TSA Port Worker Identity Card Vetting Is as Substandard as USCIS Benefits Vetting

By Dan Cadman on September 22, 2016

The Department of Homeland Security Office of Inspector General (DHS OIG) has issued an important report: "TWIC Background Checks Are Not as Reliable as They Could Be". The acronym TWIC stands for Transportation Worker Identification Card, the laminated document provided to employees who are able to enter, with few restrictions, the secure "sterile" areas of airports, seaports, and other sensitive public transportation nodes.

I can think of few more significant documents in the post-9/11 era. If the TWIC issuance program is weak, it becomes an open invitation to terrorists or contraband drug and gun smugglers to achieve their goals with someone on the inside — see, for example, the Sinai airport bombing, which took down a jet filled with primarily Russians ending their holiday shortly after takeoff. In that case, airport workers conspired with ISIS jihadists to smuggle an explosives-laden laptop computer on board.

And yet despite the critical importance of security controls over that document, here's what DHS OIG had to say about the Transportation Security Administration's (TSA) handling of the TWIC issuance process:

  • Fraud detection techniques are not monitored and used in completing the background check;
  • Adjudicators may grant TWICs even if questionable circumstances exist;
  • Key quality assurance and internal control procedures are missing from the background check and terrorism vetting processes; and
  • New efforts tested for continuous vetting for disqualifying criminal or immigration offenses lack measures to determine the best solution. (Emphasis added.)

These issues exist, in part, because TSA leadership relies on the TWIC program office to implement necessary improvements; however, the TWIC program office focuses more on customer service than effectiveness of the program.

To say that all of these bullet points are a matter of great public concern is to engage in gross understatement.

I was stunned to find, for instance, that TSA doesn't routinely monitor the notes submitted by "trusted agents" (key port personnel who are authorized to accept TWIC applicant enrollment data on TSA's behalf). According to the OIG:

Trusted Agent notes included statements such as "SSC feels to be fraudulent" and "His Social Security card is a fraud it is typed on the front and pieced together on the back from another SS card." [Yet] TSA adjudicators never reviewed or considered these notes when reviewing background information and deciding whether to issue a TWIC. (Emphasis added.)

The OIG also reports:

Similarly, we identified missing controls in the Colorado Springs Operations Center terrorism vetting process to prevent a positive match from going undetected...An analyst independently reviews the scores to determine if there is a match...When the analyst confirms a match, a supervisor reviews the analyst's report to verify the match. However, if an analyst concludes there is not a match, there is no review of the analyst's decision. Therefore, if an analyst accidentally or intentionally fails to identify a terrorist threat, TSA does not have controls in place to catch the error. (Emphasis added.)

Needless to say, the fourth/final bullet relating to continuous vetting of criminal and immigration offenses was of specific interest to me. The OIG's findings were as disturbing as in the other areas of significance:

Although TSA compares applicants information to the IDENT system [the Department of Homeland Security's database containing millions of entries with both biographic and biometric (fingerprint and photograph) information], we found that TSA adjudicators do not use the IDENT match results when reviewing TWIC cases because they do not understand its content or significance. IDENT is a valuable tool when completing background checks because it not only provides biometric and fingerprint-based information on potentially disqualifying criminal offenses, but also immigration offenses. IDENT provides adjudicators access to information reported by DHS, and the Departments of State, Justice, Defense.

In other words, illegal or previously deported or criminal or terrorist aliens could be working in the secure areas of your airport right now using TSA-issued credentials, and TSA would not know it.

We have just observed the 15th remembrance of the 9/11 terrorist attacks — the very attacks that resulted in creation of TSA, and that fundamentally changed our nation forever. That this state of affairs could exist in the DHS agency responsible for securing the nation's transportation nodes is intolerable.

Reading this report, I am reminded of the great gaping holes that exist in U.S. Citizenship and Immigration Services (USCIS), another DHS agency charged with vetting aliens before granting them immigration benefits, including that most precious gift, naturalization.

All of this says a great deal to me not only about the leadership within TSA and USCIS, but within the entire Homeland Security leadership tier. They just don't get it.