The FBI seeks to protect the United States against terrorist and foreign intelligence threats, enforces the criminal laws of the United States, and provides criminal justice services to federal, state, municipal, and international agencies and partners. FBI headquarters in Washington, D.C., coordinates activities of more than 35,500 employees in 56 field offices located in major cities throughout the United States and Puerto Rico, nearly 400 resident agencies in smaller cities and towns across the nation, and more than 60 international offices, called “legal attaches,” in U.S. embassies worldwide.
The OIG issued a follow-up report examining the progress of the FBI in implementing the 18 recommendations contained in the OIG’s March 2006 report, “A Review of the FBI’s Handling of the Brandon Mayfield Case.” Mayfield, an attorney in Portland, Oregon, was arrested by the FBI in May 2004 as a material witness after FBI Laboratory examiners identified Mayfield’s fingerprint as matching a fingerprint found on a bag of detonators connected to the March 2004 terrorist attack on commuter trains in Madrid, Spain, that killed almost 200 people and injured more than 1,400 others. Mayfield was released two weeks later when the Spanish National Police identified an Algerian national as the source of the fingerprint on the bag. The FBI Laboratory subsequently withdrew its fingerprint identification of Mayfield.
The OIG’s 2006 report on the Mayfield case concluded that the latent print examiners involved in the misidentification did not engage in intentional misconduct or violate any explicit FBI Laboratory procedures, but rather made errors in their application of the latent fingerprint methodology that reflected systemic problems with the FBI Laboratory’s operations. In its follow-up review, the OIG found that the FBI Laboratory has made significant progress in implementing most of the OIG’s original recommendations, including undertaking research to develop objective criteria for latent fingerprint analysis and substantially revising its standard operating procedures and training materials to address many of the causes of the Mayfield misidentification. Notable improvements include the following:
- Major revisions to the FBI Laboratory’s standard operating procedures to provide specific standards for conducting latent fingerprint examinations and to require documentation of all phases of the process; and
- Substantial changes to the FBI Laboratory’s procedures for verifying identifications to minimize bias and encourage a culture in which examiners feel free to disagree, and requiring a mandatory blind verification for identifications based on a single latent fingerprint, like the one in the Mayfield case.
However, the follow-up review identified deficiencies with the monthly “Capital Case Review” that had been implemented in response to concerns identified following the Mayfield misidentification. At the time of the 2006 review, the FBI Laboratory and the Criminal Division were conducting the “Capital Case Review” of prisoners awaiting execution to determine whether the latent print unit had conducted analysis in the case that resulted in the death sentence, or in an earlier case that may have been an aggravating factor in the death penalty phase. The Criminal Division was periodically providing lists of prisoners scheduled for execution to the Laboratory, and the Laboratory was determining whether it had previously conducted fingerprint identifications in connection with the case. Although the review had identified no such cases as of March 2006, the OIG recommended in its 2006 report that the FBI Laboratory continue the Capital Case Review or adopt another procedure sufficient to accomplish the same objectives.
During the follow-up review, the OIG found that beginning in March 2008, the Criminal Division ceased providing names of prisoners scheduled for execution to the FBI Laboratory. The suspension of the Capital Case Review was not the result of a specific decision but rather an inadvertent consequence of personnel changes in the Criminal Division. At the urging of the OIG, the Criminal Division and the FBI Laboratory reinstated the Capital Case Review while the OIG was conducting its follow-up review.
This OIG audit report focused on the FBI’s efforts to develop the National Cyber Investigative Joint Task Force (NCIJTF) and the capabilities of FBI field offices to investigate national security cyber intrusion cases. Created by Presidential Directive, the NCIJTF is an FBI-led, multi-agency task force responsible for ensuring that the U.S. government coordinates its efforts to combat national security cyber intrusions. In 2008, the President established the Comprehensive National Cyber Initiative (CNC) to implement the responsibilities outlined in the Presidential Directive.
The audit found that the FBI has completed many of the interim goals for the NCIJTF developed under the CNC, which is intended to combine the missions of various federal agencies to defend against cyber intrusions. The FBI developed an operational plan for the NCIJTF, incorporated many intelligence community and law enforcement agencies in day-to-day NCIJTF operations, formed threat focus cells comprised of NCIJTF participants’ with expertise in targeting specific cyber threats, and had some operational successes in mitigating cyber threats against the United States.
However, the OIG identified areas where the NCIJTF could improve its capabilities to defend against cyber attacks. Specifically, the NCIJTF did not always share relevant information about cyber threats among the task force’s partner agencies. Further, the audit found that NCIJTF partner agencies had not agreed to a consistent information sharing framework as directed in the NCIJTF’s operational plan. As a multi-agency task force, the OIG believes that it is vital that all NCIJTF partner agencies have a common understanding about what information will be shared.
In addition, the audit identified areas where the FBI could improve the capabilities of its field offices to investigate national security cyber intrusion cases. For example, during the OIG interviews with 36 FBI agents assigned to investigate national security-related cyber intrusion cases at 10 FBI field offices, 13 of these agents (36 percent) reported not having the technical skill set that the FBI’s Cyber Division officials had identified as necessary to investigate these types of cases. Moreover, 5 of the 36 agents (14 percent) advised that they did not believe they were able or qualified to investigate national security intrusions effectively.
The audit found that the FBI’s policy of rotating agents through different FBI field offices hindered the ability of some FBI field offices to investigate national security intrusions effectively. Because national security intrusion cases are highly technical and require a specific set of skills, new cyber agents are often not equipped to assume responsibility of a national security intrusion investigation. In 4 of the 10 offices visited, agents advised that they had been assigned cyber cases that exceeded their technical capabilities. Further, the audit found that some field agents believed field offices lacked adequate tactical analytical support for national security intrusion investigations, hampering their ability to “connect the dots” in an investigation and to determine those responsible for intrusions.
The report provided nine recommendations to help the FBI fully implement the NCIJTF and strengthen its cadre of field agents assigned to investigate national security cyber intrusions, and the FBI concurred with the recommendations.
The OIG issued an audit report that determined that the FBI has effectively eliminated its backlog of DNA samples collected from federal convicted offenders, federal arrestees, and non-U.S. citizen detainees.
The FBI Laboratory analyzes and uploads convicted offender, arrestee, and detainee DNA samples into the Combined DNA Index System (CODIS) to identify matches with DNA profiles from unsolved cases or cases without a suspect, thereby providing investigative leads to law enforcement agencies. Historically, the FBI Laboratory has had a backlog of convicted offender, arrestee, and detainee samples, which was mainly the result of federal legislation enacted in the past 10 years that expanded the scope of DNA sample collection from violent federal convicted offenders to include anyone who commits a federal offense as well as non-U.S. citizens who are detained in the United States. In December 2009, the FBI Laboratory reported that it had a backlog of over 312,000 convicted offender, arrestee, and detainee DNA samples waiting to be processed.
The OIG determined that as of May 2011, the FBI had reduced its backlog to a workload of approximately 14,000 samples. Because the FBI currently has the capacity to analyze 60,000 DNA profiles per month and is able to begin processing accepted DNA samples within 30 days of receipt, we concluded that 14,000 samples was a manageable monthly workload and thus the backlog had been effectively eliminated.
The audit concluded that the FBI has achieved a significant accomplishment in reducing the convicted offender, arrestee, and detainee DNA backlog to a manageable monthly workload. The FBI achieved these results by implementing a backlog reduction strategy, hiring additional personnel and contractors, using high-throughput robotics, implementing software for a semi-automated review of DNA profiles after completion of analysis, and reconfiguring laboratory space for more efficient processing.
|Comparison of Previous Methods of DNA
Processing with Current Methods
|Category of Comparison||Prior method||One Robotic Line and Expert
|Samples processed per day||510||1,700|
|Samples processed per month||8,000||30,000|
|Number of plates processed per day (1 plate = 85 Samples)||6||20|
|Sample Review||Manual review, 100 minutes per plate||Examiner assisted with Expert System software, 25 minutes per plate|
While the FBI was successful in reducing its backlog, the audit identified some areas for improvement. The OIG found that the FBI Laboratory does not have documented policies, procedures, and reporting methods to ensure backlog and workload levels are accurately identified and reported to management. The lack of written policies and procedures can also cause inconsistent calculations and affect the ability to compare statistics over a period of time.
In addition, the OIG is concerned with the long-term storage of DNA samples. The FBI maintains its processed DNA samples indefinitely in the event that it might need to retest a sample to confirm a match. As of May 2011, the FBI Laboratory had over 712,000 DNA samples that required storage, and it anticipates having 1 million samples by the end of the calendar year. Currently, some samples are stored in the basement of the FBI Laboratory in boxes stacked from the floor to the ceiling. The FBI is in the process of procuring high density storage units and is considering long-term storage options, including off-site locations. However, these two initiatives are still in the planning stages.
The Federal DNA Database Unit Storage Space at the FBI Laboratory as of August 2011
The OIG made three recommendations to assist the FBI in more accurately identifying, reporting, and projecting its convicted offender, arrestee, and detainee DNA sample workload, and to develop a long-term plan to store DNA samples, and the FBI agreed with the recommendations.
The FBI’s CODIS is a national information repository that stores DNA specimen information to facilitate its exchange by federal, state, and local law enforcement agencies. During this reporting period, the OIG audited state and local laboratories that participate in CODIS to determine the laboratories’ compliance with the FBI’s Quality Assurance Standards and National DNA Index System (NDIS) participation requirements. Additionally, we evaluated whether the laboratories’ DNA profiles in CODIS databases were complete, accurate, and allowable for inclusion in NDIS. Below are examples of our audit findings.
- The OIG audit of the Tucson, Arizona, Police Department Crime Laboratory (Laboratory) found that of 100 forensic profiles sampled, 93 were complete, accurate, and allowable for inclusion in NDIS. Of the remaining profiles, we determined that five profiles were unallowable because they could not be sufficiently connected to the crime, and the Laboratory deemed two other profiles inappropriate for upload to NDIS. The Laboratory removed all seven of the unallowable profiles from NDIS before we completed our fieldwork. As a result of the OIG’s finding that the Laboratory retained personnel records for 5 years instead of the required 10 years, the FBI required the Laboratory to revise its personnel records retention policy to reflect NDIS participation requirements, and the Laboratory revised its manual accordingly. The OIG found the Laboratory to be in compliance with all other NDIS procedures we reviewed, including adequate Laboratory security, staff’s awareness of NDIS procedures, completion of required annual training, and NDIS matches handled in accordance with requirements, as well as compliance with the Quality Assurance Standards we tested.
- The OIG audit found that the Tennessee Bureau of Investigation Memphis Regional Crime Laboratory (Laboratory) complied with the forensic Quality Assurance Standards we reviewed. However, the Laboratory was not storing a copy of the CODIS database backup at an offsite location on a monthly basis as required by NDIS participation requirements and did not provide documentation during the OIG’s audit that it had responded to a request from another laboratory to confirm an NDIS match. The CODIS administrator obtained the documentation from the initiating laboratory after we completed the audit. Also, while the OIG was on site, the CODIS administrator removed from NDIS the four unallowable forensic profiles the OIG found out of the 100 sampled. The OIG made two recommendations to address the Laboratory’s compliance with standards governing CODIS activities and the FBI agreed with the corrective actions taken by the Laboratory.
- In an audit of CODIS activities at the Texas Department of Public Safety Lubbock Criminal Laboratory (Laboratory), the OIG determined that CODIS access is properly safeguarded and the Laboratory is in compliance with Quality Assurance Standards tested. However, the audit noted that while NDIS requires personnel records be kept for 10 years, the Laboratory’s operations guide requires that personnel records be retained for only 5 years. The OIG recommended that the FBI ensure that the Laboratory amend its operations guide to reflect NDIS personnel records retention requirements and the Laboratory agreed to work with the FBI to find a mutually agreeable solution regarding this policy. In addition, Laboratory officials took corrective action for the 2 forensic DNA profiles, out of 100 profiles sampled, the OIG determined were unallowable for inclusion in the National DNA Index System.
- The OIG audit at the Tarrant County Medical Examiner’s Office Laboratory (Laboratory) in Tarrant County, Texas, found the Laboratory to be in compliance with the NDIS requirements and Quality Assurance Standards we tested. In addition, the Laboratory’s 100 forensic DNA profiles that the OIG reviewed were complete and accurate. However, the Laboratory removed nine of these profiles from NDIS because they did not meet the NDIS requirements for inclusion. Because our findings were addressed before our final report was issued, our final audit report contained no recommendations.
- The OIG audit of the Texas Department of Public Safety McAllen Criminal Laboratory (Laboratory) in McAllen, Texas, found that, with the exception of the Laboratory’s policy to retain personnel records for 5 years instead of the required 10 years, it was in compliance with the NDIS participation requirements and Quality Assurance Standards we tested. In addition, of the 100 forensic DNA profiles that we reviewed, 98 profiles were allowable for inclusion in NDIS. The Laboratory removed from NDIS two remaining profiles prior to our audit because, in one case, the Laboratory determined it was inappropriate, and in the other, it could not be determined if the profile was from the victim or the perpetrator.
During this reporting period, the OIG received 812 complaints involving the FBI. The most common allegations made against FBI employees were official misconduct, waste and mismanagement, and off-duty violations. Most of the complaints received during this period were considered management issues and were provided to FBI management for its review and appropriate action.
During this reporting period, the OIG opened 19 investigations and referred 28 allegations to the FBI’s Inspection Division for action or investigation. At the close of the reporting period, the OIG had 39 open criminal or administrative investigations of alleged misconduct related to FBI employees. The criminal investigations covered a wide range of offenses, including off-duty violations, official misconduct, and conflict of interest. The administrative investigations involved serious allegations of misconduct.
The following are examples of cases involving the FBI that the OIG’s Investigations Division investigated during this reporting period:
- On August 10, 2011, an FBI Supervisory Senior Resident Agent was arrested and pled guilty on charges of making false statements. The Supervisory Senior Resident Agent admitted in pleading guilty that in 2010 he prepared a false evidence inventory and receipt form claiming that he had removed cash seized in a drug investigation in 2009 from FBI evidence and then placed it back into evidence at a local drug task force office. He admitted that he forged the signatures of two law enforcement officers as witnesses of the alleged transfer of cash on the evidence inventory and receipt form. The Supervisory Senior Resident Agent is no longer an FBI employee.
- On April 1, 2011, an FBI financial analyst assigned to the FBI Tampa Division in Tampa, Florida, was arrested and pled guilty to charges of theft of government property. In pleading guilty, the financial analyst admitted submitting fraudulent requests for disbursement of government funds through the FBI Tampa Division draft office. The financial analyst was sentenced in the Middle District of Florida to 60 months’ probation and was ordered to pay $1,190 in restitution. The financial analyst retired from the FBI. The investigation was conducted by the OIG’s Miami Field Office.
- In our September 2010 Semiannual Report to Congress, the OIG reported on an investigation that led to the arrest of an FBI Special Agent on charges of wire fraud, bank fraud, and bankruptcy fraud charges. The investigation by the OIG’s Miami Field Office developed evidence that the Special Agent provided false information to obtain mortgage loans. In his mortgage applications, the Special Agent falsely claimed that he was employed by an alleged music company. The FBI Special Agent filed for bankruptcy in July 2009, and he failed to include properties the Special Agent owned or transferred on the bankruptcy application. During this reporting period, he was found guilty at trial on 15 counts of wire fraud and 3 counts of bankruptcy fraud and sentenced in the Middle District of Tennessee to 48 months’ incarceration followed by 36 months’ supervised release and was ordered by the court to pay $675,143 in restitution.
Integrity and Compliance Program
The OIG is reviewing how the FBI’s Integrity and Compliance Program identifies risks of non-compliance with both the letter and spirit of applicable laws, regulations, rules, and policies; ranks identified risks; analyzes highly ranked risks; mitigates risks with adequate corrective actions; monitors the implementation of the corrective actions to ensure that mitigation is effective; and promotes a culture of integrity and ethical compliance throughout the FBI.
The OIG is continuing its audit of the FBI’s management of terrorist watchlist nominations and encounters with watchlisted subjects. In FYs 2008 and 2009, the OIG conducted two audits related to the FBI terrorist watchlist nomination practices. In these audits, the OIG found that the FBI’s procedures for processing international terrorist nominations were, at times, inconsistent and insufficient, causing watchlist data used by screening agencies to be incomplete and outdated. The OIG found that the FBI failed to nominate for watchlisting many subjects of its terrorism investigations, did not nominate many others in a timely manner, and did not update or remove watchlist records as required. As a result of these reviews, the FBI reported that it had undertaken several initiatives and implemented new processes and guidelines to enhance its watchlisting system.
The objectives of the OIG’s ongoing audit are to assess the impact of recent events on the FBI’s watchlisting system and evaluate the effectiveness of the initiatives recently implemented by the FBI to ensure the accuracy, timeliness, and completeness of the FBI’s watchlisting practices, including watchlist nominations, modifications, and removals.
Section 702 of the Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008 (Act) authorizes targeting non-U.S. persons reasonably believed to be outside the United States to acquire foreign intelligence information. As required by the Act, the OIG is examining the number of disseminated FBI intelligence reports containing a reference to a U.S. person identity, the number of U.S. person identities subsequently disseminated in response to requests for identities not referred to by name or title in the original reporting, the number of targets later determined to be located in the United States, and whether communications of such targets were reviewed. In addition, the OIG is examining the FBI’s compliance with the targeting and minimization procedures required under the Act.
The OIG is again examining the FBI’s use of national security letters (NSL) and Section 215 orders for business records. Among other issues, our review is assessing the FBI’s progress in responding to the OIG’s recommendations in prior OIG reports that examined the FBI’s use of these authorities. Our review will also evaluate the automated system the FBI implemented to generate and track NSLs in response to the deficiencies identified in our prior reports, the number of NSLs issued and 215 applications filed by the FBI from 2007 through 2009, and any improper or illegal uses of these authorities. In addition, the review is examining the FBI’s use of its pen register and trap-and-trace authority under the Foreign Intelligence Surveillance Act of 1978 (FISA).
The OIG is conducting an audit of to assess the management of FBI aviation operations and evaluate whether the use of official aircraft is appropriate and necessary to support official business operations. A similar but separate audit is being conducted of the DEA’s management of aviation operations.
The OIG is continuing to evaluate the FBI’s ongoing development and implementation of the Sentinel information technology project, which is intended to upgrade the FBI’s electronic case management system and provide the FBI with an automated workflow process.
The OIG is conducting a follow-up audit of the FBI’s forensic DNA case backlog. The audit will evaluate the status of the implementation of a laboratory information management system and progress towards a Department-wide laboratory information management system. It will also examine the effect of outsourcing agreements on the overall DNA forensic casework backlog, and assess any impending external factors that may impact the ability of the forensic DNA units to maintain their workload.
Follow-up Review Examining the FBI’s Response to the Leung Report Recommendations
The OIG is conducting a follow-up review of the FBI’s progress in implementing the recommendations contained in our May 2006 report, “A Review of the FBI’s Handling and Oversight of FBI Asset Katrina Leung.” The review is examining matters concerning the FBI’s source validation process as well as FBI procedures governing agent interaction with sources.