review to identify DOD, State, and USAID efforts to vet non-U.S. contractors and assistance recipients in Afghanistan. GAO examined (1) the extent to which DOD has established a process to vet non-U.S. vendors to ensure that resources are not used to support insurgents; (2) the extent to which State and USAID have established processes to vet vendors and assistance recipients; and (3) the extent to which vetting information is shared among DOD, State, and USAID. GAO reviewed documents and met with a variety of agency officials to address the report's objectives.

While DOD's U.S. Central Command (CENTCOM) has established a vetting cell to vet non-U.S. vendors in Afghanistan to minimize the risk of insurgents or criminal groups using contracts to fund their operations, its current approach for selecting vendors to vet has gaps. For example, vendors with contracts below $100,000 are not routinely vetted. In fiscal year 2010 around three-quarters of the command's new contracts with non-U.S. vendors were below $100,000. Subcontractors are also not routinely vetted. Command officials stated that CENTCOM uses other risk factors to prioritize vendors to vet, such as contracts performed in Taliban strongholds, but these factors have not been documented. While officials stated that the vetting cell was created to vet vendors prior to award, CENTCOM is largely vetting vendors with existing contracts, which means it is likely that there are a large number of new vendors that have not been vetted prior to award and may have to be vetted in the future. Also, the vetting effort now includes some U.S. Army Corps of Engineers vendors. However, the vetting cell was not staffed to accommodate this workload, so it is uncertain how its existing resources will be able to vet vendors in a timely manner. Without accurately defining the universe of contracts that may need to be vetted, adopting a formal risk-based approach that incorporates other risk factors to identify non-U.S. vendors that pose the highest risk, and identifying the resources needed to accomplish this, it is uncertain how the vetting cell will be able to meet the additional workload and achieve its goals. In January 2011, USAID created a process intended to vet non-U.S. implementing partners in Afghanistan; however, this process may face similar limitations as CENTCOM's. According to USAID officials, this decision was based on the urgent need to mitigate the risks of USAID funds being diverted to insurgent groups. While USAID's process is in the early stages, it proposes to vet non-U.S. implementing partners and at least first-tier subcontractors with contracts valued at $150,000 or more. USAID officials said that they are considering changing the dollar threshold or vetting other potential assistance recipients based on risk; however, the available documentation does not include other risk factors. As of March 2011, State had not developed a process to vet contractor firms in Afghanistan. Since 2008, State has required that a terrorist financing risk assessment be completed for any new program or activity prior to a request for or obligation of funding. However, it does not use the same information as the CENTCOM or USAID vetting cells. Additionally, its use of Afghan vendors may increase under the Afghan First policy. Absent a way to consider the risk posed by non-U.S. vendors, State may not be well prepared to assess the potential for its funds to be diverted to criminal or insurgent groups. DOD and USAID share vetting information informally, but without a formal mechanism to share vetting results the two agencies cannot ensure that their current practices will endure. Further, as State expands its use of local contractors, it will become imperative that it is part of the data sharing with DOD and USAID. GAO is making recommendations related to improving DOD's and USAID's vetting processes and information sharing. GAO is also recommending that State assess the need for and possible options to vet non-U.S. vendors. DOD and USAID concurred with GAO's recommendations. State generally concurred.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.

Director: William M. Solis Team: Government Accountability Office: Defense Capabilities and Management Phone: (202) 512-8365


GAO-11-355, Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement This is the accessible text file for GAO report number GAO-11-355 entitled 'Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement' which was released on June 8, 2011. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. United States Government Accountability Office: GAO: Report to Congressional Addressees: June 2011: Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement: GAO-11-355: GAO Highlights: Highlights of GAO-11-355, a report to congressional addressees. Why GAO Did This Study: The Departments of Defense (DOD) and State (State) and the United States Agency for International Development (USAID) have collectively obligated billions of dollars for contracts and assistance to support U.S. efforts in Afghanistan. There are concerns that U.S. funds are being diverted to fund insurgent and criminal activity in Afghanistan. In light of these concerns, under the authority of the Comptroller General of the United States, we initiated a review to identify DOD, State, and USAID efforts to vet non-U.S. contractors and assistance recipients in Afghanistan. GAO examined (1) the extent to which DOD has established a process to vet non-U.S. vendors to ensure that resources are not used to support insurgents; (2) the extent to which State and USAID have established processes to vet vendors and assistance recipients; and (3) the extent to which vetting information is shared among DOD, State, and USAID. GAO reviewed documents and met with a variety of agency officials to address the report‘s objectives. What GAO Found: While DOD‘s U.S. Central Command (CENTCOM) has established a vetting cell to vet non-U.S. vendors in Afghanistan to minimize the risk of insurgents or criminal groups using contracts to fund their operations, its current approach for selecting vendors to vet has gaps. For example, vendors with contracts below $100,000 are not routinely vetted. In fiscal year 2010 around three-quarters of the command‘s new contracts with non-U.S. vendors were below $100,000. Subcontractors are also not routinely vetted. Command officials stated that CENTCOM uses other risk factors to prioritize vendors to vet, such as contracts performed in Taliban strongholds, but these factors have not been documented. While officials stated that the vetting cell was created to vet vendors prior to award, CENTCOM is largely vetting vendors with existing contracts, which means it is likely that there are a large number of new vendors that have not been vetted prior to award and may have to be vetted in the future. Also, the vetting effort now includes some U.S. Army Corps of Engineers vendors. However, the vetting cell was not staffed to accommodate this workload, so it is uncertain how its existing resources will be able to vet vendors in a timely manner. Without accurately defining the universe of contracts that may need to be vetted, adopting a formal risk-based approach that incorporates other risk factors to identify non-U.S. vendors that pose the highest risk, and identifying the resources needed to accomplish this, it is uncertain how the vetting cell will be able to meet the additional workload and achieve its goals. In January 2011, USAID created a process intended to vet non-U.S. implementing partners in Afghanistan; however, this process may face similar limitations as CENTCOM‘s. According to USAID officials, this decision was based on the urgent need to mitigate the risks of USAID funds being diverted to insurgent groups. While USAID‘s process is in the early stages, it proposes to vet non-U.S. implementing partners and at least first-tier subcontractors with contracts valued at $150,000 or more. USAID officials said that they are considering changing the dollar threshold or vetting other potential assistance recipients based on risk; however, the available documentation does not include other risk factors. As of March 2011, State had not developed a process to vet contractor firms in Afghanistan. Since 2008, State has required that a terrorist financing risk assessment be completed for any new program or activity prior to a request for or obligation of funding. However, it does not use the same information as the CENTCOM or USAID vetting cells. Additionally, its use of Afghan vendors may increase under the Afghan First policy. Absent a way to consider the risk posed by non-U.S. vendors, State may not be well prepared to assess the potential for its funds to be diverted to criminal or insurgent groups. DOD and USAID share vetting information informally, but without a formal mechanism to share vetting results the two agencies cannot ensure that their current practices will endure. Further, as State expands its use of local contractors, it will become imperative that it is part of the data sharing with DOD and USAID. What GAO Recommends: GAO is making recommendations related to improving DOD‘s and USAID‘s vetting processes and information sharing. GAO is also recommending that State assess the need for and possible options to vet non-U.S. vendors. DOD and USAID concurred with GAO‘s recommendations. State generally concurred. View [hyperlink, http://www.gao.gov/products/GAO-11-355] or key components. For more information, contact William Solis at (202) 512- 8365 or solisw@gao.gov. [End of section] Contents: Letter: Background: DOD Has Recently Begun to Vet Non-U.S. Vendors in Afghanistan, but Its Efforts Could Be Strengthened by a Risk-Based Approach: USAID Has Begun to Develop a Vendor Vetting Process, but State Has Not: DOD, USAID, and State Have Not Developed a Formal Method of Sharing Vendor Vetting Information in Afghanistan: Conclusions: Recommendations for Executive Action: Agency Comments and Our Evaluation: Appendix I: Scope and Methodology: Appendix II: Comments from the Department of Defense: Appendix III: Comments from the United States Agency for International Development: Appendix IV: Comments from the Department of State: Appendix V: GAO Contact and Staff Acknowledgments: Tables: Table 1: CENTCOM Fiscal Year 2010 Contracts and Blanket Purchase Agreements Awarded and Options Exercised Where Place of Performance Was Afghanistan, by Dollar Category: Table 2: USAID Fiscal Year 2010 New Awards in Afghanistan: Table 3: State's Fiscal Year 2010 New Awards in Afghanistan: Abbreviations: CENTCOM: U.S. Central Command: COIN: counterinsurgency: COMISAF: Commander, International Security Assistance Force: DOD: Department of Defense: FPDS-NG: Federal Procurement Database System-Next Generation: ISAF: International Security Assistance Force: NATO: North Atlantic Treaty Organization: USAID: United States Agency for International Development: USACE: U.S. Army Corps of Engineers: USFOR-A: United States Forces - Afghanistan: [End of section] United States Government Accountability Office: Washington, DC 20548: June 8, 2011: Congressional Addressees: In fiscal year 2009 and the first half of fiscal year 2010, the Departments of Defense (DOD) and State (State) and the United States Agency for International Development (USAID) collectively reported obligations of at least $17.2 billion on contracts and various assistance instruments to support U.S. efforts in Afghanistan. [Footnote 1] The use of non-U.S. vendors--and, in particular, Afghan vendors--is expected to increase, as the Afghan First policy adopted by the International Security Assistance Force (ISAF), United States Forces - Afghanistan (USFOR-A), and the U.S. Embassy in Kabul, Afghanistan, encourages an increased use of local personnel and vendors for goods and services as part of the U.S. counterinsurgency (COIN) strategy.[Footnote 2] Additionally, in September 2010, the USFOR-A/ISAF Commander released guidance encouraging the increased use of contracting with Afghan vendors and hiring of Afghan personnel to achieve U.S. COIN goals.[Footnote 3] Although DOD, State, and USAID have long used contractors and implementing partners to conduct their work, the agencies' current reliance on contractors to support U.S. efforts to stabilize and rebuild Afghanistan is unprecedented. We have previously reported on the contracting challenges agencies face in contingency environments.[Footnote 4] For example, the contracting environment in Afghanistan poses unique challenges, including the complexity of transporting supplies and equipment, the limited availability of staff for the needed level of oversight, the often limited capacity of local vendors, a lack of robust accounting and record keeping in the country, and a high volume of complex contracts and large-scale construction projects. Further, according to DOD officials and officials from other U.S. government agencies, and as suggested in congressional reports, U.S. contracting efforts take place in an environment characterized by actual and perceived widespread corruption in Afghan government and business and face the risk that some U.S. funds may be used to finance terrorist or insurgent groups. The U.S. government has taken a number of steps to prevent resources from being used to support terrorist activities or organizations--for example, Executive Order 13,224 was aimed at blocking the financing of terrorism.[Footnote 5] As the use of contractors and spending has grown in Afghanistan, U.S. government agencies and congressional committees have paid increasing attention to the risks of U.S. contracting and reconstruction funds being diverted to criminal or insurgent groups. For example, congressional legislation to address this issue has recently been proposed, and there have been congressional hearings and recent reports detailing examples of corruption and financing of insurgents in Afghanistan.[Footnote 6] In September 2010 COIN contracting guidance, the Commander of USFOR- A/ISAF directed contracting officials to establish systems and standard databases to ensure that contracts are not awarded to malign actors and funds are not diverted. Additionally, in 2010 DOD and other agencies spearheaded the creation of interagency efforts in Afghanistan intended to encourage transparency, prevent corruption, and identify malign actors. For example, in June 2010 DOD created Task Force 2010, which works to develop greater visibility over contracting networks, money flows, and the linkages to malign actors to better employ contracting to support COIN goals.[Footnote 7] Earlier, in 2009, the Drug Enforcement Agency, DOD, the Department of the Treasury, and other U.S. agencies established the Afghan Threat Finance Cell, which aims to identify and disrupt the funding of criminal and insurgent organizations. In light of these concerns, under the authority of the Comptroller General of the United States, we initiated a review to identify DOD, State, and USAID efforts to vet vendors and assistance recipients in Afghanistan[Footnote 8]. We examined (1) the extent to which DOD has established a process to vet non-U.S. vendors in Afghanistan, both to ensure that resources are not used to support insurgent or criminal groups and to safeguard U.S. personnel and assets against security risks; (2) the extent to which State and USAID have established processes to vet non-U.S. vendors and assistance recipients in Afghanistan; and (3) the extent to which vetting information is shared among DOD, State, and USAID. To conduct this work, we reviewed recent DOD, including U.S. Central Command (CENTCOM); State; and USAID policies and procedures.[Footnote 9] These include the most recent (November 2010) CENTCOM Contracting Command Acquisition Instruction as well as past versions, USAID's Mission Order for Afghanistan 201.03, and an April 2010 memorandum of understanding among DOD, State, and USAID relating to contracting in Iraq and Afghanistan. Additionally, we reviewed the DOD contract that establishes a vendor vetting cell in support of U.S. forces in Afghanistan and Iraq at CENTCOM headquarters in Tampa, Florida, and the contract's associated classified policies and procedures, as well as draft standard operating procedures for USAID's vetting support unit in Afghanistan. We interviewed cognizant DOD, State, and USAID officials in both Afghanistan and the United States, including DOD policy, logistics, and acquisition officials from the offices of the relevant Under Secretaries of Defense in Washington, D.C.; CENTCOM officials in the planning, logistics, and intelligence directorates, as well as representatives of the vendor vetting cell in Tampa, Florida; and USAID and State officials in Washington, D.C., responsible for contracting, procurement, and security. We do not discuss the mechanics of the vetting processes used by DOD and USAID in detail because we did not evaluate the effectiveness of the methods used by the agencies to conduct the vetting. In Afghanistan, we interviewed a variety of DOD, USFOR-A, and CENTCOM Contracting Command officials in Kabul, including the CENTCOM Senior Contracting Official- Afghanistan and the commanders of Task Force 2010 and other groups. [Footnote 10] Additionally, we put out data calls to USAID and State for their procurement data for fiscal year 2010 in Afghanistan. We present procurement data for fiscal year 2010 in Afghanistan, based on data calls to USAID and State, to give a broad context for the scale of awards to U.S. vendors compared to those to non-U.S. vendors and the amounts obligated and determined the method used to gather these data to be sufficiently reliable for this purpose. We also interviewed cognizant U.S. Embassy security and contracting officials and USAID security and contracting officials, all in Kabul. Additionally, we interviewed officials from regional contracting centers in Kabul, Bagram, Camp Leatherneck, and Kandahar; U.S. Army Corps of Engineers (USACE) officials in Kandahar and other locations; and ISAF contracting and security officials in Kabul and Kandahar. We conducted this performance audit from May 2010 through June 2011 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Details on our objectives, scope, and methodology are contained in appendix I. Background: In Afghanistan, the use of local vendors by U.S. and international forces as part of an effort to create economic development is considered to be one of the key supporting elements of the U.S. COIN strategy. For example, guidance issued in August 2010 and amplified in September 2010 by the ISAF/USFOR-A Commander emphasizes the role of contracting in the implementation of the COIN strategy. In Afghanistan, local personnel make up a significant portion of DOD's contractor workforce. According to CENTCOM's quarterly census data, in the first quarter of fiscal year 2011, there were more than 87,000 DOD contractor personnel in Afghanistan. Of those personnel, Afghan nationals made up approximately 53 percent of the contracted workforce.[Footnote 11] According to DOD, recent initiatives that have a direct influence on the hiring of local nationals in Afghanistan include developing a more skilled workforce; increasing business opportunities; increasing community cash flow; improving public infrastructure, such as roads and utilities; and enhancing community organizational capacity. In addition to its importance to DOD, local contracting is integral to the efforts of other U.S. government agencies, such as USAID, to rebuild and expand infrastructure and economic capacity in Afghanistan. Assisting in this effort by providing contracting support are numerous agencies, commands, and offices. For U.S. forces, the two primary DOD contracting entities in Afghanistan based on fiscal year 2010 obligations are CENTCOM Contracting Command and USACE. CENTCOM Contracting Command--whose structure includes the Senior Contracting Officer-Afghanistan and the regional contracting centers--obligated over $2.7 billion in contracts in fiscal year 2010.[Footnote 12] Also in fiscal year 2010, USACE obligated more than $1.8 billion, and it is expected to undertake approximately $3.7 billion in projects in Afghanistan in fiscal year 2011.[Footnote 13] Many of these reconstruction and infrastructure projects are expected to be built by vendors, including the extensive use of subcontractors. Further, in fiscal year 2010, USAID obligated over $2.7 billion in program funds for projects in Afghanistan.[Footnote 14] According to USAID officials, the agency is actively involved in using local vendors to provide goods and services. Additionally, contracts that support forces in Afghanistan may be awarded in the United States by contracting offices and commands, such as the Army Materiel Command's Rock Island Contracting Center and U.S. Transportation Command. According to State officials, most of the agency's contracts in Afghanistan are awarded by contracting officials in the United States. Further, given the NATO environment in Afghanistan, contracts that directly or indirectly support U.S. forces may also be awarded by the contracting offices of coalition partners, such as the United Kingdom and Germany, and by NATO contracting entities, such as the NATO Maintenance and Supply Agency. While the use of local vendors in Afghanistan is a key element of the COIN strategy, it also brings about challenges. For example, the ISAF/ USFOR-A Commander's September 2010 guidance cautions that if large quantities of international contracting funds are spent quickly and with insufficient oversight, it is likely that some of those funds will unintentionally fuel corruption, finance insurgent organizations, strengthen criminal patronage networks, and undermine efforts in Afghanistan. Further, the guidance suggests that extensive use of subcontractors in Afghanistan, as well as the lack of visibility of subcontractors by contracting personnel, could increase the risk of corruption. The September 2010 guidance directs commanders and contracting officials to gain and maintain visibility of the subcontractor network, and it warns that excessive subcontracting tiers provide opportunities for criminal networks and insurgents to divert contract money from its intended purpose. Additionally, USAID's Mission Order for Afghanistan 201.03 seeks to prevent USAID programs and funds from benefiting terrorists. To prevent resources from being used to support terrorist activities or organizations, steps have been taken, such as the issuance of Executive Order 13,224 in September 2001, which blocks the property of individuals and entities designated as terrorists and prohibits the support of these listed individuals or entities through dealing in blocked property.[Footnote 15] Additionally, various implementing regulations, found in the Federal Acquisition Regulation, prevent government agencies from contracting with designated individuals and entities, or require contracting officers to check potential contract awardees against lists such as the Excluded Parties List System.[Footnote 16] As part of the acquisition process, the Federal Acquisition Regulation indicates that contracts are to be awarded only to responsible prospective vendors.[Footnote 17] A contracting officer must make an affirmative determination of responsibility prior to awarding a contract. Guidance found in the CENTCOM Contracting Command Acquisition Instruction, which is intended to implement and supplement, among other regulations, the Federal Acquisition Regulation and the Defense Federal Acquisition Regulation Supplement and to establish general contracting procedures, states that its contracting officers "shall take all practicable steps to ensure the award of all contracts to responsible contractors." Both the Federal Acquisition Regulation and the Defense Federal Acquisition Regulation Supplement provide a number of elements to be considered in the determination of responsibility.[Footnote 18] Several of these are elaborated upon in the CENTCOM Contracting Command Acquisition Instruction, including adequate financial resources to perform the contract, the ability to comply with delivery or performance schedules, a satisfactory past performance record (when part of the evaluation), and integrity and business ethics. The integrity and business ethics element requires the contracting officer to verify that a prospective awardee is not included in the Excluded Parties List System. In response to continued congressional attention and concerns from DOD, USAID, and other agencies about actual and perceived corruption in Afghanistan and its impact on U.S. and ISAF activities, several DOD and interagency (including State and USAID) efforts have been established in Afghanistan to identify malign actors, encourage transparency, and prevent corruption. These efforts include the establishment of several interagency task forces, such as Task Force 2010, an interagency anticorruption task force that aims to provide commanders and civilian acquisition officials with an understanding of the flow of contract funds in Afghanistan in order to limit illicit and fraudulent access to those funds by criminal and insurgent groups, and the Afghan Threat Finance Cell, an interagency organization that aims to identify and disrupt funding of criminal and insurgent organizations. Additionally, ISAF and U.S. agencies have established several other joint task forces, including the Combined Joint Interagency Task Force Shafafiyat.[Footnote 19] Task Force Shafafiyat works to integrate ISAF and U.S. anticorruption efforts, such as Task Force 2010 and Task Force Spotlight, which focuses on private security contracting, with those of key Afghan government and civil society partners to foster a common understanding of the corruption problem in Afghanistan.[Footnote 20] DOD Has Recently Begun to Vet Non-U.S. Vendors in Afghanistan, but Its Efforts Could Be Strengthened by a Risk-Based Approach: CENTCOM Contracting Command Has Recently Begun to Vet Vendors in Afghanistan: In 2010, DOD began to vet non-U.S. vendors in Afghanistan by establishing at CENTCOM headquarters in Tampa, Florida, a vetting cell called the Vendor Vetting Reachback Cell (vetting cell).[Footnote 21] The purpose of this vetting process--which includes the examination of available background and intelligence information--is to reduce the possibility that insurgents or criminal groups could use U.S. contracting funds to finance their operations. The vetting cell is staffed by 18 contractor employees operating from CENTCOM headquarters and is supervised by DOD officials. The contract used to establish the vetting cell for Afghanistan was awarded in June 2010, and in August 2010 the cell began vetting non-U.S. vendors.[Footnote 22] According to the CENTCOM Contracting Command Acquisition Instruction, all contract awards or options equal to or above $100,000 to all non- U.S. vendors in Iraq and Afghanistan are subject to vetting by the vetting cell. Additionally, all information technology contracts in Afghanistan, regardless of dollar value, are subject to vetting. [Footnote 23] The Acquisition Instruction suggests that although not required, all vendors should be submitted for vetting--which would include those with contracts below $100,000. According to the Acquisition Instruction, to vet a vendor, a contracting officer, generally located in Afghanistan, submits a request using a Web-based database system known as the Joint Contingency Contracting System. [Footnote 24] These requests are ultimately directed to the vetting cell located at CENTCOM headquarters in Florida for vetting. The cell vets the vendor and provides a recommendation either to approve or disapprove it, which first goes to a DOD official in Tampa for review and then is forwarded to a DOD entity in Afghanistan, which makes the final determination. If the final determination calls for not contracting with the vendor, the customer (e.g., the battlespace owner) can request an exception to the policy proscribing DOD entities from awarding contracts to rejected vendors. According to the Acquisition Instruction, contracting officers should plan for the standard vetting process to take at least 14 calendar days. However, urgent vetting requests can be accomplished in 5 days. A request is considered urgent when the customer informs the contracting officer in writing that a delay will cause an operational crisis outweighing the risk of awarding to a potential rejected contractor. After the final determination is made, the approval or disapproval status of the vendor is entered and maintained within the Joint Contingency Contracting System database. According to CENTCOM officials, the cell is currently conducting periodic re-vettings of previously vetted vendors that are under contract, which the cell will continue to do as part of its duties. Additionally, while the vetting cell is structured to be able to vet any non-U.S. vendors, the current vetting emphasis is on Afghan vendors and those from neighboring countries. The CENTCOM Vetting Cell Has Recently Begun Vetting Vendors Used by USACE: USACE obligated over $1.8 billion in Afghanistan in fiscal year 2010, but until recently it did not have a process in place to routinely vet non-U.S. vendors. According to USACE officials, in fiscal year 2010, well over half of USACE contract awards and more than half of the dollars obligated went to non-U.S. vendors. USACE officials told us that recognizing the potential for overlap among vendors with which USACE and CENTCOM Contracting Command are contracting in Afghanistan, CENTCOM Contracting Command requested that USACE send a list of its most frequently used prime vendors to be vetted, beginning in January 2011. USACE officials told us that while CENTCOM Contracting Command has asked for a list of the most frequently used prime vendors as well as major subcontractors, it specifically asked USACE to stagger the submission of vendor names so as not to overwhelm the vetting cell. While USACE officials told us that some prime contractor names have been submitted, it is unclear when any subcontractor vendor names will be submitted for vetting. According to USACE officials, CENTCOM Contracting Command made this request, in part, because at the time USACE did not use the Joint Contingency Contracting System database, and as such CENTCOM Contracting Command personnel bear the burden of entering all USACE vendor data into the database. USACE officials told us that although USACE has not previously used the Joint Contingency Contracting System to track contracts and vendors, it has begun to train personnel, both in Afghanistan and in the United States, to use the database. Once this training is complete, USACE expects to have approximately 50 personnel available who could enter vendor information into the database, which USACE officials expect will relieve the burden of data entry on CENTCOM Contracting Command personnel. Vendor Vetting Process Faces Limitations: Vetting Cell Does Not Routinely Vet Vendors below $100,000 Threshold: The CENTCOM Acquisition Instruction requires that non-U.S. vendors competing for awards equal to or above $100,000 be vetted by the vetting cell. The Acquisition Instruction also encourages the vetting of prospective vendors competing for contracts below $100,000, but these contracts are not routinely vetted, and CENTCOM could not provide us with the specific number of vendors below the threshold that have been vetted to date. In Afghanistan, a significant portion of CENTCOM's new contracts and options exercised for fiscal year 2010 awarded by CENTCOM Contracting Command are below the $100,000 threshold. According to CENTCOM Contracting Command officials, with the increased focus on local contracting, the number of contracts below the threshold is expected to grow. See table 1 for a breakdown of the number and total obligated value of new contracts and blanket purchase agreements awarded and options exercised in fiscal year 2010, where the vendor was non-U.S. vendor, at or above and below the $100,000 threshold. This table shows that although more money is obligated to contracts and options at or above $100,000, there may be many more contracts awarded and options exercised below the $100,000 threshold. Table 1: CENTCOM Fiscal Year 2010 Contracts and Blanket Purchase Agreements Awarded and Options Exercised Where Place of Performance Was Afghanistan, by Dollar Category: FY10 contracts awarded and options exercised: $100,000 or more; Non-U.S. contractor: Number of contracts awarded and options exercised: 1,978; Non-U.S. contractor: FY10 award amount: $1,352,509,525; U.S. contractor: Number of contracts awarded and options exercised: 175; U.S. contractor: FY10 award amount: $227,464,630; Total: Number of contracts awarded and options exercised: 2,153; Total: FY10 award amount: $1,579,974,155. FY10 contracts awarded and options exercised: Less than $100,000; Non-U.S. contractor: Number of contracts awarded and options exercised: 6,509; Non-U.S. contractor: FY10 award amount: $144,046,747; U.S. contractor: Number of contracts awarded and options exercised: 1,633; U.S. contractor: FY10 award amount: $19,739,633; Total: Number of contracts awarded and options exercised: 8,142; Total: FY10 award amount: $163,786,379. FY10 contracts awarded and options exercised: Total; Non-U.S. contractor: Number of contracts awarded and options exercised: 8,487; Non-U.S. contractor: FY10 award amount: $1,496,556,272; U.S. contractor: Number of contracts awarded and options exercised: 1,808; U.S. contractor: FY10 award amount: $247,204,263; Total: Number of contracts awarded and options exercised: 10,295; Total: FY10 award amount: $1,743,760,535. Source: GAO analysis of Federal Procurement Database System-Next Generation (FPDS-NG) data, April 2011.[Footnote 25] Notes: Non-U.S. contractors were identified in the system as contractors where vendor country was not the United States or where contractor name was "miscellaneous foreign contractor." Award amount is the amount of the initial obligation for contracts and purchase orders; the obligation for options exercised in fiscal year 2010; and because of the lack of estimate value for blanket purchase agreements and indefinite delivery contracts, the fiscal year 2010 obligated amount for calls and orders performed in Afghanistan. FPDS-NG includes unclassified contracts that are estimated to be $3,000 or more and any modifications to these contracts regardless of dollar value. Further, the number of contracts and task orders does not necessarily equal the number of vendors as some vendors may have more than one contract or task order. Totals may not add due to rounding. [End of table] Additionally, USFOR-A and CENTCOM officials told us it is possible that the same contractor may have multiple contracts with them that taken individually fall below the $100,000 mark but when viewed collectively could meet or exceed the $100,000 threshold. According to DOD contracting officials and supervisors of the vetting cell, the contract terms do not specifically exclude vendors below the dollar threshold from what the cell can vet. Further, CENTCOM Contracting Command officials stated that if a contracting officer or his or her representative knows of a specific prospective vendor holding or competing for numerous contracts below the threshold, officials are free to recommend that the vendor be vetted. Officials also stated that they are currently considering the vetting of non- information technology vendors that fall below the dollar threshold. However, there is no policy or guidance for this; any such vetting would be conducted on an ad hoc basis. And while CENTCOM Contracting Command officials have stated that vetting additional prospective vendors would more fully address potential risks, they have expressed concern that available vetting cell capacity may not be able to accommodate a large increase should vendors below the threshold be included. Vetting Cell Does Not Routinely Vet Subcontractors: Currently, CENTCOM Contracting Command does not routinely vet subcontractor vendors--even when the value of a subcontractor's work exceeds the $100,000 threshold. Officials from multiple DOD contracting entities with whom we spoke said that subcontractors conduct much of the work in Afghanistan, with some contracts having multiple tiers of subcontractors. For example, USACE contracting officials stated that prime vendors that are awarded large construction contracts often use multiple subcontractor tiers in Afghanistan, and officials recognize that given the high dollar value of their contracts, a significant risk is introduced at the subcontractor level. In addition, officials from USFOR-A stated that the Host Nation Trucking contract--the contract by which most of the goods needed to support U.S. warfighters are transported throughout Afghanistan--utilizes multiple tiers of trucking and security subcontractors. In September 2010, ISAF/USFOR-A released additional COIN contracting guidance that directs officials to gain more visibility over the networks of subcontractors in Afghanistan. The guidance further states that officials are to contract with vendors that have fewer subcontractors since excessive subcontracting can provide opportunities for criminal networks and insurgents to divert contract money from its intended purpose[Footnote 26].: USACE contracting officials stated that they plan to submit major subcontractors through CENTCOM Contracting Command's vendor vetting process, though officials did not know when this would occur or what number of subcontractors the vetting cell would be able to support. As with the dollar threshold, CENTCOM officials stated that while the vendor vetting cell contract does not specifically preclude officials from submitting subcontractors to be vetted, the cell was not designed, in terms of its number of staff, to vet subcontractors. However, contracting officials who administer the vetting cell contract, as well as vetting cell officials who conduct the work, stated that the contract was created with the flexibility to enable a reallocation of staff between the Iraq and Afghanistan cells if CENTCOM Contracting Command wanted to vet vendors below the $100,000 threshold and to vet subcontractors. Contracting officials have also indicated that the lack of visibility over subcontractors impairs their ability to provide subcontractor names to the vendor vetting cell. In August 2010, in order to gain more visibility over subcontractors, CENTCOM Contracting Command issued Policy Memorandum No. 10-09, which directs that effective August 31, 2010, contracting officers must make a subcontractor responsibility determination in writing, when the prime contractor identifies that it intends to subcontract a portion of the contract, regardless of a contract's dollar value.[Footnote 27] Vetting Cell's Requirements and Resources Not Clearly Defined: When CENTCOM Contracting Command established the vendor vetting cell for Afghanistan, it did so without clearly defining the command's requirements. According to CENTCOM Contracting Command officials, the requirements in the contract that established, staffed, and resourced the Afghanistan vetting cell were defined with the intention of determining a non-U.S. vendor's eligibility to be awarded a contract in Afghanistan prior to award. However, according to command officials, the vetting cell has been focused on vetting vendors that have already been awarded contracts. According to CENTCOM Contracting Command officials, they began vetting vendors who had already received contracts in order to address immediate corruption and illicit funding concerns.[Footnote 28] As of March 12, 2011, CENTCOM Contracting Command officials stated that a total of 248 vendors, most of which are on existing contracts, had been vetted, 19 of which had been rejected. Additionally, officials added that the most recent output average is 15 vendors vetted per week and that contracts valued at $100,000 were awarded to 1,042 Afghan vendors in fiscal year 2010. At the current average of 15 vets per week it would take another 53 weeks, or until late March 2012, just to complete the vetting of host- nation vendors with contracts of $100,000 or more awarded in fiscal year 2010. Furthermore, the number of vendors awarded contracts prior to vetting continues to grow as contracts continue to be awarded in Afghanistan by CENTCOM Contracting Command during fiscal year 2011. As of April 2011 CENTCOM Contracting Command has not determined how many of the remaining non-U.S. vendors that have already been awarded contracts valued above $100,000 will be vetted in the future, a timeline for when it will begin vetting vendors prior to award, or an estimate number of anticipated prospective vendors that will be vetted for the remainder of the fiscal year. As we have previously reported, without a sufficient understanding of projected needs, it is difficult to define accurate requirements, which can result in diminished operational capability.[Footnote 29] Further, leading federal management practices for improving performance state that when planning activities, defined goals, such as desired output, must be linked with resources in order to effectively and efficiently achieve results.[Footnote 30] Since the backlog of vendors not vetted continues to grow, it is uncertain how the current vetting process and existing resources will bear the addition of other existing non-U.S. vendors, prospective CENTCOM Contracting Command vendors, and vendors from other contracting commands, such as the January 2011 addition of some USACE contracts. CENTCOM Contracting Command Considers Other Factors in Prioritizing Vetting Needs but Has Not Formalized or Documented a Risk-Based Approach: CENTCOM Contracting Command and other contracting officials stated that it would be beneficial to include certain contracts below $100,000 and large subcontractors in its vetting process. We have previously reported that a risk-based approach can help DOD and other executive agencies strategically allocate resources to achieve desired outcomes, including those for contract oversight, and DOD has also recognized the usefulness of such an approach to effectively use existing resources in its acquisitions.[Footnote 31] For example, we reported that dollar value alone may not be a good proxy for risk for every type of contract and that other factors could also be used to identify potential risk, such as the characteristics of the activity being performed, the location, or the type of contract.[Footnote 32] CENTCOM Contracting Command officials stated in February 2011 that because of their concerns regarding the vetting cell's capacity, as well as their desire to use the vetting cell resources efficiently and immediately, they prioritized the first tranche of vendors vetted based on a variety of factors in addition to the dollar threshold and vendor type given in the Acquisition Instruction. Specifically, officials stated that the first set of vendors vetted were drawn from contracts performed in Kandahar province, which is generally accepted as a Taliban stronghold; high-value and high-risk contracts, such as private security contracts; complex contracts, such as the Host Nation Trucking contract; and some high-value construction projects in certain high-threat regions. DOD's use and consideration of additional risk factors to the criteria articulated in the Acquisition Instruction have not been formalized and documented, however. According to CENTCOM officials, they used an ad hoc approach for including other risk factors to help prioritize which vendors to vet once the cell was initially under way; however, officials could not explain to what extent this risk-based approach would continue to be used in the future, or to include vendors that fall outside of the Acquisition Instruction vetting criteria. CENTCOM Contracting Command officials indicated in February 2011 that they are working to formalize this approach, for example, in a set of standard operating procedures or white paper; however, these documents have not yet been completed, and officials could not provide any further information. Utilizing a risk-based approach to identify high-risk vendors below the $100,000 threshold, as well as subcontractors, could enable CENTCOM Contracting Command to expand its ability to prevent contracts from going to criminal or insurgent groups within existing resource constraints, particularly as CENTCOM Contracting Command balances vetting existing contracts, those prior to award, and vendors from other commands. For instance, while officials have stated that the USACE's subcontractors pose a large risk because the high value of their construction contracts, they stated that some of the larger subcontractors are prime vendors for other projects, and many of the USACE subcontractors are also used by CENTCOM Contracting Command, either as prime contractors or subcontractors. USACE officials also stated that as of February 2011, their hope is that their large subcontractors that are not vetted through their roles as prime contractors will be submitted to the CENTCOM vetting cell soon, and that USACE aims to decrease the data entry burden on CENTCOM Contracting Command by beginning to use its own personnel to enter information into the Joint Contingency Contracting System. However, as of February 2011, CENTCOM Contracting Command and USACE officials could not specify when USACE will begin submitting subcontractors for vetting because of CENTCOM Contracting Command's questions regarding the vetting cell's capacity, and to date CENTCOM has no plans to begin routinely vetting its subcontractors. USAID Has Begun to Develop a Vendor Vetting Process, but State Has Not: USAID Has Recently Established a Unit to Vet Non-U.S. Implementing Partners in Afghanistan, Though Details of the Process Have Not Been Finalized: In January 2011, in order to counter potential risks of U.S. funds being diverted to support criminal or insurgent activity, USAID created a process for vetting prospective non-U.S. contract and assistance recipients (i.e., implementing partners) in Afghanistan, which is similar to a vetting process it has used in the West Bank and Gaza since 2006.[Footnote 33] Previously, as of October 2010, USAID officials indicated that they expected to use the CENTCOM Contracting Command vetting cell to vet potential non-U.S. implementing partners-- whether through a formal interagency agreement, shared system or platform, or some other information-sharing arrangement. At the time, officials expressed that they wanted to have one consistent U.S. government approach for vetting non-U.S. vendors in Afghanistan to ensure that no USAID implementing partners engage in or support criminal or insurgent groups with contract or other assistance funds. As illustrated in table 2, in fiscal year 2010 USAID reported 114 new contracts and other awards to U.S. partners valued at over $285 million, and 126 to non-U.S. partners valued at almost $46 million. While the number of dollars USAID reported as obligated to non-U.S. partners is substantially lower than that to U.S. partners, the numbers of awards given is higher. In addition, as with DOD, USAID officials said the use of subcontractors/subawardees is extensive, and the use of host-nation partners is expected to increase. Table 2: USAID Fiscal Year 2010 New Awards in Afghanistan: U.S. vendors; Number of awards: 114; Percentage of awards: 47.5%; Dollars obligated: $285,509,259; Percentage of dollars obligated: 86%. Non-U.S. vendors; Number of awards: 126; Percentage of awards: 52.5%; Dollars obligated: $45,984,061; Percentage of dollars obligated: 14%. Total; Number of awards: 240; Percentage of awards: 100.0%; Dollars obligated: $331,493,320; Percentage of dollars obligated: 100%. Source: GAO analysis of USAID data. Note: Number of awards given to a type of partner does not indicate the number of individual partners used. [End of table] According to USAID officials, the agency had long been interested in vetting its non-U.S. implementing partners in Afghanistan and, with the establishment of the CENTCOM vetting cell, USAID had been working with CENTCOM's Senior Contracting Official in Afghanistan to do so. However, in late 2010 several factors emerged that led USAID to immediately begin exploring whether the CENTCOM Contracting Command vetting cell best met its needs or, alternatively, the agency needed to establish its own vetting process. For example, USAID officials said that in October 2010 they received a report by the Afghan Threat Finance Cell that found that a certain percentage of USAID dollars were being diverted in certain Afghan provinces and in some cases funneled to insurgent groups. Additionally, in determining if CENTCOM's vetting cell could meet its needs, officials stated that they sent a test vetting through the cell and that it took nearly 3 months for the vetting cell to provide results. Once USAID began looking into the possibility of setting up a vetting unit, officials said they assessed that the agency had existing capabilities from its vetting process used in the West Bank and Gaza with which to implement a process similar to CENTCOM's without having to establish a duplicative system. According to USAID officials, given the urgent need to mitigate the issues reported by the Afghan Threat Finance Cell, the timelines experienced with the CENTCOM vetting cell, and the availability of existing vetting resources within USAID, the agency, in consultation with the Coordinating Director for Development and Economic Affairs for the U.S. Embassy in Kabul, decided that a Kabul- based USAID vetting support unit separate from CENTCOM's process would most immediately and effectively meet the agency's needs. USAID officials stated that in preparation for standing up the vetting support unit, the agency sent representatives from its Office of Security to observe the CENTCOM vendor vetting cell's process. According to USAID officials, after observing the CENTCOM process they concluded that USAID had the existing resources and ability to similarly vet its implementing partners within timelines that met the agency's needs. In January 2011, USAID issued a cable outlining the initial structure of its newly created vetting support unit in Afghanistan, and as of March 2011 USAID officials were in the process of drafting standard operating procedures. According to USAID officials and the January 2011 cable, the purpose of the vetting support unit is to help ensure that U.S. government funds do not support malign actors, such as insurgents, corrupt power brokers, and criminal patronage networks. The unit is to comprise an intelligence analyst and two or more permanent support staff stationed in Kabul, who would reach back to existing vetting analysts in USAID's Office of Security in Washington, D.C., who would conduct the vetting. As with the CENTCOM process, the actual vetting would take place in the United States, while information identifying the prospective non-U.S. partners would be forwarded from the support unit in Afghanistan to USAID's vetting database.[Footnote 34] If USAID analysts find derogatory information, the final decision about whether to use the partner would reside with USAID officials in Afghanistan. Although the vetting unit is currently situated within the Office of Acquisition and Assistance in Kabul, USAID officials stated that the responsibilities of the unit are more closely aligned with security- related functions rather than the formal acquisition process, and that many details of the unit are still being determined. As of February 2011, USAID officials stated that the vetting support unit is currently staffed with temporary personnel, and they expect the process of hiring permanent staff to be complete in 3 to 6 months. The USAID vetting process, as it is described by officials and in preliminary documentation, may have limitations that are similar to those of CENTCOM. For example, USAID's January 2011 cable indicates that there is a $150,000 award threshold for selecting potential implementing partners to vet, and USAID is still finalizing the extent to which it will vet subcontractors/subawardees. In addition, according to USAID officials, as a first step while the unit hires permanent staff, it will focus first on host-nation partners when it plans to begin vetting in April 2011. However, USAID officials indicated that the agency's vendor vetting process was still in the early stages, and it is expected to be an iterative implementation process--aspects of which could change, such as the vetting threshold and expanding vetting to other non-U.S. partners. Officials stated that ultimately, the formalized vetting criteria will likely incorporate the assessment of other risk factors, such as which province the activity is located in and local knowledge of USAID officials; however, these criteria have not yet been included in preliminary documents. In addition, in March 2011 officials noted that the vetting support unit will vet at least first-tier potential subcontractors/subawardees that have been identified as apparent recipients of awards with a value of $150,000 or more, and will likely go beyond first-tier subcontractors/subawardees for certain awards, though this has also not been finalized. Further, officials pointed to their experience developing and implementing USAID's vetting efforts in the West Bank and Gaza--which has included trying different monetary thresholds, as well as vetting contract recipients whose cumulative awards reach the threshold in order to capture frequently used partners--and indicated that they expect to include such considerations as they continue to develop the vetting process. As previously discussed, we have frequently reported the value of using a risk-based approach to effectively achieve desired results.[Footnote 35] Incorporating such an approach into determining what implementing partners to vet--as USAID officials have indicated will occur but has not yet been documented--would increase USAID's ability to address the greatest risk with existing resources. State Has Not Created a Vendor Vetting Process for Afghanistan: As of March 2011, State was not vetting vendors in Afghanistan.[Footnote 36] State officials told us that currently many of their contracts are awarded to U.S. prime contractors, and they award relatively few contracts to non-U.S. vendors. However, table 3 shows that based on our analysis, State does work with many non-U.S. vendors in Afghanistan, but embassy officials in Kabul told us that they do not do any vetting or background checks on the vendors other than for the security risks posed by individual personnel with physical access to the embassy property or personnel. See table 3 for a comparison between quantities of awards to U.S. vendors and those to non-U.S. vendors. Table 3: State's Fiscal Year 2010 New Awards in Afghanistan: U.S. vendors; Number of awards: 124; Percentage of awards: 15.6%; Dollars obligated: $721,726,425; Percentage of dollars obligated: 93.1%. Non-U.S. vendors; Number of awards: 673; Percentage of awards: 84.4%; Dollars obligated: $53,226,821; Percentage of dollars obligated: 6.9%. Total; Number of awards: 797; Percentage of awards: 100.0%; Dollars obligated: $774,953,246; Percentage of dollars obligated: 100.0%. Source: GAO analysis of Federal Procurement Database System-Next Generation data, April 2011. Notes: This table includes data on non-U.S. contractors that were identified in the system as contractors where vendor country was not the United States or where contractor name was "miscellaneous foreign contractor." The number of awards does not necessarily equal the number of vendors as a vendor could have more than one award. [End of table] Further, State has endorsed the Afghan First policy, which will likely result in increased contracting with Afghan vendors in the future, which will in turn increase the potential for funds to be diverted to terrorist or insurgent groups.[Footnote 37] Given this potential increase in local contracting, and without a way to consider--after specific vendors are known to be candidates--the risk posed by funding non-U.S. vendors to perform particular activities in Afghanistan, the department may increasingly expose itself to contracting with malign actors. While State does not have a vendor vetting program, in 2008 State issued a cable that applies to both State and USAID, requiring personnel to complete a terrorist financing risk assessment for any new program or activity prior to requesting or obligating program funds. Periodic updates to the risk assessment are also completed for ongoing programs and activities, though these do not examine vendors against the same information as the CENTCOM or USAID vetting cells. The risk assessment is intended to ensure that projects and activities are not providing benefits, even inadvertently, to terrorists or their supporters, including people or organizations that are not specifically designated by the U.S. government as such but that may, nevertheless, be linked to terrorist activities. This risk assessment weighs the likelihood that a program or activity will inadvertently be funding or benefiting terrorists against the consequences of that occurring--a risk that varies greatly depending on the type and location of the program or activity. USAID and DOD's vendor vetting processes are intended to be conducted once a potential vendor for a specific contract or activity is known in order to determine whether awarding to a particular entity will increase the likelihood of U.S. funds being diverted to insurgent or other criminal actors, and additionally use law enforcement and intelligence information. [Footnote 38] DOD, USAID, and State Have Not Developed a Formal Method of Sharing Vendor Vetting Information in Afghanistan: Although DOD, USAID, and State likely utilize many of the same vendors in Afghanistan, the agencies have not developed a formalized process to share vendor vetting information. Currently, DOD and USAID officials in Afghanistan have established informal communication such as biweekly meetings, ongoing correspondence, and mutual participation in working groups. Further, DOD and USAID officials said that their vetting efforts are integrally related and are complementary to the work of the various interagency task forces, such as Task Force 2010 and the Afghan Threat Finance Cell, and that their mutual participation in these task forces contributes to interagency information sharing in general and vetting results in particular. However, a formal arrangement for sharing information such as would be included in a standard operating procedure or memorandum of agreement between DOD and USAID has not been developed. In addition, though the U.S. Embassy also participates in various interagency task forces, such as Task Force 2010, there is no ongoing information sharing of vendor vetting results, either ad hoc or formal. According to CENTCOM Contracting Command officials, the command is in the process of developing a standard operating procedure for sharing the vendor vetting results specifically with USAID, but this document has not yet been completed. Standards for internal control for the federal government highlight the importance of establishing and documenting communication and information-sharing capabilities to enable agencies to achieve their goals.[Footnote 39] In addition, prior GAO work has highlighted the importance of interagency information sharing and collaboration to achieve common outcomes.[Footnote 40] USAID and CENTCOM Contracting Command officials stated that interagency information sharing is active and effective; that ISAF, USFOR-A, and USAID are in constant communication in order to establish a common picture of ongoing vetting efforts and results; and that officials have emphasized their strong working relationships. Further, according to USAID officials, sharing vendor vetting results would greatly assist the agency's efforts to ensure that it is not conducting business with known malign actors in Afghanistan. However, in a workforce environment characterized by frequent personnel rotations, maintaining continuity of processes and procedures can be a challenge. Without documented, formalized procedures, DOD and USAID cannot ensure that their current information-sharing practices will endure. Further, sharing information on vetting results could be especially beneficial for State, since it currently has no plans to perform vetting of the type done by DOD and USAID for any of its non-U.S. vendors in Afghanistan. Conclusions: In Afghanistan, the use of local vendors by U.S. government agencies such as DOD, USAID, and State is a key component of the COIN strategy. But awards to local vendors in Afghanistan pose particular challenges because of the potential for fraud, corruption, or the siphoning of funds to organizations hostile to U.S. forces. These concerns highlight the importance of establishing processes for mitigating the risk that malign actors could profit from U.S. government contracts. Both CENTCOM Contracting Command and USAID have established processes to vet non-U.S. vendors in Afghanistan, but these processes are time- and resource-intensive. Given these restraints, it is not feasible to vet every non-U.S. vendor that contracts with the U.S. government in Afghanistan, and it is important that vendors are selected for vetting based on a variety of factors, including the risk level for the service being provided and the risk estimate based on the geographic area in which the service is to be performed. Understanding the capacity and resources available to CENTCOM Contracting Command is also essential to devising an appropriate risk-based approach to effectively use the vendor vetting cell to achieve its goals with existing resources in the short term and evaluating what resources will be needed to accommodate any further increase in the workload in the future. Further, as USAID begins to finalize its vetting process, the consideration of a risk-based approach may help the agency to address limitations similar to those of the CENTCOM process. While State has not yet developed a specific vendor vetting process, given the number of non-U.S. vendors it currently uses, and as it goes forward with implementing Afghan First, the need to vet these vendors may become more acute in order to mitigate the risk of contracting with these vendors. Given the multiagency operational environment in Afghanistan, it is imperative that U.S. efforts be coordinated and that information about malign actors be shared among all contracting parties. This information sharing may be particularly important for State because it does not currently vet its non-U.S. vendors. Otherwise, agencies may unknowingly contract with vendors that have been deemed a risk by other agencies. Recommendations for Executive Action: To safeguard U.S. personnel against security risks and help ensure that resources are not used to support insurgent or criminal groups, we recommend that the Commander of U.S. Central Command direct CENTCOM Contracting Command to: * consider formalizing a risk-based approach to enable the department to identify and vet the highest-risk vendors--including those vendors with contracts below the $100,000 threshold--as well as subcontractors and: * work with the vendor vetting cell to clearly identify the resources and personnel needed to meet the demand for vendor vetting in Afghanistan using a risk-based approach. To help ensure that resources are not used to support terrorist or criminal groups, we recommend that the Director of the Office of Security and the USAID Mission Director, Kabul, Afghanistan, consider formalizing a risk-based approach that would enable USAID to identify and vet the highest-risk vendors and partners, including those with contracts below the $150,000 threshold. To help ensure that State resources are not diverted to insurgent or criminal groups, we recommend that the Secretary of State direct the appropriate bureau(s) to assess the need and develop possible options to vet non-U.S. vendors, which could include leveraging existing vendor vetting processes, such as USAID's, or developing a unique process. To promote interagency collaboration so as to better ensure that vendors potentially posing a risk to U.S. forces are vetted, we also recommend that the Commander of U.S. Central Command; USAID Mission Director, Kabul, Afghanistan; and the Coordinating Director for Development and Economic Affairs, U.S. Embassy, Kabul, Afghanistan, consider developing formalized procedures, such as an interagency agreement or memorandum of agreement, to ensure the continuity of communication of vetting results and to support intelligence information, so that other contracting activities may be informed by those results. Agency Comments and Our Evaluation: We provided a draft of this report to DOD, USAID, and State. We received written comments from all three, which we have reprinted in appendixes II, III, and IV, respectively. DOD concurred with our recommendations. In response to our second recommendation to CENTCOM to work with the vendor vetting cell to identify the resources and personnel needed to meet the demand for vendor vetting in Afghanistan, DOD provided additional clarification about the limitations that currently exist on its resources, including limitations on expanding its joint manning document and the current mandate to reduce staff at CENTCOM. USAID concurred with our recommendations, and in its response also noted that the GAO team's field work and draft report contributes positively to USAID/Afghanistan's efforts to implement a system to help ensure that resources are not used to support terrorist or criminal groups. State partially concurred with our recommendation that the Secretary direct the appropriate bureaus to assess the need and develop possible options to vet non-U.S. vendors. State noted in its written comments that it recognizes the risk of U.S. funds under State's management being diverted for the benefit of terrorists or their supporters, and has devoted a good deal of time to defining the issue and seeking appropriate processes to mitigate the risk of this occurring. However, State noted that significant legal concerns relating to contracting law, competition requirements, and the conflict between open competition and the use of classified databases to vet contractors and grantees have required analysis and discussion. We recognize these concerns and encourage State to continue to address the various issues if they develop and implement a vetting process. Additionally, State said that the Department of State, Foreign Operations, and Related Programs Appropriations Act for Fiscal Year 2010 (which is Division F of the Consolidated Appropriations Act, 2010, Pub. L. No. 111-117) prohibited the use of State funds to implement a partner vetting program but authorized creation of a pilot program for contractor vetting to apply to both State and USAID programs and activities. State noted that the department has assigned responsibility for developing such a pilot vetting program and has begun work on the pilot's design. We appreciate State's efforts to begin the pilot program and the need for State and USAID to act consistently with the funding restriction described above in all their vetting efforts. However, as we previously noted, State and USAID officials both indicated that the pilot program would not apply to Afghanistan. Additionally, based on its written comments, State is beginning to address our recommendation as it noted that Afghanistan is under active review for inclusion in a vetting effort that would apply specifically to that country. State did not comment on our recommendation that DOD, USAID, and State consider developing formalized procedures to ensure the continuity of communication of vetting results and to support intelligence information, so that other contracting activities may be informed by those results. We are sending copies of this report to the appropriate congressional committees and the Secretaries of Defense and State and the Administrator of the United States Agency for International Development. This report also is available at no charge on the GAO Web site at [hyperlink, http://www.gao.gov]. If you or your staff have any questions about this report, please contact me at (202) 512-8365 or solisw@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this report. GAO staff who made major contributions to this report are listed in appendix V. Signed by: William M. Solis, Director: Defense Capabilities and Management: List of Addressees: The Honorable Carl Levin: Chairman: The Honorable John McCain: Ranking Member: Committee on Armed Services: United States Senate: The Honorable Claire McCaskill: Chairman: Ad Hoc Subcommittee on Contracting Oversight: Committee on Homeland Security and Government Affairs: United States Senate: The Honorable Howard P. "Buck" McKeon: Chairman: The Honorable Adam Smith: Ranking Member: Committee on Armed Services: House of Representatives: The Honorable John Tierney: Ranking Member: Subcommittee on National Security, Homeland Defense and Foreign Operations: Committee on Oversight and Government Reform: House of Representatives: [End of section] Appendix I: Scope and Methodology: Under the authority of the Comptroller General of the United States, we initiated a review to identify what efforts, if any, are under way to ensure that U.S. contracting funds or resources are not diverted to support corruption or insurgent organizations. Specifically, we examined (1) the extent to which the Department of Defense (DOD) has established a process to vet non-U.S. vendors in Afghanistan, both to ensure that resources are not used to support insurgent or criminal groups and to safeguard U.S. personnel and assets against security risks; (2) the extent to which the Department of State (State) and the United States Agency for International Development (USAID) have established processes to vet non-U.S. vendors and other assistance recipients in Afghanistan; and (3) the extent to which vetting information is shared among DOD, State, and USAID.[Footnote 41] As the use of host nation and regional contractors is expected to increase through the use of various agreements, such as Afghan First, in which the United States and NATO have demonstrated a commitment to obtain products and services locally, we focused our review on non- U.S. contractors and nongovernmental organizations, as well as based on congressional interest. Further, legal protections, policy considerations, and business practices in the United States could constrain the U.S. Government from investigating U.S. citizens, so vetting of U.S. contractors would be more constrained. To identify and examine the efforts DOD has taken to vet non-U.S vendors in Afghanistan and the extent to which State and USAID have established processes to vet non-U.S. vendors in Afghanistan and to share this vetting information, we reviewed recent DOD, State, and USAID policies and procedures, including fragmentary orders; the recently updated November 2010 U.S. Central Command (CENTCOM) Contracting Command's Acquisition Instruction as well as a previous version USAID's Mission Order for Afghanistan 201.03; and an April 2010 memorandum of understanding between DOD, State, and USAID relating to contracting in Iraq and Afghanistan. Additionally, we reviewed the DOD contract that establishes a vendor vetting cell in support of U.S. forces in Afghanistan and Iraq at CENTCOM headquarters in Tampa, Florida, and the contract's associated classified policies and procedures, as well as draft standard operating procedures for USAID's vetting support unit in Afghanistan. We do not discuss the mechanics of the vetting processes used by DOD and USAID in detail because we did not evaluate the effectiveness of the methods used by the agencies to conduct the vetting. We also reviewed a 2008 State cable that applies to both USAID and State regarding risk assessments to mitigate the threat of financing terrorism. In addition, we reviewed prior GAO and other audit agency work that was related to contract management and oversight in Afghanistan, as well as vetting. We interviewed cognizant DOD, State, and USAID officials in both Afghanistan and the United States, including DOD policy, logistics, and acquisition officials from the offices of the relevant Under Secretaries of Defense in Washington, D.C.; CENTCOM officials in the planning, logistics, and intelligence directorates, as well as representatives of the vendor vetting cell in Tampa, Florida; and USAID and State officials in Washington, D.C., responsible for contracting, procurement, and security. We do not discuss the mechanics of the vetting processes used by DOD and USAID in detail because we did not evaluate the effectiveness of the methods used by the agencies to conduct the vetting. In Afghanistan, we interviewed a variety of DOD, United States Forces - Afghanistan (USFOR-A), and CENTCOM Contracting Command officials in Kabul, including the CENTCOM Senior Contracting Official there, and the commanders of Task Force 2010, Task Force Spotlight, and other groups.[Footnote 42] Additionally, we put out data calls to USAID and the Department of State for their procurement for fiscal year 2010 in Afghanistan. We present procurement data for fiscal year 2010 in Afghanistan, based on data calls to USAID and the Department of State, and our own data pulls to give a broad context for the scale of awards to U.S. compared to non-U.S. and the amount obligated and determined the method used to gather this data to be sufficiently reliable for this purpose. We also interviewed cognizant U.S. Embassy security and contracting officials and USAID security and contracting officials, all in Kabul. Additionally, we interviewed officials from USFOR-A regional contracting centers in Kabul, Camp Leatherneck, and Kandahar; U.S. Army Corps of Engineers (USACE) officials in Kandahar, as well as USACE officials in other locations via teleconference; and International Security Assistance Force contracting and security officials in Kabul and Kandahar. We also held teleconferences with contracting officials at Bagram Air Force Base and in Qatar. We retrieved contract data from the Federal Procurement Data System- Next Generation to present information about the amount of obligations for USACE and both the obligations and the number of awards above and below $100,000 for CENTCOM Contracting Command in fiscal year 2010 in Afghanistan. Additionally, we put out data calls to USAID and State for their procurement data for fiscal year 2010 in Afghanistan. We presented these data in our report to give a broad context for the scale of awards to U.S. vendors compared to those to non-U.S. vendors and the amounts obligated, and we determined the method used to gather these data to be sufficiently reliable to present the information in this context. We conducted this performance audit from May 2010 through June 2011 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. We visited or contacted the following organizations during our review: The Department of Defense: * Office of the Under Secretary of Defense for Acquisition, Technology and Logistics, Washington, D.C. * Office of the Under Secretary for Defense for Intelligence, Arlington, Virginia: * Office of the Under Secretary of Defense for Personnel and Readiness, Arlington, Virginia: * Business Transformation Agency, Arlington, Virginia: * Pakistan-Afghanistan Coordination Cell, Arlington, Virginia: * U.S. Central Command, Tampa, Florida: * U.S. Transportation Command, Scott Air Force Base, Illinois: * United States Forces - Afghanistan, Kabul, Afghanistan: * Defense Contract Management Agency, Kabul, Afghanistan: * U.S. Central Command Contracting Command, Qatar: * Senior Contracting Official, Afghanistan, Kabul, Afghanistan: * Regional contracting commands in Kabul, Leatherneck, Kandahar, and Bagram, Afghanistan: Interagency, international, and joint organizations: * NATO Maintenance and Supply Agency, Kandahar, Afghanistan: * Combined Joint Interagency Task Force Shafafiyat, Kabul, Afghanistan: * International Security Assistance Force CJ4, Kabul, Afghanistan: * Task Force 2010, Task Force Spotlight, and Task Force for Business and Stability Operations, Kabul, Afghanistan: Department of the Army: * U.S. Army Corps of Engineers, Washington, D.C., and Afghanistan: * Army Materiel Command, Fort Belvoir, Virginia: * Rock Island Contracting Center, Rock Island, Illinois: Department of State: * Bureau of Diplomatic Security, Arlington, Virginia: * Office of Acquisitions Management, Arlington, Virginia: * U.S. Embassy Kabul, Kabul, Afghanistan: United States Agency for International Development: * Office of Security, Washington, D.C. * Office of Afghanistan and Pakistan Affairs, Washington, D.C. * USAID/Afghanistan, Kabul, Afghanistan: * Office of Safety and Security, Kabul, Afghanistan: * Office of Acquisition and Assistance, Kabul, Afghanistan: Nongovernmental organization: * Peace Dividend Trust: [End of section] Appendix II: Comments from the Department of Defense: Office Of The Assistant Secretary Of Defense: Logistics And Materiel Readiness: 3500 Defense Pentagon: Washington, DC 20301-3500: May 20, 2011: Mr. William M. Solis: Director, Defense Capabilities and Management: U.S. Government Accountability Office: 441 G Street N.W. Washington, DC 20548: Dear Mr. Solis: This is the Department of Defense response to the GAO Draft Report, GA0-11-355, "Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement," dated April 25, 2011 (GAO code 351489). Detailed comments on the report recommendations are enclosed. The Department appreciates the opportunity to respond to your draft report and look forward to working with you as we continue to ensure a strong and viable vetting process in Afghanistan. Should you have any questions, please contact Mr. Kevin Doxey, Kevin.doxev@osd.mil, 703- 697-1368. Sincerely, Signed by: [Illegible], for: Alan F. Estevez: Principal Deputy: [End of letter] GAO Draft Report Dated April 25, 2011: GAO-11-355 (GAO Code 351489): "Afghanistan: U.S. Efforts To Vet Non-U.S. Vendors Need Improvement" Department Of Defense Comments To The GAO Recommendations: Recommendation 1: The GAO recommends that the Commander of the U.S. Central Command direct the U.S. Central Command (CENTCOM) Contracting Command to consider formalizing a risk-based approach to enable the department to identify and vet the highest risk vendors--including those vendors with contracts below the $100,000 threshold”-as well as subcontractors. (See page 28/GAO Draft Report.) DoD Response: Concur. The Department agrees that a formalized risk-based approach is necessary to focus on contractors, by region, work type, and frequency of awards across all monetary thresholds. The Department's approach will parallel the Defense Intelligence Agency's (DIA) previously established Supply Chain Risk Management (SCRM) Threat Analysis Center (TAC) designed to identify maligned actor threats and employ analytical methodologies to evaluate information. Adoption of this risk-based approach would require CENTCOM to revise their procedures for submission of a vendor-vetting cell and review SCRM TAC guidance. At present, the International Security Assistance Force (ISAF) is developing a FRAGO that will include provisions for vetting international and coalition partners in Afghanistan. Recommendation 2: The GAO recommends that the Commander of the U.S. Central Command direct the Joint Theater Support Contracting Command (JTSCC) to work with the vendor vetting cell to clearly identify the resources and personnel needed to meet the demand for vendor vetting in Afghanistan using a risk-based approach. (See page 28/GAO Draft Report.) DoD Response: Concur. The Department agrees that CENTCOM J2X, JTSCC, and IJC require more efficiency with identifying the necessary resources and personnel to perform vetting responsibilities. The Department however is constricted by limited appropriations for additional personnel and the manning constraints of the Joint Manning document. While the Department will encourage CENTCOM to develop better resourcing requirements, more must be done to reduce the limitations that could result in resource gridlock. Recommendation 3: To promote interagency collaboration so as to better ensure that vendors potentially posing a risk to U.S. forces are vetted, the GAO also recommends the Commander of U.S. Central Command, USAID Mission Director, Kabul, Afghanistan, and the Coordinating Director for Development and Economic Affairs, U.S. Embassy, Kabul, Afghanistan, consider developing formalized procedures, such as an interagency agreement or memorandum of agreement, to ensure the continuity of communication of vetting results and supporting intelligence information, so that other contracting activities may be informed by those results. (See page 28 through 29/GAO Draft Report) DoD Response: Concur. The Department acknowledges that USAID and CENTCOM have an informal process of sharing information about vendors in Afghanistan. However, due to high personnel turnover, the process has become ineffective. The Department recognizes the need for a formalized Memorandum of Agreement that clearly defines the goals of the collaboration, and the roles and limitations of each interagency regardless of personnel turnover. The Department also recognizes that such an agreement would allow for the exchange of critical information and prevent duplication of effort. At present, USAID and the Joint Contingency Contracting System (JCCS) are working on an MOU, based on USFOR-A's FRAGO for vetting, that will formalize the sharing of results between the USAID and C3. [End of section] Appendix III: Comments from the United States Agency for International Development: USAID: From The American People: Mr. William Solis, Director: Defense Capabilities and Management: U.S. Government Accountability Office: Washington, DC 20548: Dear Mr. Solis: I am pleased to provide the U.S. Agency for International Development's formal response to the GAO draft report entitled "Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement" (GAO-11-355). Our comments are limited to those sections of the report concerning USAID's assistance and operations. The GAO team's field work and draft report contributes positively to USAID/Afghanistan's efforts to implement a system to help ensure that resources are not used to support terrorist or criminal groups. Thank you for the opportunity to respond to the GAO draft report and for the courtesies extended by your staff in the conduct of this audit review. Sincerely, Sean Carroll /s/: Chief Operating Officer: U.S. Agency for International Development: Enclosure: a/s. [End of letter] USAID Comments On GAO Draft Report No. GAO-11-355: General comments: USAID agrees with the GAO findings and recommendations in the draft audit report. The report captures many of the key points about the current status of implementation and areas for improvement in USAID/Afghanistan's vetting process. USAID has already initiated corrective measures to ensure conformity with the GAO recommendations and adherence to various statutes, regulations and executive orders pertaining to terrorism. Recommendation 1: To help ensure that resources are not used to support terrorist or criminal groups, we recommend that the Director of the Office of Security and the USAID Mission Director, Kabul, Afghanistan, consider formalizing a risk-based approach that would enable them to identify and vet the highest risk vendors and partners, including those with contracts below the $150,000 threshold. Management Comments: The Mission agrees with this recommendation and has incorporated risk assessment factors into its vetting policies and procedures embodied in a Mission Order, developed in coordination with USAID/Washington, and signed on May 9, 2011. Aside from establishing a vetting threshold of $150,000 (thus covering projects that constitute significant financial risks and the bulk of USAID assistance to Afghanistan), other factors such as project location and type of project or services will be considered in vetting non-U.S. recipients and contractors prior to award. For example, the Mission Order states that all awards to non-U.S. private security companies (PSC) will be vetted regardless of the award amount. Furthermore, it also establishes an Afghanistan Counter- Terrorism Team made up of necessary offices that, among other things, will review and adjust, as needed, the risk factors. Recommendation 2: To promote interagency collaboration so as to better ensure that vendors potentially posing a risk to U.S. forces are vetted, we also recommend that the Commander of U.S. Central Command, USAID Mission Director, Kabul, Afghanistan, and the Coordinating Director for Development and Economic Affairs (CDDEA), U.S. Embassy, Kabul, Afghanistan, consider developing formalized procedures, such as an interagency agreement or memorandum of agreement, to ensure the continuity of communication of vetting results and supporting intelligence information, so that other contracting activities may be informed by those results. Management Comments: Subject to discussion with U.S. Central Command (CENTCOM) and CDDEA, the Mission agrees with this recommendation. However, the development of formal agreements requires concurrence by all three parties. It also requires careful thought in order to assure sustainability and successful implementation. As mentioned in the report, the Mission already has an informal information sharing agreement with U.S. CENTCOM with which it has been collaborating. The Mission will work with U.S. CENTCOM and U.S. Embassy, Kabul to formalize this agreement, as recommended. Interagency discussions have been initiated and a final action target date will be established as soon as discussions among all concerned USG agencies are completed. [End of section] Appendix IV: Comments from the Department of State: United States Department of State: Chief Financial Officer: Washington, D.C. 20520: May 20, 2011: Ms. Jacquelyn Williams-Bridgers: Managing Director: International Affairs and Trade: Government Accountability Office: 441 G Street, N.W. Washington, D.C. 20548-0001: Dear Ms. Williams-Bridgers: We appreciate the opportunity to review your draft report, "Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement," GAO Job Code 351489. The enclosed Department of State comments are provided for incorporation with this letter as an appendix to the final report. If you have any questions concerning this response, please contact Janice DeGarmo, Special Assistant, Bureau of Administration at (202) 647-4461. Sincerely, Signed by: Barbara Retzlaff: cc: GAO ” William M. Solis: A ” Will Moser: State/OIG ” Evelyn Klemstine: [End of letter] Department of State Comments on GAO Draft Report: Afghanistan: US Efforts to Vet Non-US Vendors Need Improvement (GAO-11-355, Job Code 351489): The Department of State appreciates the opportunity to comment on GAO's draft report entitled "Afghanistan: U.S. Efforts to Vet Non-U.S. Vendors Need Improvement." Recommendation: To help ensure that State resources are not diverted to insurgent or criminal groups, we recommend that the Secretary direct the appropriate bureau(s) to assess the need and develop possible options to vet non-U.S. vendors, which could include leveraging existing vendor vetting processes, such as USAID's or developing a unique process. Response: The Department partially agrees with this recommendation. The Department recognizes the risk of U.S. funds under our management being diverted for the benefit of terrorists, or their supporters, and has devoted a good deal of time to defining the issue and seeking appropriate processes to mitigate the risk of this occurring. Significant legal concerns relating to contracting law, competition requirements, and the conflict between open competition and the use of classified databases to vet contractors and grantees have required analysis and discussion. The FY 2010 Department of State, Foreign Operations, and Related Programs Appropriations Act, carried forward for FY 2011 under the Continuing Resolution, prohibited the use of State Department funds to implement a Partner Vetting program but authorized creation of a pilot program for contractor vetting together with USAID. In January 2011, the Department assigned responsibility for developing such a pilot vetting program to the Bureau of Administration's Office of Logistics Management (A/LM). The Office has since recruited a small team and begun work on both the design of the pilot as well as the various legal and regulatory filings required under the Privacy and Paperwork Reduction Acts in order to proceed. While Afghanistan would not necessarily be one of the countries included in the anticipated pilot program-–adding it would skew the results of a program designed to measure world-wide need-”it is under active review for inclusion in a vetting effort that would apply specifically to that country. [End of section] Appendix V: GAO Contact and Staff Acknowledgments: GAO Contact: William M. Solis, (202) 512-8365 or solisw@gao.gov: Staff Acknowledgments: In addition to the contact named above, major contributors to this report were Carole Coffey, Assistant Director; Johana Ayers; Vincent Balloon; Laura Czohara; Timothy DiNapoli; Melissa Hermes; Jason Jackson; Natasha Wilder; and Sally Williamson. In addition, Michael Shaughnessy provided legal support, Julia Kennon provided technical support, and Cheryl Weissman and Kimberly Young provided assistance in report preparation. [End of section] Footnotes: [1] For fiscal year 2009 and the first half of fiscal year 2010, DOD and State also reported approximately $690 million in obligations for contracts and various assistance instruments with performance in Iraq, Afghanistan, or both, without specifying in which country the contracted activity took place. DOD, State, and USAID have all relied heavily on contractors (vendors) in Afghanistan, and DOD accounts for the vast majority of all U.S. contract obligations in Afghanistan, which are used both for direct support to the U.S. government and for reconstruction efforts. Additionally, State and USAID have relied on assistance, such as grants and cooperative agreements, to implement their programs; USAID refers to entities that enter into such agreements as implementing partners. See GAO, Iraq and Afghanistan: DOD, State, and USAID Face Continued Challenges in Tracking Contracts, Assistance Instruments, and Associated Personnel, [hyperlink, http://www.gao.gov/products/GAO-11-1] (Washington, D.C.: Oct. 1, 2010). [2] DOD, State, and USAID joint guidance has described the U.S. COIN approach as a blend of comprehensive civilian and military efforts intended to not only fight insurgency but also address its root causes. U.S. COIN efforts focus not only on security objectives, but consider building Afghan economic and governance capacity as key elements. [3] Commander, International Security Assistance Force (COMISAF)/ United States Forces - Afghanistan, COMISAF's Counterinsurgency (COIN) Contracting Guidance (Sept. 8, 2010). [4] See [hyperlink, http://www.gao.gov/products/GAO-11-1], and GAO, Warfighter Support: Cultural Change Needed to Improve How DOD Plans for and Manages Operational Contract Support, [hyperlink, http://www.gao.gov/products/GAO-10-829T] (Washington, D.C.: June 29, 2010); Contingency Contracting: Improvements Needed in Management of Contractors Supporting Contract and Grant Administration in Iraq and Afghanistan, [hyperlink, http://www.gao.gov/products/GAO-10-357] (Washington, D.C.: Apr. 12, 2010); and Warfighter Support: Continued Actions Needed by DOD to Improve and Institutionalize Contractor Support in Contingency Operations, [hyperlink, http://www.gao.gov/products/GAO-10-551T] (Washington, D.C.: Mar. 17, 2010). [5] See Exec. Order No. 13,224, 66 Fed. Reg. 49079 (Sept. 23, 2001). [6] See National Defense Authorization Act for Fiscal Year 2012, H.R. 1540, 112th Cong. 821 (2011) (as reported by H. Comm. on Armed Services, May 17, 2011); No Contracting with the Enemy Act of 2011, S. 341, 112th Cong. (2011) (as introduced in the Senate, Feb. 14, 2011). [7] Task Force 2010 is an interagency group that includes representatives from DOD, State, USAID, the Department of Justice, and ISAF, among others. [8] While the term vetting can be used to describe any sort of background verification or fact checking, for purposes of this review, vetting is used to describe the examination of available background and intelligence information to determine whether prospective vendors or assistance recipients are affiliated with insurgent or criminal groups, or appear to pose a significant risk of diverting funds or security information to terrorist, criminal, or other corrupt organizations. [9] CENTCOM is one of DOD's six geographic combatant commands. Among other duties, it is responsible for executing U.S. military operations that take place in Iraq and Afghanistan, as directed. [10] CENTCOM Contracting Command is the commonly used name for what is formally known as the Joint Theater Support Contracting Command, formerly the Joint Contracting Command-Iraq/Afghanistan. CENTCOM Contracting Command has authority over all contracting activities assigned or attached to CENTCOM, with the exception of those of the U.S. Army Corps of Engineers. [11] We have previously noted that while DOD officials consider CENTCOM's quarterly census the most reliable source of data on contractor personnel in Iraq or Afghanistan, officials acknowledged that the census numbers represent a rough approximation of the actual number of contractor personnel who worked in either country. Furthermore, as military operations increase in Afghanistan, efforts to obtain an accurate count of the contractor workforce may be more complicated than in Iraq, because DOD's contractor workforce in Afghanistan consists of more local nationals than that in Iraq, and data on local nationals are more difficult to obtain than data on U.S. citizens and third-country nationals. See [hyperlink, http://www.gao.gov/products/GAO-11-1]. [12] The source for these data is the Federal Procurement Data System- Next Generation, February 2011. [13] The source for fiscal year 2010 obligations is the Federal Procurement Data System-Next Generation, February 2011. The source for projected obligations for fiscal year 2011 is USACE. [14] This information is based on USAID data. [15] See Exec. Order No. 13,224, 66 Fed. Reg. 49079, 49079-49080, 1, 2(a) (Sept. 23, 2001). [16] See, e.g., 48 C.F.R. 25.701 (prohibiting agencies from acquiring supplies or services where a proclamation, executive order, statute, or implementing regulations related to listed individuals would prohibit such a transaction by private individuals); 9.404- 9.405 (discussing the Excluded Parties List System). A Mission Order from the USAID Mission for Afghanistan specifies a similar safeguard for grants or cooperative agreements, directing officials to check the names of recipients against publicly available lists of sanctioned individuals and organizations. [17] See 48 C.F.R. 9.103. [18] See, e.g., 48 C.F.R. 9.104-1, 209.104-1. [19] Shafafiyat means "transparency" in Dari and Pashto, the two official languages of Afghanistan. [20] In addition to these Afghanistan-specific efforts, in 2005 the Federal Bureau of Investigation led the establishment of a task force of offices of inspectors general and other investigative entities to create the International Contract Corruption Task Force, which is charged with detecting, investigating, and dismantling contract fraud and corruption in areas of contingency operations such as Iraq and Afghanistan. [21] The establishment of a vetting cell to vet prospective vendors in Afghanistan expanded an existing process used by the formerly named Joint Contracting Command-Iraq/Afghanistan to vet prospective vendors in Iraq. It has been referred to over time and in various documents as the Vendor Vetting Reachback Cell, Vendor Assessment Cell, and Vendor Vetting Cell. For ease of reference, it is referred to here as the vetting cell. [22] The vetting cell contract awarded in June 2010 is an indefinite- delivery/indefinite-quantity contract that currently has two task orders that separately establish vetting cells for Afghanistan and Iraq that are collocated at CENTCOM headquarters in Tampa, Florida. The task order for Iraq was awarded slightly later, in August 2010, to allow the period of performance for the prior Iraq vetting cell contract to conclude. [23] According to the Acquisition Instruction, this process is to be implemented for information technology contracts as soon as feasible and practicable but not later than April 2, 2011. [24] Among other things, the Joint Contingency Contracting System captures critical in-theater acquisition and vendor data, with emphasis on host-nation spending; provides centralized vendor registration and solicitation; and functions as a proposal-posting Web site for potential contractors, with English and Arabic capabilities. It is available to all DOD contracting commands that award contracts in Iraq and Afghanistan. According to the Acquisition Instruction, contracting officers can request vetting of all vendors or offerors, those in the competitive range, or apparently successful vendors or offerors. See CENTCOM Contracting Command Acquisition Instruction, 25.7704-1203(c)(4) (Nov. 5, 2010). [25] FPDS-NG is the federal government's primary data system for tracking information on contracting actions. While FPDS-NG is known to have some limitations, we have tried to mitigate any potential issues by relying on more recent data and by using more than one data element in our analysis. For further information on FPDS-NG, please see GAO, Defense Contracting: Enhanced Training Could Strengthen DOD's Best Value Tradeoff Decisions, [hyperlink, http://www.gao.gov/products/GAO-11-8] (Washington, D.C.: Oct. 28, 2010), and Federal Contracting: Observations on the Government's Contracting Data Systems, [hyperlink, http://www.gao.gov/products/GAO-09-1032T] (Washington, D.C.: Sept. 29, 2009). [26] COMISAF/United States Forces - Afghanistan, COMISAF's Counterinsurgency (COIN) Contracting Guidance. [27] CENTCOM Contracting Command, Policy Memorandum No. 10-09, Responsibility Determination for Subcontractors (Aug. 31, 2010). [28] Although the Acquisition Instruction primarily focuses on vetting prospective contract actions (i.e., award), one subsection addresses the potential for termination of existing contracts where a contracting officer becomes aware of a contractor with a "rejected" eligibility status. See CENTCOM Contracting Command Acquisition Instruction, 25.7704-1203(k) (Nov. 5, 2010). [29] GAO, Defense Acquisitions: Sound Practices Critical to Ensuring Value for the Defense Logistics Agency's Acquisitions, [hyperlink, http://www.gao.gov/products/GAO-09-1040T] (Washington, D.C.: Sept. 24, 2009). [30] GAO, Executive Guide: Effectively Implementing the Government Performance and Results Act, [hyperlink, http://www.gao.gov/products/GAO/GGD-96-118] (Washington, D.C.: June 1996). [31] For example, see GAO, Federal Lands: Adopting a Formal, Risk- Based Approach Could Help Land Management Agencies Better Manage Their Law Enforcement Resources, [hyperlink, http://www.gao.gov/products/GAO-11-144] (Washington, D.C.: Dec. 17, 2010); Commercial Vehicle Security: Risk-Based Approach Needed to Secure the Commercial Vehicle Sector, [hyperlink, http://www.gao.gov/products/GAO-09-85] (Washington, D.C.: Feb. 27, 2009); Defense Acquisitions: Tailored Approach Needed to Improve Service Acquisition Outcomes, [hyperlink, http://www.gao.gov/products/GAO-07-20] (Washington, D.C.: Nov. 9, 2006); and Defense Management: Additional Actions Needed to Enhance DOD's Risk-Based Approach for Making Resource Decisions, GAO-06-13 (Washington, D.C.: Nov. 15, 2005). [32] [hyperlink, http://www.gao.gov/products/GAO-07-20]. [33] For more information on this process, see GAO, Foreign Assistance: Measures to Prevent Inadvertent Payments to Terrorists under Palestinian Aid Programs Have Been Strengthened, but Some Weaknesses Remain, [hyperlink, http://www.gao.gov/products/GAO-09-622] (Washington, D.C.: May 19, 2009). [34] USAID collects certain identifying information on its partners as part of USAID's acquisition and assistance award process. The vetting support unit facilitates the inclusion of this and other requested information, if any, into the vetting database. According to officials and the January 2011 cable, the vetting support unit is to also ensure that host-nation applicants for USAID funding are registered into the Joint Contingency Contracting System to facilitate vetting. For further information on the general process of USAID's process to vet vendors and award recipients in the West Bank and Gaza, see [hyperlink, http://www.gao.gov/products/GAO-09-622]. [35] For example, see [hyperlink, http://www.gao.gov/products/GAO-09-85] and [hyperlink, http://www.gao.gov/products/GAO-06-13]. [36] State is currently working with USAID to set up a pilot program for a comprehensive partner vetting system as authorized by the Consolidated Appropriations Act, 2010, Pub. L. No. 111-117, 7034(o) (2009). The act restricts the use of funds by State or USAID to implement a Partner Vetting System, except that funds appropriated by the act may be used to implement a Partner Vetting System pilot program, to be applied equally to the programs and activities of State and USAID. However, officials from State and USAID told us that Afghanistan has been excluded as a potential candidate for the pilot program because of the kinetic nature of its operating environment. Additionally, according to USAID and State officials, this joint pilot program that is referenced in the legislation is distinct from the current effort that USAID has under way in Afghanistan. [37] See Afghanistan and Pakistan Regional Stabilization Strategy, updated February 2010. [38] State contracting officers are supposed to consult publicly available lists of sanctioned individuals and organizations--such as the Specially Designated Nationals List--prior to contract award. See, e.g., 48 C.F.R. 609.404-70. [39] GAO, Standards for Internal Control in the Federal Government, [hyperlink, http://www.gao.gov/products/GAO/AIMD-00-21.3.1] (Washington, D.C.: November 1999). [40] GAO, Results-Oriented Government: Practices That Can Help Enhance and Sustain Collaboration among Federal Agencies, [hyperlink, http://www.gao.gov/products/GAO-06-15] (Washington, D.C.: Oct. 21, 2005). [41] While the term vetting can be used to describe any sort of background screening or fact checking of companies, individuals, or information, for purposes of this review, vetting is used to describe the examination of available background and intelligence information to determine whether prospective vendors or assistance recipients are affiliated with insurgent or criminal groups, or appear to pose a significant risk of diverting funds or security information to terrorist, criminal, or other corrupt organizations. [42] CENTCOM Contracting Command is the commonly used name for what is formally known as the Joint Theater Support Contracting Command, formerly the Joint Contracting Command-Iraq/Afghanistan. CENTCOM Contracting Command has authority over all contracting activities assigned or attached to CENTCOM, with the exception of those of the U.S. Army Corps of Engineers. [End of section] GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to [hyperlink, http://www.gao.gov] and select "E-mail Updates." Order by Phone: The price of each GAO publication reflects GAO‘s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO‘s Web site, [hyperlink, http://www.gao.gov/ordering.htm]. Place orders by calling (202) 512-6000, toll free (866) 801-7077, or TDD (202) 512-2537. Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information. To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: E-mail: fraudnet@gao.gov: Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Ralph Dawn, Managing Director, dawnr@gao.gov: (202) 512-4400: U.S. Government Accountability Office: 441 G Street NW, Room 7125: Washington, D.C. 20548: Public Affairs: Chuck Young, Managing Director, youngc1@gao.gov: (202) 512-4800: U.S. Government Accountability Office: 441 G Street NW, Room 7149: Washington, D.C. 20548:

The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.