Department of Justice (DOJ) Inspector General Michael E. Horowitz announced today the release of a report examining the Federal Bureau of Investigation’s (FBI) confidential human source (CHS) validation processes. The FBI’s CHS validation processes involve vetting the credibility of a CHS and assessing the veracity of the information the source provides.Validation is critical to the overall integrity and reliability of the FBI’s CHS program.
The DOJ Office of the Inspector General (OIG) identified numerous issues related to the FBI’s validation processes. The report also discusses issues with FBI CHS communications and the FBI’s ability to ensure that its CHS network aligns with the most significant identified threats. Some of the specific findings in the report released today include:
- The FBI Did Not Comply with the AG Guidelines and Faces Ongoing Challenges in Overseeing Long-Term CHSs. We identified a backlog of long-term CHSs awaiting required validations. Both the Attorney General Guidelines Regarding the Use of FBI CHSs (AG Guidelines) and FBI policy categorize CHSs based on several risk factors. The AG Guidelines identify “long-term” operation of a CHS – a period of greater than 5 years – as a risk factor, indicating a heightened need for validation. However, we found that the FBI did not comply with the AG Guidelines’ requirements and its own policies and procedures for managing long-term CHSs by not validating all long-term CHSs after 5 years as required. By not timely reviewing long-term CHSs for continued use, the FBI risks retaining active CHSs who should have been closed for cause. We also found the FBI’s long-term CHS validation reports insufficient because they did not review the full scope of a long-term CHS’s work for the FBI. Moreover, FBI employees conducting CHS validation reviews told us they were discouraged from documenting conclusions and recommendations arising from the validation process.
- FBI’s Current Validation Process Lacks Adequate Controls. We found that the FBI has not implemented adequate controls in its latest validation process, creating a risk that CHSs are not adequately scrutinized or prioritized. Specifically, the FBI’s current validation process does not provide sufficient independent FBI headquarters oversight and monitoring to ensure CHS risk is effectively mitigated.
- Securing and Safeguarding Communications with CHSs. We found that the FBI lacked clear guidance to inform its personnel of the acceptable platforms for communicating with CHSs. Without clear guidance, we believe there is increased operational risk that could result in agents and CHSs being put in harm’s way.
- Coverage Gaps in the FBI’s Network of CHSs. We identified issues related to the FBI’s ability to align its CHSs with its highest threat priorities. Specifically, we found that the FBI lacked an automated process to analyze the threat areas in which it has CHS coverage, and relied on an ineffective process that could result in outdated information. In addition, we found that a proposed automated system being developed would rely on data from several other FBI systems, including its CHS system of record which has known issues related to data quality.
Today’s report makes 16 recommendations to assist the FBI and the Department of Justice in improving the FBI’s CHS program. The FBI and Department of Justice agreed with all 16 recommendations and has started corrective measures.
The OIG initiated this audit in 2018, and had previously conducted reviews of the human source programs at the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) in 2017 and the Drug Enforcement Agency (DEA) in 2016 and 2015.