The Federal Bureau of Investigation's Efforts to Protect the Nation's Seaports
(Redacted and Unclassified)

Audit Report 06-26
March 2006
Office of the Inspector General

Findings and Recommendations

Finding 1: Maritime Initiatives

Maritime Liaison Agents (MLA), assigned to 31 of the FBI’s 56 field offices and 12 of its resident agency offices, are the most visible FBI resource dedicated to maritime terrorism. MLAs are primarily responsible for coordinating with other organizations who share responsibility for security at the nation’s ports, to facilitate the sharing of information on threats and security measures. However, because the MLA program is not risk-based, MLAs are not necessarily assigned to the most critical ports. As a result, field offices with multiple vital ports have only one MLA while other field offices with only minor maritime activity have multiple MLAs. The FBI’s case classification system does not allow it to measure the amount of time MLAs or other agents or analysts spend preventing or investigating maritime terrorism, including related categories such as time spent on training or participating in Coast Guard-sponsored Area Maritime Security Committees (AMSC).4

Shortly after our audit began in May 2005, the CTD created a Maritime Security Program and transferred the MLA program into it. The Maritime Security Program is intended to be the focal point for the FBI’s maritime efforts and is charged with coordinating the FBI’s obligations and responsibilities under the National Strategy for Maritime Security and the strategy’s eight implementing plans. The Maritime Security Program has 13 objectives for fiscal year (FY) 2006, many of which we believe will be beneficial and help focus the FBI’s maritime-terrorism efforts. However, we are concerned that the objectives do not include critical areas such as the development of informants and threat assessments.

Organization and Resources

The FBI’s CTD has primary responsibility for preventing terrorist attacks and investigating acts of terrorism after they occur. The FBI does not measure the amount of resources it devotes to preventing and investigating maritime terrorism, and there is no single entity within the CTD that is responsible for the maritime terrorism portfolio. The most visible resource dedicated to maritime terrorism is the CTD’s MLA program. Other FBI components that play a major role in fighting maritime terrorism include the National Joint Terrorism Task Force (NJTTF), the CT Watch, the WMD/Countermeasures Unit, and the Special Events Management Unit.

Maritime Liaison Agent Program

The FBI’s NJTTF created the MLA program in 2004 as a result of Operation Dive Shop, a joint FBI-Coast Guard project in 2002 that investigated and analyzed the potential terrorist threat posed by divers and combat swimmers. The CTD’s WMD/Domestic Terrorism Operations Section, which managed the FBI’s involvement in the project, found that few of the FBI’s local Joint Terrorism Task Forces (JTTFs) had personnel who were either trained in the maritime trade or had established regular and effective relationships with the FBI’s partners at ports in their territory. This section suggested that the JTTFs designate personnel to act as liaisons with law enforcement and non-law enforcement personnel at seaports.

In response to the suggestion from the WMD/Domestic Terrorism Operations Section, the NJTTF reviewed the FBI’s efforts to prevent terrorism in the maritime domain and found the following.

  • Some field offices with major ports (Baltimore, Long Beach, and Miami, for example) had personnel knowledgeable about the maritime domain and had used them to establish good relationships with relevant agencies in their ports.
  • Some JTTFs had personnel qualified to act as liaisons to the maritime community, but many JTTFs were not using them for that purpose.
  • Many FBI special agents in charge were participating in port security committees.
  • The FBI did not have any training for agents who worked at seaports or special agents in charge who participated in port security committees.

The MLA program formally began in July 2004 when the NJTTF sent an electronic communication (EC) to all field offices requesting that those field offices with major waterways in their territory name personnel to be assigned to the MLA program. In the EC announcing the MLA program, the NJTTF outlined the need for the program, its goal, its anticipated results, and an MLA’s duties. The NJTTF stated that it had determined that the “maritime threat and terrorism-related intelligence could best be coordinated and disseminated to concerned entities through the adoption of the MLA program.” The NJTTF also said the program’s goal was to enhance the security of the maritime environment through increased interaction between MLAs and the FBI’s maritime partners. The NJTTF envisioned that this increased interaction would “decrease response time to actionable intelligence and operational tasking by capitalizing on matured relationships.”

According to the July 2004 EC, the new MLAs were to work full- or part-time to establish and maintain relationships with representatives of “maritime institutions” in their respective geographical areas. MLAs were to be in regular contact with maritime specialists at the NJTTF to allow for increased information sharing. By centralizing the FBI’s maritime counterterrorism efforts, the NJTTF believed that it would create consistency in MLA job responsibilities, training, and reporting procedures. With the help of field offices that had already established maritime programs, the NJTTF identified the following MLA duties.

  • Contact each of the entities below and identify a point of contact for security matters.
    • Area Maritime Security Committee
    • Anti-Terrorism Advisory Council
    • Coast Guard Investigative Service
    • Coast Guard Captain of the Port or Group Commander
    • Coast Guard Marine Safety Office
    • Coast Guard Field Intelligence Support Team
    • CBP — Operations
    • CBP — Intelligence
    • County/Local Emergency Operations
    • Ferry Security Director
    • Fire Department
    • Harbor Master
    • Harbor Patrol/Police
    • Regional Office of U.S. Immigration and Customs Enforcement
    • Local Police with Maritime Authority
    • Port Engineers
    • Passenger Ship Terminal Security
    • Regional Office of Navy Criminal Investigative Service
    • State Homeland Security Advisor
    • State Natural Resource/Fish and Game Police
    • State/Local Pilots Association
    • Significant Industry, including petrochemical industry
    • Regional Office of the Transportation Security Administration
    • U.S. Army Corps of Engineers, Homeland Security Regional Office
    • U.S. Attorneys Office
    • U.S. Park Police
    • Waterfront Commission

  • Identify locations where secure databases may be accessed.
  • Establish 24-hour emergency contact lists for maritime resources, contacts, and agencies.
  • Research establishing e-mail groups to facilitate information sharing between maritime liaisons.
  • Review existing maritime initiatives for potential enhancements.5

The CTD managers with whom we spoke agreed that MLAs should not be involved with port security activities such as enforcing regulations. MLAs should establish relationships in their ports that allow the FBI to immediately receive and transmit information concerning ports, merchants, vessels, and cruise lines. However, the MLA position is broader than that of a liaison: an MLA should be the FBI field office’s maritime expert. According to a CTD Deputy Assistant Director, this expertise, coupled with knowledge of the local port, should provide each field office with “situational awareness.” Regardless of whatever event happens at a port, an MLA should know the port’s procedures, protocols, and schedules and have relationships with key organizations to aid the FBI in resolving the event. In our judgment, the CTD managers’ understanding of the role of the MLA is significantly more encompassing and outcome-based than the duties outlined in official guidance.

MLA Program Not Risk-Based

Prior to developing the requirements for the MLA program, the NJTTF did not perform or review a risk assessment to identify the level of resources each field office, including resident agencies, should devote to maritime issues. Instead, each field office was given the discretion to:

  • define major waterways in its territory;
  • name one MLA for its entire territory, regardless of the number or size of the ports; and
  • determine whether its MLA(s) would be full- or part-time.

In recent years, audit organizations, Congress (most recently through the Intelligence Reform and Terrorism Prevention Act of 2004), the Executive Branch through presidential directives, and the 9/11 Commission have required or advocated that federal agencies with homeland security responsibilities employ a risk-management approach to help ensure that finite resources are allocated to those programs and critical geographic areas where they will have the most impact. Without a risk-management approach, there is limited assurance that programs designed to combat terrorism are properly prioritized and focused. Applying risk-management techniques to the FBI’s counterterrorism program can help assure it allocates resources effectively and efficiently to counter terrorist threats.

According to the GAO, risk assessment is a critical element of risk management. A risk assessment helps managers identify and evaluate potential risks so that countermeasures can be designed and implemented to prevent or mitigate the effects of the risks. Risk assessments can be qualitative or quantitative. Regardless, they determine the likelihood of an adverse event occurring and the severity of the consequences. When applied to counterterrorism, risk assessments often involve three elements: threat, criticality, and vulnerability.6

  • A threat assessment identifies and evaluates potential threats on the basis of factors such as capabilities, intentions, and past activities.
  • A criticality or consequence assessment evaluates and prioritizes assets and functions in terms of specific criteria, such as their importance to public safety and the economy as a basis for identifying which structures or processes are relatively more important to protect from attack.
  • A vulnerability assessment identifies weaknesses that may be exploited by identified threats and suggests options to address those weaknesses.

A risk assessment would be useful in determining the amount of resources the FBI should devote to maritime terrorism and where it should locate those resources. However, the FBI has not conducted a risk assessment and therefore does not know whether it has allocated its resources in a manner that will achieve the MLA program’s objectives.

As of October 2005, field office managers in 43 of the FBI’s 56 field offices had named MLAs either at their field office, one or more of their resident agencies, or both. Because the MLA program is not risk-based, some offices with several significant ports in their territory have named only one MLA, and offices with no strategic ports have named multiple MLAs. For example, the New Orleans field office, with only one MLA, has six significant ports in its territory. In comparison, the Louisville field office has no strategic ports in its area but designated five MLAs, two in the field office, and one each in three of its resident agencies.

Twelve of the remaining 13 field offices have not named MLAs because they determined they do not have any navigable waterways in their territory. We analyzed the territory of these 12 field offices and found that their maritime responsibilities vary from not having any ports to having significant ports. For example, we found that the Jackson, Mississippi, field office’s territory includes three significant ports. In 2003, the Bureau of Transportation Statistics ranked Pascagoula, Mississippi, 17th among the nation’s 361 ports in terms of the tonnage of products shipped. As the result of a risk-based assessment, in Mississippi the DHS selected Greenville, Pascagoula, and Vicksburg as 3 of the 66 ports eligible to apply for a 2005 Port Security Grant. The 13th field office, Milwaukee, did not respond to the EC asking field offices to name MLAs. However, the Port of Milwaukee met the DHS’s risk-based criteria for eligibility to apply for a 2005 Port Security Grant.

Some Risk Data Is Available

While the FBI did not base the MLA program on a risk assessment of the nation’s ports, publicly available data provides some insight into which of the nation’s ports face the greatest risk. For example, the Bureau of Transportation Statistics publishes data on the nation’s largest seaports, both in terms of value and tonnage. Furthermore, in FY 2005, the DHS allowed only the most at-risk seaports to apply for Port Security Grants.7 In that program, the DHS evaluated the nation’s 129 largest-volume ports using the following risk formula: Risk = Consequence x Vulnerability x Threat.

The consequence risk factor considered the number of people, economic, and national security impacts, and port-specific considerations such as oil and hazardous materials. The vulnerability risk factor considered the following data: the distance from open water, the number of port calls, and the presence of tankers. Data for the threat risk factor included credible threats and incidents reported by the intelligence community, operational indicators such as less credible threats and incidents, and vessels of interest. Based on its risk-based evaluation, the DHS identified 66 ports for eligibility in the 2005 Port Security Grant program.

Thirty-five FBI field offices have at least 1 port in their territory that is either a top 20 port by value or volume or was eligible to apply for a 2005 Port Security Grant. However, as shown in Appendix III, much of the maritime activity and risk of maritime terrorism is concentrated in the territory of 24 FBI field offices. Those 24 field offices are responsible for all of the top 20 ports and 83 percent of the port areas eligible to apply for FY 2005 Port Security Grants.

In our judgment, the FBI’s resources should be focused on the areas that face the greatest risk of terrorist attack. Counterterrorism Division managers agreed that the MLA program should be strategically driven and said that resources should be allocated based on a port’s law enforcement need, unique challenges and assets, and threat assessments.

FBI Does Not Measure Efforts to Prevent Maritime Terrorism

The FBI does not have a method of tracking the amount of time its agents spend preventing or investigating maritime terrorism. Currently, under the FBI’s case classification system, most MLA activities are designated as “Counterterrorism Preparedness – Other.” This classification is not specific enough to allow managers of the FBI’s maritime efforts to determine the amount of resources the FBI is spending maritime issues. For the FBI to implement a risk-based counterterrorism program, its managers must know the amount of resources it devotes to each type of its counterterrorism initiatives. According to NJTTF personnel responsible for the MLA program, the FBI should collect data on subcategories of the FBI’s maritime efforts including the following.

  • Attend Operational Maritime Training
  • Conduct Operational Maritime Training/Presentation
  • Positive Maritime-Related Terrorism Disseminated Within the FBI
  • Positive Maritime-Related Terrorism Disseminated Outside the FBI
  • Participate as Member of an Area Maritime Security Working Group/Task Force
  • Participate in Maritime Command Post/Major Case/Special Event
  • Participate in Development of Maritime Operational Plan
  • Participate in Maritime Field Training Exercise
  • Participate in a Maritime Table Top Exercise
  • Maritime Investigative/Response/Assistance Provided to Local/State/Federal Agency
  • Tactical Maritime Response/Assistance Provided to Local/State/Federal Agency
  • Maritime Counterterrorism Response/Preparedness Contact Developed
  • Maritime-Related Liaison

We agree with the NJTTF about the FBI’s need to collect data by subcategory. As part of our audit, we asked the FBI for data on many of these categories including: (1) training, (2) Area Maritime Security Committees, (3) maritime exercises, and (4) maritime responses. FBI officials could not provide this data and instead had to use other methods such as personal recollection to provide general answers to these questions. One method to measure the amount of resources devoted to maritime issues would be to create sub-classifications within the Counterterrorism Preparedness classification. These new classifications would also allow FBI personnel to record accomplishments that occur in the maritime domain.


While the FBI was not able to provide us with complete data on the training its MLAs or other personnel have attended, either as a student or instructor, the NJTTF provided a course to MLAs in 2004. According to FBI officials, the purpose of the course was to introduce new MLAs to issues specific to preventing terrorism at the nation’s seaports and to allow MLAs with maritime experience to discuss best practices. FBI officials said approximately 40 MLAs attended the 4-day class, which covered legal issues (including the Coast Guard’s authority), port-related infrastructure, boarding procedures, and vessel safety. Personnel from the Coast Guard Investigative Service, which the FBI identified as the organization most capable to teach the course, taught most of the class. The NJTTF scheduled another training session for July 2005. However, this conference was cancelled when the CTD did not approve the necessary funding. The responsible CTD manager said requests for training throughout CTD exceeded the division’s training budget, which was reduced by $1 million as the result of reprogramming to help fund the development of the FBI’s Sentinel case management system.

Area Maritime Security Committees

In written testimony for the Senate Judiciary Committee’s Subcommittee on Terrorism, Technology, and Homeland Security on January 27, 2004, the FBI’s Acting Assistant Director for Counterterrorism testified that the FBI is a full participant in the Coast Guard’s Area Maritime Security Committees (AMSC). These committees, which were mandated by the Maritime Transportation Security Act, are comprised of federal, state, and local agencies as well as representatives of the shipping and port communities. Each committee is charged with assessing its port’s vulnerabilities and developing plans to meet security requirements. The FBI’s Acting Assistant Director for Counterterrorism further explained that AMSCs and their predecessor committees offered the FBI an opportunity to provide threat analysis and disseminate intelligence.

The CTD does not track field offices’ participation in AMSCs or collect any data on FBI participation in AMSCs, so it does not know the amount of resources (in terms of hours) the FBI devotes to AMSCs. Participation in AMSCs is left to the discretion of field office managers. However, at our request the FBI collected data on the number, location, and position of its AMSC representatives. Twenty-six FBI field offices and 13 resident agencies reported having representatives on AMSCs.8 The number of representatives and their position varies by field office. For example, the special agents in charge of three field offices — Mobile, San Diego, and San Francisco — reported participating in their local AMSCs. In comparison, the Chicago field office reported that its sole representative was a Coast Guard Investigative Service agent assigned to its JTTF. As shown in the following table, the majority of the FBI’s 67 AMSC representatives are special agents or supervisory special agents.

FBI Representation on
Area Maritime Security Committees

Position Number of Representatives
Special Agent, including Supervisory Special Agent 47
Assistant Special Agent in Charge 6
Supervisory Senior Resident Agent 4
Intelligence Analyst, including Senior Intelligence Analyst 4
Special Agent in Charge 3
JTTF Agent 2
Computer Scientist 1
Total 67
Source: OIG analysis of FBI data

While AMSCs offer the FBI an opportunity to provide threat analysis and disseminate intelligence to maritime partners, participation in an AMSC is not one of the critical duties identified for MLAs. Instead, MLAs were directed to contact their AMSC and identify a point of contact for security matters. While AMSC participation is not required, we found that 25 of the 73 MLAs (34 percent) participate in an AMSC. Of those 25, 6 are on the executive committee or chair a subcommittee.

AMSCs vary widely in size, with some AMSCs having subcommittees and executive committees. According to January 2004 Coast Guard data, AMSCs ranged in size from 9 members and no subcommittees to 446 members including 9 subcommittees. The San Diego field office reported having the most AMSC representatives, seven, including representatives on the executive committee and three subcommittees. Of the 39 field offices and resident agencies that reported having AMSC representatives, 13 (33 percent) reported they had a representative on an AMSC executive committee. These 13 offices reported having a total of 18 representatives, 39 percent of which were assistant special agents in charge or special agents in charge.

Maritime Security Program

In July 2005, after our audit began, the FBI established a Maritime Security Program within the CTD’s Special Events Management Unit and transferred responsibility for the management of the MLA program to the Maritime Security Program. CTD officials said the Maritime Security Program is modeled after the Special Events Management Unit’s Civil Aviation Security Program, which was created in the 1990s and includes 530 airport liaison agents. The Civil Aviation Security Program offers a number of practices which may be transferable to the new Maritime Security Program:

  • The Civil Aviation Security Program is risk-based according to FAA criteria, and Airport Liaison Agents are required at high-risk airports.
  • The FBI participates in joint Transportation Security Administration/FBI threat and vulnerability assessments of individual airports.
  • The Civil Aviation Security Program tracks aviation-related suspicious activity and disseminates the results within the FBI and intelligence partners.

Because the Maritime Security Program is a recent initiative, we could not fully assess its impact. We found that the goals and purposes of the Maritime Security Program are not yet clear. The CTD established the Maritime Security Program to coordinate the FBI’s obligations and responsibilities under the National Strategy for Maritime Security. However, the Maritime Security Program’s stated mission is much broader: prevent, disrupt and defeat terrorism directed against maritime targets and take a leadership role in counterterrorism preparedness by assisting federal, state, and local agencies responsible for maritime security.

According to an August 2005 EC outlining the Maritime Security Program’s goals and objectives, the program aims to enhance the FBI’s ability to prevent and disrupt terrorism by developing a detailed knowledge of operational and policy matters affecting seaports and the maritime domain. The Maritime Security Program plans to achieve this knowledge by developing informants, distributing intelligence, assisting in investigations, conducting threat and vulnerability assessments, and developing or enhancing relationships with law enforcement and intelligence partners. The Maritime Security Program established three goals, each with objectives intended to measure progress toward meeting the goal:

  • utilize available resources to provide maximum assistance to the MLAs;
  • identify, analyze, and disseminate information pertaining to maritime threats, vulnerabilities, and safety or security issues; and
  • establish and maintain liaison with federal, state and local law enforcement, the intelligence community, and the maritime industry.

In addition to the 13 objectives supporting the program’s 3 goals, the Maritime Security Program also developed 4 “recommended objectives” for FBI field offices. We believe the initiative behind several of the objectives shows that the FBI’s maritime efforts are maturing. Specifically, during FY 2006 the Maritime Security Program plans to complete the transfer of the MLA program from the NJTTF to the Maritime Security Program, thereby placing all of the FBI’s transportation-related counterterrorism programs in the same organizational unit. In addition, the MSP has recognized the general principals of risk management and has planned at least one future initiative accordingly. Based on a broad understanding of threat and criticality, the Maritime Security Program identified 10 major U.S. transportation hubs, metropolitan areas that contain both a major seaport and a major airport. The Maritime Security Program plans to visit 30 percent of these hubs in FY 2006. Each of these 10 hubs is in the territory of one of the 24 field offices listed in Appendix III.

The Maritime Security Program also plans to create a website on the FBI’s Intranet, allowing the Maritime Security Program to disseminate intelligence, security directives, training materials, and points of contact. In addition, the Maritime Security Program plans to review maritime-related suspicious activity reports and identify any trends that may be indicative of pre-operational planning. We believe the collection and analysis of suspicious activity reporting is a critical undertaking. Until the FBI’s suspicious activity tracking system, discussed in Finding 3, has sufficient search capabilities to easily identify maritime-related threats and suspicious activity, it may be appropriate for the Maritime Security Program to review and report on such activity.

Lastly, the Maritime Security Program has asked field offices to name an FBI special agent or supervisory special agent as primary MLA. Currently, 32 percent of all MLAs are not FBI personnel but are personnel from other agencies assigned to one of the FBI’s JTTFs. For example, 19 percent of MLAs are Coast Guard Investigative Service agents.

While we believe a number of the initiatives listed as objectives are positive developments, none of the objectives are phrased in a manner that allows the FBI to measure the outcome of its efforts. For example, one objective under the first goal is, “Develop and provide basic training and reference materials to assist the MLAs.” This objective does not measure the output — the number of MLAs trained — or the outcome — the number of MLAs capable of effectively boarding a vessel.

While the CTD initiated the Maritime Security Program to coordinate the FBI’s response to the National Strategy for Maritime Security, and the Maritime Security Program lists that role as an objective, we found that the Maritime Security Program has not reviewed the strategy’s eight implementing plans to identify the FBI’s responsibilities. Nor has the Maritime Security Program identified all of the FBI’s representatives to the different working groups charged with implementing the plans.

According to Maritime Security Program planning documents, the Maritime Security Program will rely on the skills the FBI already has, including its ability to develop relationships with informants and other people who can provide substantive information to aid FBI investigations. The MSP plans to use this ability to develop sources of information to provide the FBI with a detailed knowledge of the operations at the nation’s seaports. However, neither the Maritime Security Program’s FY 2006 goals and objectives nor the critical duties of an MLA include the need for the FBI to develop relationships with people who can inform the FBI about maritime operations. Also, the Maritime Security Program has not taken any steps to review the FBI’s current human intelligence base to identify current informants who may be able to provide information on maritime terrorism.

The MLA program and the Maritime Security Program were both formed to aid in rapidly disseminating information. In our judgment, developing and maintaining a current roster of MLAs is vital to this capability. Responding to our request for a list of AMSC representatives, FBI field offices named seven personnel as MLAs that were not on the Maritime Security Program’s latest list of MLAs.


The FBI has limited resources, so it should ensure that the amount of resources devoted to maritime terrorism is measurable and allocated among its many counterterrorism programs according to threat and risk. Within the maritime arena, the FBI needs to ensure that ports facing the greatest risk receive the largest amount of resources. For example, the number of MLAs assigned to a field office or a resident agency should be proportionate to the risk of maritime terrorism faced by the ports in its territory.

The MLA position is relatively new and appears to be evolving. The recent transfer of the MLAs to the Maritime Security Program presents an opportunity for the FBI to reevaluate MLA roles and responsibilities. We believe that MLAs should focus on the FBI’s strengths by recruiting informants and aiding in threat and vulnerability assessments. The FBI should ensure that the Maritime Security Program develops measurable annual objectives to allow it to assess the program’s progress.


We recommend that the FBI:

  1. Ensure that MLA guidance is consistent with the actual role of MLAs.
  2. Assign MLAs based on an assessment of the threat and risk of a terrorist attack to critical seaports.
  3. Measure the amount of resources devoted to maritime efforts by establishing a maritime case classification under the general Counterterrorism Preparedness classification.
  4. Require field offices to name at least one MLA to each AMSC.
  5. Require field offices to immediately notify the Maritime Security Program of any MLA appointments or reassignments.
  6. Ensure that the Maritime Security Program has measurable objectives.
  7. Ensure that the Maritime Security Program’s objectives include developing human intelligence.

  1. AMSCs, mandated by the Maritime Transportation Security Act, are comprised of federal, state, and local agencies as well as representatives of the shipping and port communities. Each committee is charged with assessing its port’s vulnerabilities and developing plans to meet security requirements.

  2. The NJTTF was to use this information to identify and disseminate best practices.

  3. Testimony before the Senate Committee on Commerce, Science, and Transportation. Transportation Security: Systematic Planning Needed to Optimize Resources (GAO-05-357T), February 15, 2005.

  4. According to the DHS, its FY 2005 Port Security Grants provided $150 million to provide protection against small craft, underwater attacks and vehicle borne improvised explosive devices, enhanced explosives detection capabilities for the owners and operators of vehicle ferries and associated facilities, and facility security enhancements to the highest risk ports.

  5. Three offices that reported to the MLA coordinator at headquarters that they did not have any navigable waterways in their territory — Cincinnati, Indianapolis, and Jackson — reported having AMSC representatives.

« Previous Table of Contents Next »