Return to the Table of Contents

Semiannual Report to Congress

October 1, 2003–March 31, 2004
Office of the Inspector General

Multicomponent Audits, Reviews, and Investigations

While many of the OIG's audits, reviews, and investigations are specific to a particular component of the Department, other work spans more than one component and, in some instances, extends outside the Department to contractors and grant recipients.

Reports Issued

Integration of FBI and Immigration Fingerprint Systems

Following up on reports we issued in 2001 and 2003, the OIG reviewed the status of efforts to integrate the Department of Homeland Security's (DHS's) automated fingerprint identification database (IDENT) with the FBI's automated fingerprint identification database (IAFIS). We also examined the actions of immigration employees in a case that demonstrated the need to integrate the databases as expeditiously as possible.

In January 2002, the Border Patrol apprehended Victor Manual Batres twice in two days after he attempted to enter the United State illegally. Instead of being detained because of his extensive criminal record, he was returned to Mexico and subsequently succeeded in crossing the border illegally. In September 2002, he brutally raped two Catholic nuns in Oregon, killing one of them. Although we found that some of the agents and supervisors who apprehended Batres that January failed to follow Border Patrol policies, we concluded that individual agents - often overwhelmed by large numbers of aliens and cumbersome procedures - will not be able to consistently determine the full criminal histories and prior deportations of all aliens they apprehend until they can simultaneously query both immigration and FBI fingerprint records.

Integration of the IDENT and IAFIS databases has been advancing slowly, our review found, in part because of uncertainty over who is responsible for managing the project. Although some progress has been made, the government's plans did not have full integration scheduled for several more years. Moreover, the Department and the DHS had not entered into a memorandum of understanding on the specific roles, responsibilities, and funding for the integration project. Also contributing to the delays has been the priority given to other DHS automation projects, such as US VISIT, a database of information on foreign nationals that tracks their entry into and exit from the United States. Further delays have resulted from technical difficulties with fingerprint image quality and achieving interoperability between IDENT/IAFIS and US VISIT.

In our follow-up review, the OIG recommended the Department:

The Department agreed with the recommendations. After the OIG's report was issued, DHS and Department officials stated that IDENT/IAFIS integration would be expedited.

Civil Rights and Civil Liberties Complaints

Section 1001 of the USA Patriot Act directs the OIG to receive and review complaints of civil rights and civil liberties abuses by Department employees, to publicize how people can contact the OIG to file a complaint, and to submit a semiannual report to Congress discussing our implementation of these responsibilities. In January 2004, the OIG issued its fourth report summarizing our Section 1001 activities.

The report, covering the period from June 16, 2003, through December 15, 2003, described the status of OIG and Department investigations of alleged civil rights and civil liberties abuses by Department employees. In addition, the report highlighted several OIG reviews undertaken in furtherance of our Section 1001 responsibilities, including the investigation of allegations that some correctional officers in the Metropolitan Detention Center in Brooklyn, New York, physically and verbally abused aliens who were detained on immigration charges and held in connection with the investigation of the September 11 terrorist attacks. (For details of that review, see "Abuse of September 11 Detainees" in the BOP section.)

During the six-month period covered by the report, the OIG received more than 1,200 complaints alleging civil rights and civil liberties abuses. We determined that 162 of these complaints were against Department employees. However, many of the 162 complaints did not raise issues covered by the OIG's duties under Section 1001. For example, the OIG received numerous complaints from inmates alleging that they have not received appropriate medical care or were given food that violated their religious dietary restrictions. None of the 162 matters involved complaints alleging misconduct by Department employees related to their use of a substantive provision of the Patriot Act.

After analyzing the 162 complaints, the OIG identified 17 matters that we believed warranted an investigation or a closer review. These matters included allegations of excessive force against BOP inmates, verbal abuse of inmates, denial of inmate access to the law library and telephone calls, unreasonable prison cell searches, and placement in solitary confinement for no apparent reason. The OIG is investigating several of those complaints and has referred the remainder to the internal affairs offices of the affected component.

Implementation of Plans for Protecting Cyber-Based Infrastructure

As part of an effort sponsored by the President's Council on Integrity and Efficiency, the OIG audited the Department's implementation of its plans for protecting its cyber-based infrastructure. Our report, issued in November 2003, found the Department had not achieved the "full operating capability" required for federal agencies by May 2003 and, as a consequence, its ability to perform vital missions was at risk from terrorist attacks or similar threats.

Our report concluded that the Department needed to complete its critical infrastructure protection efforts in risk mitigation, emergency management, interagency coordination, and resource and organizational requirements. We made 26 recommendations to help improve the Department's efforts, which included (1) developing a risk mitigation tracking system for the inventory of classified mission-essential infrastructure systems; (2) developing a multiyear funding plan based on resources required to mitigate vulnerabilities; (3) developing contingency plans for all critical IT assets; (4) testing contingency plans periodically as required; (5) compiling a list of links, relationships, and contacts with other federal agencies and other external entities (foreign governments, state and local agencies, and the private sector); and (6) contacting external entities to determine whether any of the Department's assets are critical to their missions.

Department Financial Statement Audits

The Chief Financial Officers Act of 1990 and the Government Management Reform Act of 1994 require annual financial statement audits of the Department. The OIG oversees and issues the audits based on the work performed by independent public accountants. During this reporting period, we issued the audit report for the Department's Annual Financial Statement for FY 2003.

For the third consecutive year, the Department received an unqualified opinion on its consolidated financial statement. Additionally, the number of material weaknesses reported at the consolidated level declined from two to one. These results reflect a continued commitment by the Department to financial accountability and improvements in internal controls.

While improvements in internal controls have been made, the material weakness in financial controls and the reportable condition in information systems are both long-standing issues at the Department. They represent significant risks that data processed on the Department's information systems is not adequately protected from unauthorized access or service disruption.

As in prior years, the issues related to financial controls have only been overcome by significant year-end manual efforts. Many tasks had to be performed manually because the Department lacks sufficient automated systems to readily support ongoing accounting operations. Manual efforts compromise the ability of the Department to prepare timely financial statements in accordance with generally accepted accounting principles, require considerable monetary and human resources, and represent an inefficient use of these resources. The manual processes are being strained further by the accelerated due dates and additional requirements established by the Office of Management and Budget (OMB). The OMB's accelerated reporting date of November 15, 2004, means the Department must complete its next Performance and Accountability Report 2˝ months earlier than it did in FY 2003.

The Department's unqualified opinion also included unqualified opinions on all 11 of the reporting components' financial statements that make up the consolidated report. Some of the Department's components were able to reduce the number of reportable conditions, but others had new conditions identified and reported this year. Although the audits reported a total of nine material weaknesses and ten reportable conditions at the component level for both FYs 2003 and 2002, the mix among components differed from one year to the next.

Overall, 8 of 11 components had weaknesses in financial accounting and reporting. This finding primarily reflected problems recording transactions in accordance with generally accepted accounting principles and meeting requirements of the Department's financial statement guidelines. Nine of the components also had weaknesses in financial management systems' general and application controls. In the Report on Compliance With Laws and Regulations, the auditors identified six Department components that were not compliant with the Federal Financial Management Improvement Act of 1996, which specifically addresses the adequacy of federal financial management systems. Additionally, the audits identified five components that were not compliant with OMB Circular No. A-11, Preparation, Submission, and Execution of the Budget, which among other items requires agencies to (1) fund the net present value of the government's estimated legal obligation over the life of a capital lease and (2) record an unfilled customer order (for services performed) or an obligation (for services acquired) at the time an agreement/contract to commit the federal government is signed.

The audits recommended the Department revise the departmentwide financial statement reporting requirements and monitor components' compliance and efforts to correct all deficiencies noted. The Department concurred with the recommendations.

The following table compares the FYs 2003 and 2002 audit results for the Department's consolidated audit as well as for the 11 individual components' audits.

Comparison of FY 2003 and 2002 Audit Results
Reporting Entity Auditors' Opinion on
Financial Statements
Number of
Material Weaknesses
Number of
Reportable Conditions
2003 2002 2003 2002 2003 2002
Consolidated Department of Justice Unqualified Unqualified 1 2 1 0
Assets Forfeiture Fund and Seized Asset Deposit Fund Unqualified Unqualified 1 0 0 1
Bureau of Alcohol, Tobacco, Firearms and Explosives1 Unqualified N/A 0 N/A 1 N/A
Drug Enforcement Administration Unqualified Unqualified 0 0 2 2
Federal Bureau of Investigation Unqualified Unqualified 2 3 0 0
Federal Bureau of Prisons Unqualified Unqualified 0 0 2 2
Federal Prison Industries, Inc. Unqualified Unqualified 0 1 1 1
Immigration and Naturalization Service1 Unqualified Unqualified 3 3 1 0
Office of Justice Programs Unqualified Unqualified 0 0 1 1
Offices, Boards and Divisions Unqualified Unqualified 1 1 1 1
U.S. Marshals Service Unqualified Unqualified 1 0 1 2
Working Capital Fund Unqualified Unqualified 1 1 0 0
Component Totals   9 9 10 10

Computer Security Audits in Response to the Federal Information Security Management Act

The Federal Information Security Management Act (FISMA) was enacted into law as Title III of the E-Government Act of 2002 (Public Law 107-347, December 17, 2002). It replaces the Government Information Security Reform Act provisions of the FY 2001 National Defense Authorization Act (Public Law 106-398, sec. 1061-1064) with permanent provisions, including requirements for minimum mandatory information security standards.

The FISMA directs the OIG to perform an annual independent evaluation of the Department's information security program and practices and requires the results to be submitted to the OMB. For FY 2003, we selected five mission-critical Department computer systems to examine: two from the FBI and one each from the DEA, the USMS, and the ATF. Additionally, we reviewed the Department's oversight initiatives with respect to computer security. As a result of our FISMA reviews, we issued five individual reports for the five computer systems. The report on Department oversight has been completed and will be issued shortly.

While we found progress in certain areas of computer security, we concluded that continued improvements are needed in program oversight and vulnerability management. Additional focus in these areas would reduce the total number of vulnerabilities within the Department's IT systems. Of the five systems we reviewed, we assessed three as representing "high risks" to protection from unauthorized use, loss, or modification, and we assessed two systems as "medium risk." We made a total of 76 recommendations for corrective action as part of the FISMA 2003 reports.

The Department's Response to FOIA Requests for Its Workplace Diversity Report

The OIG reviewed the Department's handling of Freedom of Information Act (FOIA) requests for its report entitled Support for the Department in Conducting an Analysis of Diversity in the Attorney Workforce. The OIG's review found that the FOIA requests for the report were handled in conformance with the Department's normal FOIA process. The decision not to release the report in full was made by officials in the Office of the Deputy Attorney General after consultation with the Deputy Director of the Office of Information and Privacy. We also concluded that the decision to release or redact the report was a discretionary decision under applicable FOIA law, and the redactions made by the Department did not appear to violate FOIA law.

Prompt Payment Act Interest Penalties Paid by the Department During FYs 2002 and 2003

The Prompt Payment Act (Public Law 100-496) requires executive departments to pay vendors interest penalties on late payments. The interest penalties must be paid automatically, and the agencies must absorb the cost from available funds of the program for which the payment was late. In this reporting period, we issued an information report on the amounts of prompt payment interest penalties the Department paid in FYs 2002 and 2003.

The amount of interest penalties the Department paid has decreased significantly since FY 2001 when Department components paid approximately $5.8 million in interest penalties. The amount decreased to $2.5 million and $1.7 million in FY 2002 and FY 2003, respectively, which represents a 71 percent decrease from FY 2001 to FY 2003.

During FYs 2002 and 2003, the Justice Management Division (JMD) required the periodic submission of prompt payment statistics for review. We recommended that JMD continue to monitor each of the components to ensure the interest penalties are minimal.

Grant Audits

We continued to audit grants awarded by COPS, and we have increased our audits of grants awarded by OJP. Examples of the findings reported in the 31 grant audits we completed during this reporting period include the following:


The following are some of the cases investigated by the OIG during this reporting period that involved multiple components of the Department:

Ongoing Work

The Department's Counterterrorism Task Forces

The OIG is examining how the Department's counterterrorism task forces support the Department's efforts to detect, deter, and disrupt terrorism. The review is evaluating the purpose, priorities, membership, functions, lines of authority, and accomplishments for the USAOs' Anti-Terrorism Advisory Councils, the FBI's Joint Terrorism Task Forces and Foreign Terrorist Tracking Task Force, and the Deputy Attorney General's National Security Coordination Council.

Antiterrorism and Emergency Assistance Program

The Office for Victims of Crime, located within OJP, helps victims of crime recover from physical, emotional, and psychological injury. The Antiterrorism and Emergency Assistance Program, developed after the 1995 Oklahoma City bombing, is responsible for providing timely assistance to jurisdictions to address victims' needs in the aftermath of an act of terrorism or mass violence. Eligible recipients include victims of domestic incidents and victims of incidents abroad who are nationals, officers, or employees of the United States. The OIG is reviewing the Office for Victims of Crime to determine whether timely assistance was provided to jurisdictions to address victims' needs in the aftermath of acts of terrorism or mass violence, the eligibility of applicants was properly ascertained, and the funding granted was allowable.

The No Suspect Casework DNA Backlog Reduction Grant Program

Through the National Institute of Justice, OJP provides funding to states for the identification, collection, and analysis of DNA samples from evidence collected in cases in which no suspect has been developed or in which the original suspect has been eliminated. A participating state can analyze the samples in its own laboratories or choose to outsource the work to contract laboratories. Our audit is focusing on the administration and oversight of the program by OJP, the oversight of contract laboratories by states receiving grants, the allowability of costs charged to grants, and the achievement of the program's goals.

The Department's Shooting Incident Investigations

The OIG is assessing the reporting, investigation, review, and discipline process for shooting incidents involving ATF, DEA, FBI, and USMS employees that occurred during FYs 2000 through 2003.

Department Acquisition Processes

The Department is one of the federal agencies with the largest dollar expenditures for the acquisition of products and services, averaging approximately $4 billion a year in contracts. This audit is evaluating the acquisition processes used by the components and JMD's oversight of acquisitions. The focus of the audit is to assess whether needed products and services are acquired in a timely manner for an economical price within governing regulations.

Arson and Explosives Intelligence

This audit is evaluating how the Department can most efficiently and effectively collect statistics, investigative leads, and intelligence on arson and explosives incidents in the United States and make the information available to the law enforcement community. The FBI's Bomb Data Center and the ATF's Arson and Explosives National Repository maintain three different databases serving that function.

OJP's Technical Assistance and Training Grants

The audit is evaluating OJP's methods for approving technical assistance and training grants to state, local, and tribal governments and community groups that are intended to help reduce crime, enforce state and local drug laws, and improve the functioning of the criminal justice system. The audit will assess the management, quality, and extent of the technical assistance and training provided.

Office of the Federal Detention Trustee

Historically, the detention of individuals in federal custody awaiting trial or immigration proceedings was the responsibility of the USMS and the former Immigration and Naturalization Service (INS). In September 2001, Congress established the Office of the Federal Detention Trustee (OFDT) in the Department in response to the Department's continuing difficulty with planning for detention needs and obtaining detention space. The mission of the OFDT is to oversee and coordinate the Department's detention activities. The objectives of this audit are to review the funding received and expended, along with the accomplishments achieved since the inception of the OFDT in FY 2001; determine how the OFDT coordinates and oversees detention within the Department; and evaluate the OFDT's plans and goals for managing detention needs now that the INS is no longer part of the Department.

Procedural Reform Recommendation

The OIG's Investigations Division prepares a Procedural Reform Recommendation (PRR) for corrective action by a Department component when an OIG investigation identifies a systemic weakness in an internal policy, practice, procedure, or program. The following is an example of a PRR prepared by the Investigations Division during this reporting period: