TSA Told to Beef Up Security System at Maritime Facilities

Transportation Security Administration leaders have provided lax oversight of the program that produces identity cards for dockworkers, increasing chances of penetration of port facilities by criminals or flouters of immigration law, a watchdog found.

The Transportation Worker Identification Credentials program, which has assigned more than 3.5 million bio-metric I.D. cards to truckers, port employees, and U.S. merchant mariners, suffers from “ineffective fraud detection techniques, inadequate guidance, missing quality controls, and insufficient planning for recurrent vetting reduce the reliability of TSA’s background check process,” according to a report released by the Homeland Security Department’s inspector general.

“TSA’s Office of Intelligence and Analysis has not provided sufficient oversight and guidance to ensure that changes to the TWIC program improve its effectiveness or correct internal control weaknesses,” the IG said. That office “relies on the TWIC Maritime Program Management Office to manage the program, but its focus is more on customer service than effectiveness of the program.”

Compounding the problem is TSA’s organizational structure, which denies the program office “visibility into and authority over the other offices that support the TWIC program,” the IG wrote.

TSA is responsible for reviewing TWIC applications within 30 days of receipt of applications for the $128 cards issued under the 2002 Maritime Transportation Security Act. The background checks and card production are managed by TSA, while the enforcement is carried out by the Coast Guard.

Despite past criticisms by the Government Accountability Office and recent efforts to improve the program’s quality in providing security, the program office “responsible for performance, schedule, cost, oversight, and guidance has not established metrics to measure TSA’s success in achieving TWIC program core objectives,” the watchdog wrote.

Auditors suggested that the managers spend too much effort measuring enrollment time and help-desk response time rather than the effectiveness of security, which increases “the risk that TSA may issue TWIC credentials to someone who is not qualified,” it added. “Key quality assurance and internal control procedures are missing from the background check and terrorism vetting processes.”

TSA vetters also performed poorly on exercises designed to spot fraudulent documents and take advantage of the screening tools offered in DHS’s Automated Biometric Identification System (IDENT), in which the department stores biometric and associated biographic information for national security, law enforcement, immigration and border management, intelligence; and other background investigative purposes.

TSA managers were also taken to task for not setting clear separation of duties and workloads for adjudicators performing quality assurance checks on applications for new cards or renewals.

The IG recommended that TSA’s intelligence office set up a cross-functional coordinating authority to improve oversight of the identity card program and conduct a new risk analysis, among other actions to improve performance.

TSA managers agreed and have begun implementing the recommendations.