U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.


  1. Home

Statement of Michael E. Horowitz, Inspector General, U.S. Department of Justice before the U.S. House of Representatives Committee on the Judiciary, Subcommittee on Crime, Terrorism, Homeland Security, and Investigations concerning “The Department of Justice’s Handling of Known or Suspected Terrorists Admitted into the Federal Witness Security Program”

Office of the Inspector General United States Department of Justice

Statement of Michael E. Horowitz Inspector General, U.S. Department of Justice

before the

U.S. House of Representatives Committee on the Judiciary

Subcommittee on Crime, Terrorism, Homeland Security, and Investigations


The Department of Justice’s Handling of Known or Suspected Terrorists Admitted into the Federal Witness Security Program

June 4, 2013

Mr. Chairman, Congressman Scott, and Members of the Subcommittee:

Thank you for inviting me to testify about the Department of Justice’s (Department) handling of known or suspected terrorists admitted into the federal Witness Security (WITSEC) Program.

As you are aware, the Department of Justice Office of the Inspector General (OIG) issued an interim report on May 16, 2013, that focused on the WITSEC Program activities administered by the Criminal Division’s Office of Enforcement Operations (OEO) and the United States Marshals Service (USMS). While conducting its audit of the WITSEC Program, the OIG found significant issues concerning national security that it believed required an immediate remedy and notified Department leadership of them. We developed the interim report, which was issued and delivered to the Department and the Congress, to help ensure that those deficiencies were promptly and sufficiently addressed. The OIG will be continuing its review of the WITSEC Program, including evaluating the Department’s progress in implementing corrective measures in response to the 16 recommendations contained in our interim report.

Due to statutory restrictions and concerns about national security and the safety of WITSEC Program participants cited by the Department, most of the results of our full interim report were not releasable publicly. However, when we issued the interim report we also released a public summary of the report. My comments in today’s public hearing will be limited to the content of that public summary, although I would be pleased to discuss the other findings contained in our full interim report with the Subcommittee in an appropriate setting.


According to Department estimates, more than 8,400 witnesses and 9,900 family members and other associates of witnesses have been admitted into the WITSEC Program since its inception in 1971. As of May 15, 2012, the USMS’s portion of the WITSEC Program (USMS WITSEC Program) had approximately 700 active participants. Participants in the USMS WITSEC Program are relocated to an area believed to be safe from those who may want to harm them; provided a new identity; and afforded financial subsistence, occupational training, and other means necessary for them to acclimate to their new location.

The WITSEC Program was originally designed to protect witnesses, and their dependents, who were in danger as a result of their agreement to testify for the government in organized crime cases. However, the program has evolved over the past 40 years to admit witnesses who agree to testify in a variety of cases, including drug trafficking, violent gang, and terrorism cases. Indeed, the audit we conducted confirmed that WITSEC Program participants include individuals who, pursuant to the definitions established in the Terrorist Screening Center’s (TSC) Watchlisting Guidance, are considered by the government to be known or suspected terrorists. This includes individuals trained in areas such as aviation and explosives, involved in plotting bombing attacks, and guilty of serious offenses such as conspiracy to murder U.S. nationals.

National Security Vulnerabilities

When handling known or suspected terrorists in the WITSEC Program, we believe that national security risks must be mitigated by specific, formalized procedures that consider national security implications along with the protection of WITSEC participants. Yet our audit found significant deficiencies in the handling of known or suspected terrorists who were admitted into the USMS WITSEC Program. Specifically, we determined that OEO and the

USMS – the two entities primarily responsible for managing the WITSEC Program for participants who are not incarcerated – did not involve national security stakeholders when admitting and monitoring known or suspected terrorists into the WITSEC Program.

Inadequate Monitoring of Known or Suspected Terrorists Admitted to the USMS WITSEC Program

Our review found that the Department did not definitively know how many known or suspected terrorists were admitted into the USMS WITSEC Program and that it had not adequately monitored those that had been admitted into the WITSEC Program.

In response to our review, the Department began an analysis of its WITSEC Program case files to determine how many known or suspected terrorists were admitted into the WITSEC Program. Last month, the Department told the OIG that it had completed its review of the files for all participants entering the WITSEC Program since 1996. Additionally, and at our recommendation, the Department compared the true names, aliases, and government-provided identities for the over 18,000 WITSEC Program participants and their dependents who had entered the Program since its inception to the consolidated terrorist watchlist. This essential comparison identified additional known or suspected terrorists who were not identified in the Department’s initial WITSEC Program case file reviews.

It is our understanding that, to date, the Department has identified a small but significant number of USMS WITSEC Program participants as known or suspected terrorists. However, the Department’s review of its more than 18,000 WITSEC case files is ongoing, and until this review is complete, we believe the Department will be unable to state definitively that it has identified, located, and minimized the threat of all known of suspected terrorists previously admitted into the WITSEC Program.

I also note that in July 2012, the USMS stated that it was unable to locate two former WITSEC participants identified as known or suspected terrorists, and that through its investigative efforts it has concluded that one individual was, and the other individual was believed to be, residing outside of the United States.

Failure to Share New Identities of Known or Suspected Terrorists with the TSC

We found that the Department was not authorizing the disclosure to the TSC of the new identities provided to known or suspected terrorists and their dependents in the USMS WITSEC Program. The TSC's consolidated terrorist watchlist is exported to various screening databases, including the Transportation Security Administration's (TSA) No Fly and Selectee lists, which are used to identify known or suspected terrorists attempting to fly on commercial airlines. Individuals placed on the TSA's No Fly list are prohibited from flying on commercial planes, and individuals on the TSA's Selectee list require additional screening procedures in order to board a commercial aircraft.

As a result of the Department not disclosing relevant information to the TSC about these known or suspected terrorists, the new, government-provided identities of known or suspected terrorists were not included on the government's consolidated terrorist watchlist until we brought this matter to the Department's attention. Therefore, it was possible for known or suspected terrorists, using their new government-issued identities, to fly on commercial airplanes in or over the United States and evade one of the government's primary means of identifying and tracking terrorists' movements and actions. We identified some USMS WITSEC Program participants who were on the TSA's No Fly list yet were allowed to fly on commercial flights using their new identities with WITSEC Program officials' knowledge and approval. Moreover, these individuals, on their own accord, could have flown without WITSEC Program officials' knowledge and approval.

As a result of our review, the Department established protocols to share with the TSC and the FBI the identities of known or suspected terrorists in the USMS WITSEC Program. Further, in May 2012, the Department implemented revised protocols and improved its security measures regarding participants' use of commercial flights. The Department also told us that as of March 2013: (1) the FBI had completed threat assessments on all but one of the USMS WITSEC Program participants disclosed to it by the USMS and OEO as having a potential nexus to terrorism, and (2) none of these individuals had revealed a threat to national security at that time. The only threat assessment yet to be completed at that time related to a USMS WITSEC participant in BOP custody who had not been provided a new identity. We have not verified the Department’s information about these threat assessments, but as we continue our review we intend to evaluate the Department's stated progress on this matter.

Failure to Share Potentially Derogatory Information about USMS WITSEC Program Participants with the FBI

Shortly after we began our review, we developed concerns about inconsistent, informal, and inadequate information sharing and coordination between OEO, the USMS, and Department’s national security stakeholders regarding WITSEC Program participants. Of particular concern, we found that prior to May 2012, OEO, the USMS, and FBI did not have a formal process to share WITSEC terrorism information, and that OEO and the USMS did not always share case information of potential value to the FBI.

In one instance, we noted that in a June 2009 field report a USMS Inspector reported his belief that a WITSEC participant was trying to gather intelligence on sensitive policies and procedures of the USMS WITSEC Program for militant Muslim groups, yet we found no evidence that this information was shared with the FBI when it was reported to USMS WITSEC headquarters personnel near the time the Inspector recorded this concern. USMS WITSEC Program personnel surmised that this information was not passed to the FBI at that time because USMS WITSEC Program officials determined that the statements about the witness gathering intelligence for a terrorist group were based more in opinion than fact and that the witness was concerned about the amount of funding the witness' family was receiving. Nevertheless, certain WITSEC Program personnel with whom we discussed this matter stated that the information should have been shared with the FBI at the time it was originally reported. Following our discussion with WITSEC Program personnel about this matter, an FBI official told us that this information had been shared with the FBI in February 2012, years after the Inspector originally stated his concern. We believe information such as that found in this situation must be shared with the FBI immediately, so that the FBI, the Department component with primary responsibility for assessing national security threats, can determine the appropriate action.

OIG Recommendations

Our non-public interim report makes 16 recommendations to assist the Department in its efforts to include national security considerations when identifying, admitting, monitoring, and terminating WITSEC Program participants who are known or suspected terrorists. The Department agreed with all 16 recommendations and told the OIG that, as of March 2013, it had implemented corrective actions for 15 of these recommendations and was in the process of implementing corrective action on the remaining recommendation. These actions include sharing WITSEC Program participant identity and case file information with the FBI and TSC on known or suspected terrorists, performing threat assessments on known or suspected terrorists admitted into the WITSEC Program, and developing protocols for enhanced monitoring of these individuals. To date, we have received sufficient information about these actions to close 3 of the recommendations, and we intend to evaluate the Department's progress and effectiveness in addressing the rest of our recommendations in a future report.


The operations of the USMS WITSEC Program in general, and the corrective actions we have recommended in our non-public interim report, require the ongoing attention of the Department’s senior leadership. A program that was designed to protect cooperating witnesses must be operated in a manner that also ensures the public’s safety. I look forward to working closely with the Department and the Congress to ensure that the national security vulnerabilities and other issues identified during our review are addressed quickly and appropriately.

This concludes my prepared statement. I would be pleased to answer any questions that you may have.