OIG Compliance Review: Minimum Security Standards For Overseas Facilities Remain a Hard Nut to Crack

Posted: 2:00 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

Three ARB-related IG reports were issued this past week, two of them, the Audit of the DOS Implementation of the Vital Presence Validation Process and the Review of the Implementation of the Benghazi Accountability Review Board Recommendation have been designated as Classified. The third one, the Compliance Followup Review of the 2013 Special Review of the Accountability Review Board Process is available in full online.

On September 25, 2013, State/OIG released its Special Review of the Accountability Review Board (ARB) Process. That report contains 20 formal and 8 informal recommendations. For the status of the 20 formal recommendations, see Appendix B of the report.  For the status of the informal recommendations, see Appendix C of the report. The OIG notes that the action taken by State at some Benghazi ARB recommendations “did not appear to align with the intent of the recommendations and some Benghazi ARB recommendations did not appear to address the underlying security issues adequately.”

Thirteen of the formal recommendations and five of the informal recommendations are related to the ARB process. The remaining seven formal and three informal recommendations mirror or are closely related to the Benghazi ARB recommendations. As stated in the ARB process review report, the ARB process team’s rationale for issuing these recommendations was that the action taken to date on some of the Benghazi ARB recommendations did not appear to align with the intent of the recommendations and some Benghazi ARB recommendations did not appear to address the underlying security issues adequately. The classified annex to the report provides an assessment of the Department’s implementation of the recommendations of the Benghazi ARB as of the date of the review. Its focus is on the implementation of the 64 tasks S/ES issued in response to the Benghazi ARB recommendations. It contains no OIG recommendations.

In the Compliance Followup Review or CFR dated August 2015, State/OIG reissued one recommendation from the 2013 inspection report, that the Under Secretary of State for Management, in coordination with the Bureau of Diplomatic Security and the Bureau of Overseas Buildings Operations, develop minimum security standards that must be met prior to occupying facilities located in designated high-risk, high-threat locations and include these minimum standards for occupancy in the Foreign Affairs Handbook as appropriate. The report also include a little nugget about DOD cooperation with investigative reports of security-related incidents that involve State Department personnel, specifically mentioning “the incident in Zabul Province, Afghanistan.” That’s the incident where FSO Anne Smedinghoff and four others were killed in Zabul, Afghanistan in April 2013.

Outstanding Recommendation on Minimum Security Standards 

Recommendation 17 of the ARB process review report recommended that the Department develop minimum security standards that must be met prior to occupying facilities in HRHT locations. The Department rejected this recommendation, stating that existing Overseas Security Policy Board standards apply to all posts and that separate security standards for HRHT posts would not provide better or more secure operating environments. Furthermore, recognizing that Overseas Security Policy Board standards cannot be met at all locations, the Department has a high threshold for exceptions to these standards and the waiver and exceptions process requires “tailored mitigation strategies in order to achieve the intent of the standards.”5

Although OIG acknowledges the Department’s assertion of a “high threshold for exceptions,” the Department’s response does not meet the recommendation’s requirement for standards that must be met prior to occupancy. As was noted in the ARB process review report, “…occupying temporary facilities that require waivers and exceptions to security standards is dangerous, especially considering that the Department occupies these facilities long before permanent security improvements are completed.”6 As the Department has not identified minimum security standards that must be met prior to occupancy, Recommendation 17 is being reissued.

Recommendation CFR 1: The Office of the Under Secretary of State for Management, in coordination with the Bureau of Diplomatic Security and the Bureau of Overseas Buildings Operations, should develop minimum security standards that must be met prior to occupying facilities located in Department of State-designated high-risk, high-threat environments and include new minimum security standards of occupancy in the Foreign Affairs Handbook as appropriate. (Action: M, in coordination with DS and OBO)

So, basically back to where it was before Benghazi, when there were no minimum security standards prior to occupying temporary facilities.

How high is this “high threshold of exceptions” that’s being asserted?

Risk management process now called “tailored mitigation strategies” — resulting in waivers of Inman standards?

So waivers will continue to be executed?

And temporary facilities will continue to be occupied?

Key Findings:

  • The Department of State has complied with all the formal and informal recommendations of the 2013 Special Review of the Accountability Review Board Process, except one, which has been reissued in this report.
  • The Department of State has implemented regulatory and procedural changes to delineate clearly who is responsible for implementation, and oversight of implementation, of Accountability Review Board recommendations. The Under Secretary for Management, in coordination with the Under Secretary for Political Affairs, is responsible for implementation of Accountability Review Board recommendations. The Deputy Secretary for Management and Resources is responsible for overseeing the Department’s progress in Accountability Review Board implementation, which places accountability for implementation at an appropriately high level in the Department of State.
  • The Office of Management Policy, Rightsizing, and Innovation manages the Accountability Review Board function. The Accountability Review Board process review report was critical of the Office of Management Policy, Rightsizing, and Innovation’s recordkeeping and files of past Accountability Review Boards. The Office of Management Policy, Rightsizing, and Innovation has since revised its Accountability Review Board recordkeeping guidelines. These revised guidelines have yet to be tested, as no Accountability Review Board has met since the Benghazi Accountability Review Board, which issued its report in December 2012.

More details excerpted from the IG report

Flow of Information

Formal Recommendations 1, 2, 3, and 9—as well as Informal Recommendations 1 and 3—concern the flow of information within the Department and from the Department to Congress. The recommendations introduce additional reporting requirements for all incidents that might meet the criteria to convene an ARB, as well as a more clearly defined list of congressional recipients for the Secretary’s Report to Congress. Recommendation 9 tasks S/ES with creating a baseline list of congressional recipients for the Secretary’s report to Congress. That list is now more clearly specified and included in regulations governing the ARB process.

Informal Recommendation 3 requires broader circulation of ARB reports as well as the Secretary’s report to Congress. The M/PRI position is that these reports belong to the Secretary and their dissemination should be at the Secretary’s discretion. OIG continues to believe that the Secretary should exercise discretion and circulate ARB reports and subsequent reports to Congress more widely within the Department.

ARB Recordkeeping

In December 2014, M/PRI revised its ARB recordkeeping guidelines regarding those records to be retained and safeguarded. However, because no ARB has convened since Benghazi, these revised guidelines remain untested. Although these guidelines require recording and transcribing telephone interviews, they do not mandate verbatim transcripts of all interviews, including in-person meetings, as the Inspector General suggested in his May 29, 2014, memorandum to the D/MR.

Action Memo for the Secretary

In compliance with Recommendation 1, the OIG CFR team found that M/PRI now drafts an action memo for the Secretary after every Permanent Coordinating Committee (PCC) meeting detailing the PCC decision, even if the PCC does not recommend convening an ARB.

In response to Recommendation 4, the Under Secretary for Management amended 12 FAM 030 to require vetting and reporting security-related incidents, which do not result in convening a PCC. Those cases will be communicated to the Secretary.

Alternative Review

To meet the intent of Recommendation 2, M/PRI has included in its instructions to the PCC chair a reminder to PCC members that if the PCC votes not to convene an ARB, the PCC should decide whether to recommend that the Secretary request an alternative review.

Terminology

Recommendation 5 recommends establishing written criteria to define the key terms “serious injury,” “significant destruction of property,” and “at or related to a U.S. mission abroad.” The 2013 OIG inspection team found that ambiguity in the terminology had led to their inconsistent application as criteria in decisions to convene ARBs.

ARB Implementation

Recommendations 10 and 11 recommend institutionalizing the oversight of the implementation of ARB recommendations as a responsibility of D/MR. M/PRI’s revision of 12 FAM 030 and addition of 12 Foreign Affairs Handbook (FAH)-12 now clearly delineate who is responsible for managing the ARB process and who is responsible for oversight of implementation of ARB recommendations. The Deputy Secretary’s responsibility for overseeing implementation of ARB recommendations places accountability for implementation at an appropriately high level in the Department.

Personnel Performance 

Recommendation 19 tasks M/PRI, in coordination with the Bureau of Human Resources and the Office of the Legal Adviser, to prepare clear guidelines for ARBs on recommendations dealing with issues of poor personnel performance. M/PRI has revised its standing guidance to ARB members, referring them to the Department’s new leadership principles in 3 FAM 1214, 4138, and 4532 when documenting instances of unsatisfactory performance or poor leadership. The Department further codified this ARB authority by expanding the list of grounds for taking disciplinary or separation action against an employee, including “conduct by a senior official that demonstrates unsatisfactory leadership in relation to a security incident under review by an [ARB] convened pursuant to 22 U.S.C. 4831.” In addition, in January 2013 the Department began seeking an amendment to the ARB statute (22 U.S.C. 4834(c)) to provide explicitly that unsatisfactory leadership may be a basis for disciplinary action and that the ARB would have the appropriate authority to recommend such action. No change to the statute has yet been made.

Strengthening Security at High-Risk, High-Threat Posts

New courses:  Guided by a panel of senior DS special agents and outside organizations, DS updated its former High Threat Tactical Course to create a suite of mandatory courses for DS agents assigned to HRHT locations, drawing on lessons learned from the attacks in Benghazi, Libya, and Herat, Afghanistan. The cornerstone of these courses is the “High Threat Operations Course” (HT-310), which, as of October 1, 2013, was made mandatory for all DS agents at grades FS 04 through 06 who are assigned to HRHT locations. Similar, but shorter duration courses (HT-310E and HT-315) are required for senior and mid-level DS agents assigned to such locations.

Marine Detachments

The Department, in coordination with DOD, has added 20 new MSG detachments, and Marine Corps Headquarters has created the Marine Security Augmentation Unit. Although some HRHT posts still lack MSG detachments, for example, because of the lack of host government approval, the Department has made progress in deploying new detachments and increasing the size of existing detachments.[…] The June 2013 revision of the memorandum of agreement also includes a revision of the MSG mission. In the previous version, the MSG’s primary mission was to prevent the compromise of classified information. Their secondary mission was the protection of personnel and facilities. In the revised memorandum of agreement, the mission of the MSG is to protect mission personnel and prevent the compromise of national security information.

DS Agents Embed With DOD Forces

An additional area of security improvement beyond reliance on the host government has been the Department’s closer relationship with DOD, whose personnel have been involved in every Department contingency operation at an HRHT post since the Benghazi attack. Furthermore, DS agents are now embedded in DOD expeditionary forces.

About That Zabul Incident

Recommendation 6 recommends that the Department seek greater assurances from the Department of Defense (DOD) in providing investigative reports of security-related incidents that involve Department personnel. The Department makes its requests via Executive Secretary memorandum to the equivalent DOD addressee, in accordance with 5 FAH-1 H-120. The DOD counterpart has been responsive in delivering requested materials in all the recent instances, including the incident in Zabul Province, Afghanistan. M/PRI will continue to monitor DOD responses to requests for reports in the future.

That means, the State Department now has the Army investigation report into the death of FSO Anne Smedinghoff and four others in Zabul, Afghanistan in April 2013.  See Zabul Attack: Spox Says State Dept Did Its Own Review, It’s Classified, and There’s Now a Checklist! Zabul Attack: Walking But Not Lost, More Details But Not Official; Plus Update on Kelly HuntArmy Report: Poor planning led to FSO Anne Smedinghoff and troops’ death in Afghanistan.

The Chicago Tribune FOIA’ed that Army report but did not make the document public. The State Department internal report of the incident as far as we are aware, remains Classified. Then State Department spox, Jennifer Psaki referred to “multiple investigations” in April 2014;  none publicly released.

#

Related item:

ISP-C-15-33 | Compliance Followup Review of the Special Review of the Accountability Review Board Process | August 2015

 

Advertisements