Will Firing One Background Check Contractor Fix the Broken Security Clearance System?By Charles S. Clark September 15, 2014
On Sept. 9, Sen. Jon Tester hailed the breaking story that Falls Church, Va.-based USIS, the controversial provider of background checks for security clearances, was losing its contracts with the Office of Personnel Management.
“This news is a welcome sign that the federal government is finally beginning to hold contractors accountable for taking millions in federal money and then failing to get the job done for the taxpayer,” he told reporters.
Only hours earlier, the Montana Democrat had announced he’d written to OPM Director Katherine Archuleta asking her to “tread carefully” before renewing contracts for background checks.
But the wisdom of OPM’s decisive action is less clear to industry and employee representatives interviewed by Government Executive.
And, as OPM continued to move background check work to such companies as KeyPoint Government Solutions and CACI, USIS itself stressed that it continues to work on federal contracts involving litigation support; biometric capture; and enrollment, training, construction surveillance and security consulting.
In a Sept. 10 statement, the company that is formally called US Investigations Services LLC said its Global Security and Solutions Division “continues to deliver excellent contract performance to its customer base of more than 20 government agencies. The decision by the Office of Personnel Management not to extend the USIS background investigation contracts does not adversely impact GS&S’s ability to serve these valued customers.”
Greg Rinckey, a partner in the law firm of Tully Rinckey PLLC, which represents clients with security clearance issues, said he has “concerns about whether OPM’s system can handle the 21,000 security clearance [background checks] that USIS conducts every month.” OPM officials should “ask whether this is really an inherently governmental function,” he said. “OPM should consider pulling back and having the government agencies do the checks.”
Contractors, he added, “have the profitability incentive and sometimes self-motivation to speed the process along. And with all this hoopla spotlighting the issue, anyone working on security clearances is now moving more slowly. Are they taking a closer look?” Rinckey asked, noting that face-to-face interviews are more likely than database checks to uncover any employee’s problems involving trust or mental health. “Are we going back to the backlogs they had in 2003?” he asked. “The bigger question becomes, are there too many people holding security clearances? Does everyone who has one need one?
Without addressing the larger issues, Rinckey said, “Congress is beating its chest for [OPM’s] hollow accomplishment.”
Alan Chvotkin, executive vice president and counsel at the Professional Services Council, a contractors group that counts USIS and CACI as members, also noted concern that the security clearance backlog could grow again.
“PSC has a concern about the ability of OPM, in both the short-term and the long-term, to meet the federal agencies’ (and contractors’) demands for these investigative services, whether through an expansion of OPM’s own resources, the upscaling of work that can be assigned to the two other current contract holders, and any other resources that might become available,” he said in an email. “The two remaining contract holders do have a contractual obligation to expand their capabilities based on OPM work allocations, but I don’t know the specific contract provisions and the scope and timing of such responsibility.”
OPM, Chvotkin added, has not clearly explained the change in its thinking that led to the USIS termination, especially since OPM itself has had its computer systems hacked, and has been tougher on USIS than others in comparable situations, he said.
“Without any known publicly disclosed plan of action by OPM, PSC also has concerns for the risk of creating another intolerable backlog of investigations and granting of appropriate clearances, particularly now as the government is increasing its investigative demands in light of” corrective actions promised after it was reported that USIS had done the background checks before agency approval of clearances on National Security Agency contractor-turned-leaker Edward Snowden and Washington Navy Yard shooter Aaron Alexis.
USIS for months had faced criticism from lawmakers and others who believe the firm’s ethics troubles should bar it from continued government work. It is facing fraud charges from the Justice Department for allegedly “dumping” 665,000 background check cases without conducting proper reviews. And its policy of awarding bonuses to parent company executives while battling fraud charges has drawn fire.
Following this August’s hacking of USIS, the contractor was the subject of two stop-work orders, from OPM and from the Homeland Security Department, where internal records of 25,000 federal employees were exposed.
Homeland Security spokesman S.Y. Lee said in an email last week, “On Aug. 6, DHS notified its employees of a cybersecurity intrusion at a private sector company that conducts U.S. government security background investigations. A multi-agency cyber response group, that includes a specialized DHS analytical team, has been working with the company to identify the scope of the intrusion and the FBI has launched a federal investigation into the issue. At this time, our forensic analysis has concluded that some DHS personnel may have been specifically affected, and DHS has begun notifying these specific employees and is advising them to monitor their financial accounts for suspicious activity.”
A DHS official added that the department is encouraging all employees to “monitor their financial information and be suspicious of unusual unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. Individuals who received a targeted notification will be provided credit monitoring and have been urged to be especially vigilant. Employees are being asked to notify their Privacy Officer and Security Officer if they note any unusual activity.”
Tester, in the meantime, continues to push his Security Clearance Accountability and Reform (SCARE) Act (S. 1744) , which would prohibit federal employees and contractors found to have compromised the integrity of a background investigation from performing future investigations, while encouraging further rethinking of the security clearance process.
“Keeping the background investigation contractor workforce accountable is a primary component of our nation’s security,” Tester wrote to OPM. “I believe stronger accountability and transparency measures should be considered top priorities.”