The Drug Enforcement Administration’s Payments to Confidential Sources
Audit Report
July 2005
Office of the Inspector General
|
The Confidential Source program is an important tool used by the Drug Enforcement Administration (DEA).1 DEA officials state that without confidential sources, the DEA could not effectively enforce the controlled substances laws of the United States. Confidential sources come from all walks of life and are significant to initiating investigations and providing information or services to facilitate arrests and seizures of drugs and cash. According to the DEA, it has approximately 4,000 active confidential sources at any one time. Although confidential sources can be critical to an investigation, special care must be taken to carefully evaluate and closely supervise their use. Confidential sources can be motivated by many factors, including fear, financial gain, avoidance of punishment, competition, and revenge; therefore, the credibility of a source must be balanced against the information they provide. Widely publicized cases of informants utilized by the Federal Bureau of Investigation and the DEA gone awry highlight the need for special care and guidance in dealing with such confidential sources. Recognizing the need for guidance in dealing with confidential sources, in May 2002 the Attorney General issued revised Attorney General Guidelines Regarding the Use of Confidential Informants (Attorney General Guidelines), with which Justice law enforcement agents are required to comply. The Office of the Inspector General (OIG) initiated this audit to assess the DEA’s compliance with regulations concerning confidential informants and the DEA’s controls over confidential source payments. To conduct our audit, among other things, we researched the DEA’s Confidential Source program by reviewing pertinent documents, including the four versions of the DEA Agent Manual in effect since 1998; the DEA Financial Handbook, undated (obtained from the DEA in May 2003); and the Attorney General Guidelines. In addition, we reviewed the DEA’s process of establishing, paying, and monitoring confidential sources, and we interviewed DEA agents and finance personnel in headquarters and seven DEA field offices. The following summarizes the major findings of the OIG’s report. The OIG’s full 126-page report contains information that the DEA considers sensitive law enforcement information that cannot be publicly released. However, the full report has been provided to the DEA, Department officials, and congressional committees with oversight of the DEA. OIG FINDINGS The DEA Can Improve Risk Management Over the Use of Confidential Sources The risks surrounding the use of confidential sources challenge the DEA to ensure that sources are not only credible, but also that agents do not develop close financial or personal relationships with sources that could compromise a case. Managing confidential sources requires the DEA to constantly assess the risk for each source it utilizes. In this context, risk assessment is the continual identification and analysis of relevant adverse factors that are weighed against the potential benefit of using the confidential source. Although the DEA has adopted policies and procedures to manage the risk of using confidential sources, we found that the DEA can improve its risk management in the following areas: 1) initial suitability reporting and recommendations, 2) categorization of confidential sources, 3) continuing suitability reporting and recommendation, 4) review of longterm confidential sources, and 5) maintenance of impeachment information. Initial Suitability Reporting and Recommendations The Attorney General Guidelines outline requirements that the DEA must fulfill before activating a confidential source. Specifically, case agents for confidential sources need to complete and sign a written Initial Suitability Report and Recommendation that addresses specific risk factors, or indicate on the report that a particular factor is not applicable.2 According to the DEA Agent Manual, although a suitability statement need not consist of more than one paragraph, it must detail the specific benefits of utilizing the source and provide the reasons for utilizing a source despite any adverse information. Our audit found that most written initial suitability assessments did not address the specific risk assessment factors. The majority of suitability statements had general statements indicating, in essence, that the benefits of using the confidential source outweighed the risks, without specifying either the benefits or the risks. These descriptions do not meet the requirements of the DEA Agent Manual or the Attorney General Guidelines that suitability statements detail the specific benefits of utilizing the confidential source despite the identified risk factors. Moreover, DEA training information stated that written risk assessments of potential confidential sources were not required and were to be performed at the discretion of the Special Agent in Charge. In fact, one division office had a formal divisional order that stated agents were not to write risk assessments, another office issued guidance that stated a separate written risk assessment was no longer necessary, and a Special Agent in Charge in a third office waived the requirement to document risk assessments. The fact that DEA does not require a written suitability report that addresses all the specific factors in the Attorney General Guidelines means the DEA Agent Manual is not in compliance with the Attorney General Guidelines. We believe that a written, comprehensive initial suitability risk assessment is critical to measuring the benefits of utilizing a confidential source, and it could help other agents who want to use the confidential source but may be unaware of pertinent derogatory information concerning the source. In addition, this risk assessment should guide the nature and extent of confidential source monitoring. Categorization of Confidential Sources A confidential source can be categorized into one of several classifications. How a confidential source is categorized determines the nature and extent of monitoring an agent performs. Despite the importance of appropriately categorizing a confidential source, the DEA does not require agents to document their rationale for how a confidential source is categorized. Our audit revealed instances where we had concerns with the DEA’s categorization decisions. This finding highlights the need for a documented rationale for the categorization of confidential sources. Continuing Suitability Reporting and Recommendations Once a confidential source has been established, the Attorney General Guidelines require the case agent to review, at least annually, the confidential source’s file and complete and sign a written Continuing Suitability Report and Recommendation that must be forwarded to a field manager for written approval. The purpose of the Continuing Suitability Report and Recommendation is to determine whether the risk of using a source has changed since the initial evaluation and whether the confidential source should continue to be utilized. In completing the Continuing Suitability Report and Recommendation, the case agent must address the same factors outlined in the initial suitability determination (or indicate that a particular factor is not applicable), the length of time that the individual has been registered as a confidential source, and the length of time the source was handled by the same agent. Instead of an annual review, the DEA requires first-line supervisors and controlling agents to perform Quarterly Management Reviews of Confidential Source Utilization (Quarterly Management Review) on each active confidential source. Our audit revealed that none of the Quarterly Management Reviews addressed all continuing suitability factors outlined in the Attorney General Guidelines. Although some of the factors were addressed, most reviews contained generic or boilerplate statements such as “no changes in biographic information.” Given that the initial suitability report is generally not written and therefore does not provide information on all suitability factors, the lack of specific information in the Quarterly Management Reviews makes it even more difficult to determine if agents are aware of the risks of using the source and are taking these risks into consideration when determining if the confidential source is suitable and the extent they should be monitored. Review of Long-Term Confidential Sources One of the purposes of the Attorney General Guidelines is to provide more oversight of agents handling confidential sources by having individuals who are not as close to confidential sources make critical decisions over payments and other matters. The Attorney General Guidelines require a “Confidential Informant Review Committee” to review confidential sources who have been active for more than six consecutive years, and to the extent such a confidential source remains active, every six years thereafter. Prior to November 2003, the DEA had not reviewed matters relative to its long-term confidential sources. Although the DEA has since appointed a committee and started reviewing matters relative to DEA long-term confidential sources, we found that the committee’s review is limited to summary information rather than actual confidential source files. Further, the DEA has no rating system to assess the quality of the information provided or services rendered by confidential sources. Instead, it relies on an agent’s knowledge and skill to assess whether a confidential source is effective. We believe the DEA should strengthen its management over longterm confidential sources. We believe the Committee relies too heavily on the Headquarters Confidential Source Unit and Special Agents in Charge because the DEA does not adequately document required suitability factors in its initial suitability report and its Quarterly Management Reviews. In our view, the Committee should provide a high-level, independent review of long-term confidential sources. If the committee relies solely on the Special Agents in Charge and the Headquarters Confidential Source Unit without independently reviewing pertinent original information itself, the value of its oversight is significantly diminished. Maintenance of DEA Impeachment Information The DEA Agent Manual requires agents to provide prosecutors with all discoverable information pertaining to any confidential source who may be utilized as a witness. This information includes payments to the confidential source, any oral or written agreements between the DEA and the confidential source, and any impeachment information known by the DEA that may affect the credibility of the confidential source. The DEA relies on agents to perform manual searches of the confidential source files in order to report discovery information. As noted previously, the DEA does not detail the confidential source’s suitability either when initially establishing the source or during the quarterly review. Therefore, it may be difficult for an agent who was not present at either the establishment or quarterly briefing of a confidential source to discover impeachment information. We believe the DEA can improve its tracking of impeachment information by adding such information to an existing DEA database. The DEA Lacks an Effective and Accurate Confidential Source Payment System The DEA is required by the Attorney General Guidelines to establish accounting and reconciliation procedures that reflect all monies paid to confidential sources. Our audit identified deficiencies in the DEA’s accounting and reconciliation of confidential source payments that led us to conclude that the DEA does not have an effective confidential source payment tracking system. Specifically, we found deficiencies with the accounting and monitoring of calendar year and lifetime payments, problems with the systems used to account for confidential source payments, and control breakdowns that indicate closer supervisory oversight of confidential source payments is needed. Accounting and Monitoring of Annual and Aggregate Payments The Attorney General Guidelines state that payments to a confidential source that exceed an aggregate of $100,000 within a one-year period shall be made only with the authorization of a senior field manager and the express approval of a designated senior headquarters official. In addition, regardless of the timeframe, any payments to a confidential source that exceed an aggregate of $200,000 should be made only with the authorization of a senior field manager and the express approval of a designated senior headquarters official. Our audit revealed weaknesses with how the DEA accounts for non-appropriated funds, and monitors calendar year and lifetime payments; therefore, we could not determine if the appropriate approvals were obtained. Accounting for Non-Appropriated Funds. The DEA Agent Manual states that only DEA-appropriated funds will be included in the determination of calendar year and lifetime payment amounts. The Attorney General Guidelines do not distinguish between appropriated and non-appropriated funds. The DEA Agent Manual goes on to say that all confidential source payments using appropriated funds or funds from other agencies must be documented. However, payments using non-appropriated funds – such as High Intensity Drug Trafficking Areas (HIDTA) funds – were not considered by the DEA in determining whether payments to a confidential source exceed calendar year or lifetime payment caps. Further, the DEA could not provide the OIG with the total confidential source payments using HIDTA funds. Monitoring Calendar Year and Lifetime Payments. In addition to not counting non-appropriated funds towards the calendar year and lifetime payments, we noted other problems with how the DEA monitors annual (calendar year) and aggregate (lifetime) payments. During our audit, DEA officials first stated that its payment database monitors the annual and lifetime payments and “flags” payments that put the totals over the limits. The flag is supposed to signal that headquarters approval is required to exceed the cap; however, it does not prevent the payment. In addition, we were informed by both the former and current Section Chief of the Confidential Source Unit, numerous DEA agents, and five of the seven Confidential Source Coordinators for the offices we visited that the database is unreliable. Among the problems were time lags in processing the payments, a lack of quality controls, and a communication disconnect between the DEA Office of Finance and the Confidential Source Unit regarding who is responsible for the database and correcting any problems. A DEA official said that incomplete records in the data make it impossible to perform a proper audit of a confidential source’s payment history. Later during the audit, the DEA stated that Confidential Source Coordinators monitor the calendar year and lifetime payments by manually adding up the payments listed in the confidential source files. Yet, confidential sources could be active in more than one office, so Confidential Source Coordinators must contact all offices in which the source is active to arrive at a source’s total calendar year and lifetime payments. Problems with the Systems Used to Account for Confidential Source Payments Although the DEA has made enhancements to its confidential source payment systems, more can be done. During our audit, we noted controls could be strengthened by ensuring that inactive sources and closed cases are deactivated from the confidential source payment system. In addition, the DEA should continue enhancing the interface between its payment systems and also implement an audit trail to identify what changes are made to the electronic records. Review of Payments We also found problems with DEA payments to confidential sources, which indicate closer supervisory oversight of confidential source payments is needed. For example, many payments did not specify the payment type, had more than one type of payment specified, or the remarks describing the payment did not correspond to the payment type selected. Even though payments either were incomplete or in error, a supervisor had approved them. Such errors would make it difficult to accurately respond to a prosecutor’s request to list payments to a confidential source by type of payment. Our audit determined that in completing payment documentation, agents did not always include a brief synopsis of the basis or justification for the payment, the source of funds (if funding was provided by another agency), and a citation to the Report of Investigation or teletype that explains or justifies the payment. Given the wide latitude agents have in determining the amount of payments and the confidential nature of the transactions, the justification for the payment should be specifically identified. Without a specific justification, supervisory officials could not accurately determine if a payment is reasonable or appropriate. In addition, many payments did not include receipts or any description of the expenditure, other than generic descriptions such as “expenses incurred” or “U/C expenses.” It is important that the expense description be specific given the wide latitude agents have in determining the amounts of the payments and the confidential nature of the transactions. The lack of receipts and the inadequate descriptions of the expenses create a lax internal control environment where payments may be approved that are not reasonable, appropriate, or justified. We believe that the DEA supervisors need to improve their oversight over reimbursements. Conclusion and Recommendations Our audit identified areas where the DEA can improve its management of the use of confidential sources. We found that Initial and Continuing Suitability Reports and Recommendations were not adequately documented. These assessments are important in assessing the risks of utilizing a confidential source and should determine the nature and extent of confidential source monitoring. We also found instances where multiple DEA offices categorized the same source differently and improperly categorized other sources. Further, the DEA’s failure to independently review and evaluate underlying suitability data diminishes the value of this high-level oversight function. We also concluded that the DEA does not have an effective system that accounts for and reconciles all confidential source payments. The DEA relies on a manual process to provide payment information during discovery and to determine if payments to confidential sources exceeded calendar year and lifetime caps. This manual process is time-consuming, prone to error, and could adversely affect the DEA’s ability to provide accurate confidential source payment information. We made 12 recommendations to help the DEA improve its management of confidential sources. Among these recommendations are for the DEA to require comprehensive written Initial and Continuing Suitability Reports that address all of the factors specified in the Attorney General Guidelines; require that the Committee either review the confidential source files for all long-term confidential sources, or review the written Initial and Continuing Suitability Reports and Recommendations and document their findings; add a module to an existing database system to track confidential source impeachment information; and account for all payments made to a confidential source by the DEA, not just payments using DEA-appropriated funds. The DEA agreed with most of the recommendations and stated that it would take corrective action or had already taken action to address the OIG’s recommendations. Footnotes
|