[Senate Hearing 113-783]
[From the U.S. Government Publishing Office]
S. Hrg. 113-783
EVALUATING PORT SECURITY: PROGRESS MADE AND CHALLENGES AHEAD
=======================================================================
HEARING
BEFORE THE
COMMITTEE ON
HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
UNITED STATES SENATE
ONE HUNDRED THIRTEENTH CONGRESS
SECOND SESSION
__________
JUNE 4, 2014
__________
Available via the World Wide Web: http://www.fdsys.gov/
Printed for the use of the
Committee on Homeland Security and Governmental Affairs
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
U.S. GOVERNMENT PUBLISHING OFFICE
90-915 PDF WASHINGTON : 2016
________________________________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Publishing Office,
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center,
U.S. Government Publishing Office. Phone 202-512-1800, or 866-512-1800 (toll-free).
E-mail, [email protected].
COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
THOMAS R. CARPER, Delaware Chairman
CARL LEVIN, Michigan TOM COBURN, Oklahoma
MARK L. PRYOR, Arkansas JOHN McCAIN, Arizona
MARY L. LANDRIEU, Louisiana RON JOHNSON, Wisconsin
CLAIRE McCASKILL, Missouri ROB PORTMAN, Ohio
JON TESTER, Montana RAND PAUL, Kentucky
MARK BEGICH, Alaska MICHAEL B. ENZI, Wyoming
TAMMY BALDWIN, Wisconsin KELLY AYOTTE, New Hampshire
HEIDI HEITKAMP, North Dakota
Gabrielle A. Batkin. Staff Director
John P. Kilvington, Deputy Staff Director
Mary Beth Schultz, Chief Counsel
Jason M. Yanussi, Senior Professional Staff Member
Jason T. Barnosky, Senior Professional Staff Member
Keith B. Ashdown, Minority Staff Director
Andrew C. Dockham, Minority Chief Counsel
Patrick J. Bailey, Minority Counsel
Mark K. Harris, Minority U.S. Coast Guard Detailee
Laura W. Kilbride, Chief Clerk
Lauren M. Corcoran, Hearing Clerk
C O N T E N T S
------
Opening statements:
Page
Senator Carper............................................... 1
Senator Coburn............................................... 3
Senator Ayotte............................................... 13
Prepared statements:
Senator Carper............................................... 39
Senator Coburn............................................... 41
WITNESSES
Wednesday, June 4, 2014
Ellen McClain, Deputy Assistant Secretary for Transborder Policy,
Office of Policy, U.S. Department of Homeland Security......... 5
Rear Admiral Paul F. Thomas, Assistant Commandant for Prevention
Policy, U.S. Coast Guard, U.S. Department of Homeland Security. 6
Kevin K. McAleenan, Acting Deputy Commissioner, U.S. Customs and
Border Protection, U.S. Department of Homeland Security........ 8
Brian E. Kamoie, Assistant Administrator for Grant Programs,
Federal Emergency Management Agency, U.S. Department of
Homeland Security.............................................. 10
Stephen Sadler, Assistant Administrator for Intelligence and
Analysis, Transportation Security Administration, U.S.
Department of Homeland Security................................ 11
Stephen L. Caldwell, Director, Homeland Security and Justice
Issues, U.S. Government Accountability Office.................. 12
Alphabetical List of Witnesses
Caldwell, Stephen L.:
Testimony.................................................... 12
Prepared statement with attachment........................... 57
Kamoie, Brian E.:
Testimony.................................................... 10
Joint prepared statement with attachment..................... 42
McAleenan, Kevin K.:
Testimony.................................................... 8
Joint prepared statement with attachment..................... 42
McClain, Ellen:
Testimony.................................................... 5
Joint prepared statement with attachment..................... 42
Sadler, Stephen:
Testimony.................................................... 11
Joint prepared statement with attachment..................... 42
Thomas, Rear Admiral Paul F.:
Testimony.................................................... 6
Joint prepared statement with attachment..................... 42
APPENDIX
Additional statements for the Record:
Hon. Janice Hahn, U.S. House of Representatives.............. 130
Kurt J. Nagle, President, American Association of Port
Authorities................................................ 133
American Trucking Associations, Inc.......................... 138
Colleen M. Kelley, National President, National Treasury
Employees Union............................................ 144
Henry H. Willis, RAND Corporation............................ 149
Responses to post-hearing questions for the Record from:
Ms. McClain.................................................. 157
Admiral Thomas............................................... 165
Mr. McAleenan................................................ 175
Mr. Kamoie................................................... 187
Mr. Sadler................................................... 194
EVALUATING PORT SECURITY: PROGRESS MADE AND CHALLENGES AHEAD
----------
WEDNESDAY, JUNE 4, 2014
U.S. Senate,
Committee on Homeland Security
and Governmental Affairs,
Washington, DC.
The Committee met, pursuant to notice, at 10:32 a.m., in
room SD-342, Dirksen Senate Office Building, Hon. Thomas R.
Carper, Chairman of the Committee, presiding.
Present: Senators Carper, Coburn, and Ayotte.
OPENING STATEMENT OF CHAIRMAN CARPER
Chairman Carper. Good morning, everyone. We are happy to
welcome you today and thank you for joining us.
Dr. Coburn and I have called this hearing, and this is a
hearing he has had a whole lot of interest in. I have, too. It
is a shared interest. But, we want to take a look at the
current state of port security in these United States of
America. We want to find out if we are heading in the right
direction. I hope we can also focus on the work that needs to
be done over the next few years to try to ensure that our port
security efforts maintain the proper balance between security,
safety, and trade facilitation. It is important, because our
focus as a Congress cannot solely be on security, but also on
maintaining and enhancing our economic competitiveness.
As we all know, port security is no easy job. It involves
the maritime security provided by the United States Coast Guard
(USCG) when its men and women patrol our coasts and our
waterways. It involves the physical security of port facilities
like the ferry terminal in Lewes, Delaware, or an energy
refinery along the Gulf of Mexico or Delaware City, Delaware,
that is safeguarded by State and local authorities. It involves
the cargo security provided by the U.S. Customs and Border
Protection (CBP), which screens cargo to prevent dangerous
goods from entering the United States while also facilitating
the flow of trade and transportation.
That last part is a particularly important piece. And, even
as we build and maintain strong layers of port security, we
need to take care not to impede transportation or commerce. Our
ports and waterways are the lifeblood of our economy. I am told
that more than 95 percent of all U.S. trade is handled by our
seaports. And these ports account for over 30 percent of U.S.
gross domestic product (GDP). That is more than $5 trillion in
trade each and every year.
As the former Governor of Delaware and someone who was
ultimately responsible for running a major port, the city of
Wilmington owned and ran that Port of Wilmington for many
years. They ran out of money and the State had some money, so
we took it over when I was Governor. This is something I know a
little bit about, but care a whole lot about.
The Port of Wilmington, located along the Delaware River in
the northern part of my State--it is just south of
Philadelphia--is the No. 1 seaport in North America, believe it
or not, for the importation of fresh fruit, bananas, and juice
concentrate. If you had a banana this morning for breakfast, it
probably came through the Port of Wilmington. We call our
port--our nickname is ``Top Banana,'' the ``Top Banana Port.''
The Port of Wilmington is not just important for the State
of Delaware, where it serves as a key economic engine in New
Castle County. It is also a key port for the entire United
States. So, protecting our ports, safeguarding our economic
opportunity, is a responsibility that we take very seriously.
As the Government Accountability Office (GAO) and other
experts have noted, U.S. port security has come a long way.
Shortly after September 11, 2001, the Maritime Transportation
Security Act of 2002 (MTSA) became law and empowered the Coast
Guard with new authorities to ensure commercial vessels and
port facilities meet minimum security standards. A few years
later, the Security and Accountability for Every (SAFE) Port
Act of 2006 authorized key cargo and supply chain security
programs enforced by U.S. Customs and Border Protection. Since
that time, these cargo security programs have matured and taken
root. Not only that, many of our international trading partners
and international trading security organizations have created
similar security programs emulating the Department of Homeland
Security's (DHS) good work.
But, we should not and we cannot stop here. We want to use
this hearing as an opportunity to explore how the threat to
ports has evolved and what the next steps for DHS should be. I
also do not want to imply that there is no room for
improvement. As I frequently say, everything I do, I know I can
do better. I think that is true for all of us, and I think that
is true for the way we handle port security.
In a recent letter to the Congress, our new Secretary, Jeh
Johnson, indicated he believed the 100 percent scanning mandate
for inbound cargo shipping containers was impractical, and not
the best use of taxpayer resources. If that is the case, we
must look for a better way to address security risks while
preserving the necessary speed of moving containers through our
ports. So, I welcome the Secretary's pledge to make a good
faith effort to improve the Department's capabilities without
getting in the way of legitimate flow of trade. I look forward
to discussing this issue with some of our witnesses today.
I also look forward to hearing how the Department of
Homeland Security plans to address emerging threats, how it can
make programs more effective and efficient, and how the
agencies represented here today can work with international
organizations and our foreign partners to raise the global
standard for port security.
As you can see from our lineup of witnesses--it is quite a
lineup--port security is a team sport. It is a perfect example
of why bringing all these agencies together into the Department
of Homeland Security was the right thing to do. The components
present here today work seamlessly with one another to develop
and implement the Department's layered risk-based strategy for
port security. From the Coast Guard to Customs and Border
Protection, Transportation Security Administration (TSA),
Federal Emergency Management Agency (FEMA), and DHS's Office of
Policy, each of you play a critical role and you have to work
together. So do we.
I am also glad we have GAO here with us today. We are
always happy to have GAO with us. You have done a whole lot of
work in this area. We are grateful for that and we will be
looking to you for further help.
Again, thanks to everyone for coming. As Dr. Coburn knows,
we are going to start voting in a little bit and we are going
to do one of those deals that we have perfected, where voting
starts and maybe he will go vote the first time, and when he
has voted, he will come back and I will go vote, and then we
will just swap back and forth. Hopefully, we will be able to
keep going and make it all work and be done in a punctual way.
But, this is important. We are happy that you are here. Let
me just now turn to Dr. Coburn, just to thank him for insisting
that we have this hearing and make this a priority.
OPENING STATEMENT OF SENATOR COBURN
Senator Coburn. Thank you, Mr. Chairman.
First of all, welcome to all of you. This is an interesting
area for us to be talking about. Sitting on the Intelligence
Committee, our threats are greater, not less, in terms of
risks, and getting it right is important.
One of the commitments I made to Congresswoman Janice Hahn
from L.A.--she has the L.A. port, which is one of our busiest,
biggest, and probably greatest vulnerability in terms of
ports--that we would have this hearing and do the oversight
that is necessary to try to improve what we are doing.
So, Mr. Chairman, I would like unanimous consent to put her
testimony in the record.\1\ The House is out this week, and we
would not have scheduled this hearing at this time had we known
that, but we did and I am happy that we are having the hearing.
So, I would ask unanimous consent to have her testimony
included in the record.
---------------------------------------------------------------------------
\1\ The prepared statement of Ms. Hahn appears in the Appendix on
page 130.
---------------------------------------------------------------------------
Chairman Carper. Happy to include it.
Senator Coburn. I would also note that the House has passed
legislation that the Senate has not even taken up or
considered, the Gauging American Port Security (GAPS) Act, and
what we need to do is address today to find out where our
weaknesses are, what we need to improve it. And, as Senator
Carper mentioned, the 100 percent scanning obviously is not
viable, or may not be viable, but we need to have a better
approach than 2 to 4 percent scanning that we are seeing today.
We know that a successful attack on one of our ports would
be devastating. The RAND Corporation gave an example that it
could have a trillion-dollar effect on our economy. That is a
possibility. We cannot stop every attack that is going to come
to this country, but we can certainly make it much more
difficult and markedly decrease the likelihood. Everybody knows
the history of how we came together after 9/11. We created the
Port Security Grant Program (PSGP). We mandated 100 percent
cargo screening, and the 9/11 Commission recommended that, as
well. We also created the Transportation Worker Identification
Credential (TWIC), which has had some significant difficulties
and is still not implemented.
So, my goal for this hearing is to review all the
initiatives that were initially set out, assess how well they
are working and whether or not they are working, and determine
if our ports are as secure from a potential terrorist attack as
we can make them feasibly and economically.
I would say, we have spent $2.9 billion on the Port
Security Grant Program with no metrics to measure whether or
not we have actually improved our security. There are no
metrics, so we do not know. We spent $2.1 billion on CBP cargo
programs to meet a scanning mandate that we are told will never
be met. So, there is $5 billion we have spent. We have no
assessment of what we have gotten for that money. The TWIC
Program was intended to create an ID card for transportation
workers to enter secure areas, including the ports. We will
talk about TWIC, and some of my questions will relate to some
of the problems associated with it. In general, I think it is
unclear, and, hopefully, this hearing will help us to know how
much improvement we have actually made in securing our ports.
So, I, No. 1, want to thank each of you for being here,
preparing the testimony, which I have read, and being
available. I apologize that we are going to have votes, but we
will keep this moving as fast as we can. We have, I think, four
votes starting at 11.
With that, Mr. Chairman, thank you, as well, Mr. Top
Banana. [Laughter.]
Chairman Carper. I have been called worse things.
We will make this work. We appreciate, again, all of you
being here. I am going to just briefly introduce our witnesses.
Ellen McClain, Deputy Assistant Secretary for Transborder
Policy at DHS's Office of Policy, also served as DHS's
Assistant General Counsel for Enforcement. She began her career
with the U.S. Customs Service, where she served, I believe, as
Deputy Associate Chief Counsel, is that right?
Ms. McClain. [Nodding head.]
Chairman Carper. Rear Admiral Paul Thomas joins us from the
Coast Guard, where he is the Assistant Commandant for
Prevention Policy. He is a specialist in marine safety,
security, and environmental protection, a graduate of the Coast
Guard Academy and of the Massachusetts Institute of Technology
(MIT), where I am proud to say that one of our boys attended.
When I went to Ohio State, I could barely spell MIT. The idea
of having a kid that went to school there, I could not imagine.
But, congratulations on that. Thanks for your service.
Kevin McAleenan, Acting Deputy Commissioner at the U.S.
Customs and Border Protection. Previously, he served as the
Acting Assistant Commissioner of the CBP Office of Field
Operations, leading the agency's port security and trade
facilitation operations.
Brian Kamoie, appointed as the Assistant Administrator for
Grant Programs at FEMA in April 2013. Before that, Mr. Kamoie
served as Senior Director for Preparedness Policy on the White
House National Security Staff from 2009 to 2013.
Stephen Sadler has been the Assistant Administrator for
Intelligence and Analysis at the Transportation Security
Administration since October 2011. He joined TSA in 2003 and
has held several leadership positions. Prior to that, he spent
25 years in the commercial maritime industry.
And, finally, last but not least, Stephen Caldwell.
Stephen, nice to see you. He joins us from GAO, where he is
Director of Issues on the Homeland Security and Justice Team.
Mr. Caldwell has over 30 years of experience at GAO and has
worked on numerous reports on port and supply chain security.
Thank you all. Your entire statements will be made a part
of the record, and feel free to summarize as you go along. I
will ask you, try to stay within about, what did we say, 5
minutes, if you could. If you go way over that, we will have to
rein you in. Thank you for joining us.
Ellen, why do you not go ahead.
TESTIMONY OF ELLEN MCCLAIN,\1\ DEPUTY ASSISTANT SECRETARY FOR
TRANSBORDER POLICY, OFFICE OF POLICY, U.S. DEPARTMENT OF
HOMELAND SECURITY
Ms. McClain. Good morning, Chairman Carper, Ranking Member
Coburn. I am a career civil servant and testifying before
Congress for the first time. As this has long been on my career
bucket list, I appreciate this opportunity, along with my
colleagues, to testify on a matter of singular importance to
the Department, port security.
---------------------------------------------------------------------------
\1\ The joint prepared statement of Ms. McClain, Admiral Thomas,
Mr. McAleenan, Mr. Kamoie and Mr. Sadler appears in the Appendix on
page 42.
---------------------------------------------------------------------------
Since 2007 and the passage of the SAFE Port Act, we now
have several key strategic documents that shape and guide our
efforts on port security: The National Strategy on Global
Supply Chain Security, the Global Nuclear Detection
Architecture (GNDA), and the soon-to-be-released 2014 DHS
Quadrennial Homeland Security Review (QHSR).
DHS is focused on enhancing port security through
prevention, protection, and resilience, pursuant to a risk-
based approach. While strengthening the global supply chain
system, including the maritime transportation network, we are
ever mindful that it is critical to do so by promoting the
efficient and secure movement of legitimate goods.
Guided by the principles in these overarching documents,
DHS's approach embraces five elements for a layered system of
maritime, port, and cargo security.
One, understanding the risk to better defend and protect
against radiological and nuclear risks.
Two, obtaining advance information and using advance
targeting techniques.
Three, increased collaboration with other Federal agencies,
foreign governments, and private stakeholders.
Four, implementing strong domestic security regimes.
And, five, promoting preparedness by sustaining grant
programs.
Within this strategic context, DHS can point to several key
developments in the past 7 years: Risk assessments to aid us in
understanding the threat environment and prioritization of
resources; Significant progress with international and private
partners to incorporate risk management principles and leverage
Trusted Trader Programs; The assessment of more than 1,500
foreign ports, 200 alone in 2013, under the International Port
Security Program; Establishment of 360 comprehensive Port
Security Plans by port operators; And, grant awards to achieve
interoperable communications, installation of surveillance
cameras at port facilities, and funding for other similar
physical security equipment and projects.
Looking forward, we face challenges of increased trade from
the expansion of the Panama Canal and increased activity in the
Arctic. With increasing trade and shifting trade patterns, we
must also confront aging infrastructure for a broad range of
DHS assets, from Coast Guard cutters to X-ray and radiation and
nuclear detection inspection systems. In forging the path for
progress, DHS will concentrate on improving information
collection, targeting, and dissemination, expanding global
capacity to secure the supply chain, and addressing risk across
all modes of transportation.
With a continued focus on enhancing the capabilities of our
components and our partners to address current and future
challenges to securing our ports, DHS will continue to dedicate
substantial attention and resources to implementing a layered
risk management approach to security across all transportation
pathways in an efficient and cost-effective way and building
essential partnerships at home and abroad.
Thank you again for the opportunity to testify about DHS's
progress on enhancements to port security. I will be happy to
entertain any questions.
Chairman Carper. Good. Thanks, and we are going to have
some, so thank you.
Ms. McClain. Thank you.
Chairman Carper. Thanks for your testimony.
Admiral Thomas, please proceed.
TESTIMONY OF REAR ADMIRAL PAUL F. THOMAS,\1\ USCG, ASSISTANT
COMMANDANT FOR PREVENTION POLICY, U.S. COAST GUARD, U.S.
DEPARTMENT OF HOMELAND SECURITY
Admiral Thomas. Thank you, Chairman Carper, Dr. Coburn, and
thank you both for your continued support of our Coast Guard
and the opportunity to discuss this really important topic with
you this morning.
---------------------------------------------------------------------------
\1\ The joint prepared statement of Ms. McClain, Admiral Thomas,
Mr. McAleenan, Mr. Kamoie and Mr. Sadler appears in the Appendix on
page 42.
---------------------------------------------------------------------------
The Coast Guard, in coordination with the other Department
of Homeland Security components, the interagency, and the
industry, implements a layered maritime security system. Our
goal is simple. We want to detect, interdict, and mitigate
threats as far from our shores as possible.
And, we accomplish this through the layered system that is
depicted on the slide before you and displayed to my left.\1\
As you can see on the slide, maritime security of U.S. ports
does not start and finish in the United States. Rather, the
opposite is true. The security of our ports begins in foreign
ports, at foreign facilities and terminals. This is the first
layer of our integrated system.
---------------------------------------------------------------------------
\1\ The slide referenced by Admiral Thomas appears in the Appendix
on page 56.
---------------------------------------------------------------------------
The Coast Guard's International Port Security Program
conducts assessments of foreign ports to ensure they meet
international security standards and to build the capacity of
our trading partners. So, just as you cannot enter U.S.
airspace unless the flight originated from an airport that
meets minimum security standards, you cannot enter U.S.
seaports unless that voyage originated from a foreign port that
meets security standards as certified by the Coast Guard.
Additionally, the Coast Guard-led Foreign Port Threat
Assessments bring together information from law enforcement and
intelligence communities to assess the level of governance,
crime, terrorist activities, and other factors that may help us
determine which threats emanate from those ports.
And, finally, overseas activities by our colleagues from
the Customs and Border Protection and other DHS components help
to ensure the safety and security of cargo and people before
they depart foreign ports.
If you look at the next several layers on the slide, the
international waters, the U.S. Exclusive Economic Zone, and
U.S. territorial seas, I will call these the offshore layer.
Our regulations require that each ship en route to a U.S. port
provide the Coast Guard at least 96 hours' advance notice of
arrival. This notice includes information about the vessel, the
cargo, the crew and passengers. Customs and Border Protection
also requires advance notice with information about the cargo,
the shipper, the consolidator, the receiving agent, among other
information. And, other Federal agencies, like the Centers for
Disease Control (CDC), may also require advance notice of
arrival under certain circumstances.
All of this information is collected and shared at both the
national and the port level. It is screened and assessed so
that, prior to arrival of any vessel, the Coast Guard Captain
of Port has a consolidated, comprehensive assessment of all
risks associated with that ship. And, when I say all risks, I
mean all risks, everything related to safety, security, and the
environment, as diverse as invasive species in ballast water or
cargo, or crew members on a watchlist, passengers exhibiting
signs of illness, or damage to the ship that might compromise
safety or the environment.
The Captain of Port then is able to coordinate a single
interagency, local, State, and Federal risk mitigation plan for
each ship that arrives. For the vast majority of these ships,
local coordination is required to plan the necessary control,
inspection, or enforcement actions. In some cases, the threat
rises to the level that interagency coordination at the
national level is required and we activate the Maritime
Operational Threat Response Protocols.
In some cases, the risk will be mitigated by interdicting
the ship in the offshore zone. In other cases, the ship is
allowed to enter the port, but is subjected to inspection and
oversight prior to beginning cargo or passenger operations.
These boardings are most often led by the Coast Guard, but they
may include personnel from other Department of Homeland
Security components or the interagency who can bring their
special capabilities to bear on a given threat.
In all cases, the vessel arrives at a port facility that
complies with the requirements of the Maritime Transportation
Safety Act and the SAFE Port Act. These facilities, by law,
have security staff trained to specific standards. They have an
access control system that includes credentials for each
employee. They have approved plans in place to prevent and
respond to security incidents. And, they execute a declaration
of security with the foreign ships, when appropriate, to ensure
the security and communications protocol at that ship-port
interface are clear.
And then beyond the individual port facilities, the port
community as a whole is prepared and resilient and are capable
of coordinated port-wide prevention, preparedness, response,
and recovery activities. This is due in large part to the
combined impact of investment through our Port Security Grant
Program, establishment of the Area Maritime Security
Communities, and development of the Area Maritime Security
Plans (AMSP).
In summary, Mr. Chairman, we have used the authorities in
the Maritime Transportation Security Act and the SAFE Port Act
to implement a security system that begins in foreign ports,
continues in the offshore area as a vessel transits to our
waters, and then remains ever vigilant in our ports that have
robust interagency, local, State, and Federal coordination to
mitigate threats, facilitate commerce, and respond to all
incidents.
Thank you. I look forward to your questions.
Chairman Carper. You took one second too long. [Laughter.]
You are off your game today, huh?
Admiral Thomas. Yes, sir.
Chairman Carper. Actually, that is very good. Thanks for
that testimony.
All right. Kevin, you are up. Please proceed.
TESTIMONY OF KEVIN K. MCALEENAN,\1\ ACTING DEPUTY COMMISSIONER,
U.S. CUSTOMS AND BORDER PROTECTION, U.S. DEPARTMENT OF HOMELAND
SECURITY
Mr. McAleenan. Good morning, Chairman Carper, Ranking
Member Coburn. It is a privilege to appear before you again
today.
---------------------------------------------------------------------------
\1\ The joint prepared statement of Ms. McClain, Admiral Thomas,
Mr. McAleenan, Mr. Kamoie and Mr. Sadler appears in the Appendix on
page 42.
---------------------------------------------------------------------------
Thanks to your continued support, along with effective
collaboration with Federal, international, and private sector
partners, DHS and U.S. Customs and Border Protection have made
significant advancements in maritime cargo security. CBP has
established security partnerships, enhanced targeting and risk
assessment programs, and invested in advanced technology, all
essential elements of CBP's multi-layered approach to
protecting the Nation from the entry of potentially dangerous
or volatile shipments, while expediting legitimate and
economically vital commerce. I would like to highlight the
progress of a few of these efforts for you today.
In the first few years after 9/11, CBP created several key
programs to enhance our ability to assess maritime cargo for
risk, examine shipments at the earliest possible point, and
increase the security of the supply chain. The Customs Trade
Partnership Against Terrorism (C-TPAT), was established in 2001
in the wake of the 9/11 terrorist attacks. C-TPAT provides
facilitation benefits to vetted members of the trade community
who volunteer to adopt tighter security measures throughout
their entire international supply chain. C-TPAT has grown from
seven initial members to over 10,000 members today.
The National Targeting Center (NTC), also started in 2001,
has developed world leading capabilities to assess cargo
shipments, crew, and travelers for risk before they are laden
or board vessels destined for the United States. At the NTC,
CBP utilizes the automated targeting system, intelligence,
commercial information, and traveler data to identify and
mitigate potential threats.
DHS and CBP have also strengthened detection equipment
capabilities at domestic seaports. Since 2001, CBP has acquired
1,387 radiation portal monitors and has increased its inventory
of large-scale non-intrusive inspection systems from 64 to 314.
These valuable systems help CBP officers detect radiological
materials, weapons, and illicit substances.
The support of Congress, specifically through the SAFE Port
Act, has been a key catalyst in advancing CBP's trade security
and facilitation capabilities beyond these signature efforts.
The Act codified and made importer security filings mandatory.
Building on the 24-hour rule, this program provides CBP
additional advanced insight into the supply chain, allowing us
to identify potential risks earlier and more accurately.
The Act also codified the Container Security Initiative
(CSI). Under CSI, CBP works with foreign authorities to
identify and examine potentially high-risk U.S.-bound maritime
containers before they are laden on vessels. CBP's 58 CSI ports
now pre-screen over 80 percent of all maritime containerized
cargo imported into the United States.
CBP will continue to build on our progress by exploring and
expanding new roles for industry stakeholders and international
partners, such as Trusted Trader Mutual Recognition Agreements.
We will continue to refine our targeting to better identify
high-risk cargo, and we will work to increase the percentage of
containers scanned abroad. And, we will continue to help lead
the effort in developing increasingly effective and
sophisticated global standards for cargo security. By utilizing
risk-based strategies and applying a multi-layered approach, we
can focus our resources on the very small percentage of goods
or shipments that are potentially high-risk. CBP's use of
advance information, technology, and partnerships improves
global supply chain integrity and reduces transaction costs for
U.S. businesses.
Thank you for the opportunity to testify today. I am happy
to answer your questions.
Chairman Carper. All right. Thank you for that testimony,
Kevin.
Brian Kamoie, welcome.
TESTIMONY OF BRIAN E. KAMOIE,\1\ ASSISTANT ADMINISTRATOR FOR
GRANT PROGRAMS, FEDERAL EMERGENCY MANAGEMENT AGENCY, U.S.
DEPARTMENT OF HOMELAND SECURITY
Mr. Kamoie. Thank you, Chairman Carper, Ranking Member
Coburn. I appreciate the opportunity to be with you and to join
my colleagues from the Department to talk about the Port
Security Grant Program, which we believe is a critical part of
the Department's efforts to enhance the security and resilience
of our Nation's ports.
---------------------------------------------------------------------------
\1\ The joint prepared statement of Ms. McClain, Admiral Thomas,
Mr. McAleenan, Mr. Kamoie and Mr. Sadler appears in the Appendix on
page 42.
---------------------------------------------------------------------------
Senator Coburn, as you mentioned, we have invested $2.9
billion since 2002. And while I agree with you that we
certainly can continue to improve our measurement of both the
effectiveness of those investments and our administrative
management of the programs, we have clear evidence of the value
of these investments across the program's priorities, which
include maritime domain awareness.
We have invested in over 600 port-wide projects that
include port-wide coordination and collaboration, interoperable
communications, and surveillance systems that assist in domain
awareness. We have invested $161 million just in interoperable
communications. We have also invested in improvised explosive
device (IED) capabilities and chemical, biological,
radiological, and nuclear capabilities, cybersecurity
capabilities as that threat continues to evolve, planning at
the port level training and exercises, and, of course, the
implementation of the Transportation Worker Identification Card
Program.
So, in addition to these programmatic achievements and, for
example, just in vessels that patrol our waterways, we have
invested in over 500 vessels. In New York City, for example,
the Port of New York used vessels, over 30 vessels, the day
Hurricane Sandy made landfall and rescued over a thousand
people.
So, we know these dollars are making a difference. And,
these investments also facilitate increased partnerships, not
just at the Federal level with my colleagues here, but at the
State and local level and with port owners and operators, and
we have seen in a variety of instances--you can assure
Congresswoman Hahn that we continue to make investments in the
Port of Los Angeles for information sharing and collaboration,
and Chairman Carper, in the Port of Wilmington, the investments
there, not just in interoperable communications, but in
information sharing between the port and the Fusion Center in
Delaware that has allowed the building of relationships with
State and local law enforcement and the port.
I thought I would also tell you where we are in the fiscal
year (FY) 2014 grant cycle. A hundred million dollars was
appropriated for the program this year. Applications came in on
May 23. The field reviews--as the Admiral mentioned, we work
very closely with the Coast Guard. We have a two-tiered review
process. Captains of the Port work with the port area, the
local and State government, through Area Maritime Security
Committees to prioritize projects. Those applications are under
that field review right now and will be referred for a national
panel review here at the headquarters level later this month,
and then we expect to announce awards by the end of July.
And so I will close by saying we look forward to the
continuing dialogue about how we can continue to make these
investments in the most effective and efficient way possible.
We think they have made a real difference. And, I look forward
to answering any questions you may have.
Chairman Carper. Good. Thanks. Nice job.
Stephen Sadler, please proceed. Thank you. Welcome.
TESTIMONY OF STEPHEN SADLER,\1\ ASSISTANT ADMINISTRATOR FOR
INTELLIGENCE AND ANALYSIS, TRANSPORTATION SECURITY
ADMINISTRATION, U.S. DEPARTMENT OF HOMELAND SECURITY
Mr. Sadler. Good morning, Chairman Carper, Ranking Member
Coburn, distinguished Members of the Committee. Thank you for
the opportunity to testify today about the TWIC Program.
---------------------------------------------------------------------------
\1\ The joint prepared statement of Ms. McClain, Admiral Thomas,
Mr. McAleenan, Mr. Kamoie and Mr. Sadler appears in the Appendix on
page 42.
---------------------------------------------------------------------------
TWIC is a fee-based program that provides a uniform,
industry-wide, tamper-resistant, biometric credential to
eligible maritime workers requiring unescorted access to secure
areas of port facilities and vessels regulated under the
Maritime Transportation Security Act of 2002.
TSA administers the TWIC Program jointly with the United
States Coast Guard. TSA is responsible for enrollment, security
threat assessments, and technical systems related to TWIC
cards. The Coast Guard is responsible for enforcement of TWIC
card use.
Since TSA launched a program in October 2007 at Wilmington,
Delaware, we have conducted security threat assessments and
issued cards to more than 2.9 million workers, including
longshoremen, truckers, merchant mariners, and rail and vessel
crews. The TWIC Program is the first and largest Federal
program to issue a standard biometric credential for use in
diverse commercial settings across the Nation. Working closely
with industry and our DHS partners, the TWIC Program has
evolved over the years to address concerns over the
applicability of Federal smart card best practices to a working
maritime environment, such as the requirement for two trips to
an enrollment center for card enrollment and activation. TSA
reformed the program by launching OneVisit in June 2013 in
Alaska and Michigan. This provides workers the option to
receive their TWIC through the mail rather than requiring in-
person pick-up and activation. Last month, TSA moved from the
pilot phase of the program to a phased implementation for all
TWIC applicants. We have added call center capacity for
applicants checking on their enrollment status. We have enabled
web-based ordering for replacement cards. We have increased
quality assurance at our enrollment centers. We have opened
multi-program enrollment centers across the country to allow
individuals to apply for the TWIC, the Hazardous Material
Endorsement, and TSA Pre-Check. We will expand the number of
TWIC enrollment centers to over 300 this year, adding to the
convenience of workers.
TSA continues to evolve and modernize our credentialing
programs through these initiatives, strong collaboration at the
Department, partnership with industry, and the support of this
Committee.
Thank you for the opportunity to testify today and I look
forward to answering your questions.
Chairman Carper. Thank you, Mr. Sadler.
And now, Stephen Caldwell, please proceed.
TESTIMONY OF STEPHEN L. CALDWELL,\1\ DIRECTOR, HOMELAND
SECURITY AND JUSTICE ISSUES, U.S. GOVERNMENT ACCOUNTABILITY
OFFICE
Mr. Caldwell. Chairman Carper and Senator Ayotte, thank you
for asking GAO to testify on port security.
---------------------------------------------------------------------------
\1\ The prepared statement of Mr. Caldwell appears in the Appendix
on page 57.
---------------------------------------------------------------------------
We have issued almost 100 reports on port security since 9/
11. Our most recent comprehensive report on port security was
issued in the fall of 2012 to note the 10-year anniversary of
the Maritime Transportation Security Act.
Let us start with planning. There was a National Strategy
for Maritime Security issued in 2005. GAO reviewed that
strategy and its eight supporting plans and generally found
they met much of the criteria that GAO has laid out for a good
national strategy. We have also looked at some of the more
detailed functional strategies, and in some cases, we have
found those to be wanting. At the port level, we found that
some of the plans specific to the ports have included the SAFE
Port Act's requirement that they also cover recovery issues.
Going back to some of the functional plans, we found some
deficiencies in those. For example, DHS, after issuing the
Small Vessel Security Strategy and laying out an implementation
plan for that, has not been tracking the progress of the
components in actually implementing it. That leaves some
opportunities unrealized due to the lack of disseminating any
potential lessons learned or even be able to track their
overall progress on that strategy.
In terms of maritime domain awareness, there have been a
number of improvements. The Coast Guard through its Common
Operating Picture Program, has provided additional data sources
to the users; allowed Blue Force Tracking, which is the ability
to track our own vessels; and also increased access across the
Coast Guard to more users. However, many of the original
systems used to increase maritime domain awareness have fallen
short of the capabilities that were originally planned for
those. Many of these shortcoming are due to acquisition
problems that our reports have noted, such as not developing
complete requirements at the beginning, not updating cost or
schedule baselines, and not monitoring performance through
initial operations.
Regarding the security of our domestic ports, DHS
components, especially the Coast Guard, have come quite a ways
in implementing the Maritime Transportation Security Act. Key
provisions of that Act call for security planning at the port,
facility, and vessel level. It also calls for the Coast Guard
to then inspect those facilities to make sure that those
planned security activities are indeed in place. GAO has
audited those programs. We have found progress, and most of our
recommendations in those areas have been implemented.
But, some areas remain problematic, and as noted in our
reports, we have concerns about the Port Security Grant Program
and the extent that DHS is monitoring the effectiveness of the
actual projects. Going back to 2005, GAO found that the program
lacked an adequate risk assessment process. It also lacked a
mean to measure the effectiveness of the projects and the
grants. Our more recent work did find that the grants are based
on risk using the process that Mr. Kamoie had described here at
both the port and the national level.
However, more than a decade after the program's start,
there are really no performance measures in place to determine
whether the program at the port or facility level has improved
security. In fact, in many cases, FEMA lacks project-level
visibility to know whether the projects were, indeed,
implemented as described.
Regarding global supply chain security, there has also been
a lot of progress, especially by CBP. We have reviewed these
programs and noted that their management and operations have
matured over time. We concur with CBP that implementing 100
percent scanning, as defined in the SAFE Port Act and 9/11 Act,
is extremely challenging. However, we are less convinced that
the existing risk-based program does not have room for
improvement. Our recent reports have found that CBP has not
been timely in terms of measuring the effectiveness of its
targeting system or evaluating the supply chain risks in
foreign ports, including CSI ports. We did see the May 5 letter
from the Secretary to you, Mr. Chairman, and note that both of
those issues are discussed as potential improvements.
In closing, GAO will continue to review port security
programs for Congress, for this Committee and others. For
example, we have ongoing work on port cybersecurity as well as
the disposition of high-risk containers.
That concludes my remarks. I am happy to answer any
questions. Thank you.
Chairman Carper. Good. Thanks so much for that testimony.
Senator Ayotte, nice to see you, and why do you not lead us
off.
OPENING STATEMENT OF SENATOR AYOTTE
Senator Ayotte. Thank you, Mr. Chairman. I appreciate it.
I just wanted to get a followup, Assistant Administrator
Sadler, and certainly Mr. Caldwell, about the TWIC Program. So,
you testified about the OneVisit pilot, and now it is going to
a nationwide mailing system. So, how do you assess it is going,
and are you able to do this without concerns about fraud? So,
just can you give us a quick update? Obviously, I appreciate
the steps you have taken on this, but just in terms of
substance.
And then I would like to hear from Mr. Caldwell about how
effective you think, overall, the TWIC Program is in helping
protect port security and what other--I mean, GAO has been
quite critical in past reports about what we need to do to
improve this program and its effectiveness. So, that is really
the issue I was hoping to get a little more insight on. Thank
you.
Mr. Sadler. Good morning, Senator. So, we started the pilot
for TWIC OneVisit last year, or 2012 to 2013, in Alaska and
Michigan. And then what we did, as we transitioned to our new
technical system, we started the implementation nationwide. So,
we started implementing the OneVisit in May of this year, May
12. So, we plan to have a phased schedule to implement it
across the Nation and we should have it done by this summer.
So, we think it is going fairly well. We do mail the cards
out. I believe we have about 3,000 cards for TWIC OneVisit
right now that have been mailed out of about 5,000 enrollments.
So, what we do is we send the card out separately and then we
send the PIN in a different letter. So, we try and send them
out in two different letters.
Senator Ayotte. So, you have not seen fraud yet on that
program?
Mr. Sadler. On the mailing itself?
Senator Ayotte. Yes.
Mr. Sadler. Not yet, Senator.
Senator Ayotte. OK.
Mr. Sadler. But, we are still in the early stages of the
implementation.
Senator Ayotte. OK. Thank you.
And, Mr. Caldwell, I know we are in the middle of a vote,
so I just wanted to get a quick thought on--one of the things I
think we have worried about overall about the TWIC Program, is
it making us more secure? Are we improving this system so that
we can have some reliability with it?
Mr. Caldwell. Well, two things. The TWIC OneVisit pilot, is
a tradeoff between security and convenience. It is more
convenient to use the mail but you are losing at least one of
your internal controls of being able to verify the person's
identity by having them pick it up in person. Congress directed
TWIC to go in that direction and----
Senator Ayotte. They did----
Mr. Caldwell [continuing]. So, that is what TSA did.
Senator Ayotte. But, it is also good for us to followup----
Mr. Caldwell. Yes.
Senator Ayotte [continuing]. To make sure that we did not--
that the choice we made there, that I was obviously a supporter
of----
Mr. Caldwell. Yes.
Senator Ayotte [continuing]. That we make sure that we are
following up on it, as well.
Mr. Caldwell. Yes. I do think it is a good idea to follow
up on that to see if there is fraud.
Senator Ayotte. But what I am worried about overall is, are
we really doing anything with TWIC? I am not trying to be funny
about this.
Mr. Caldwell. Yes.
Senator Ayotte. I get the goal of it. It makes sense. But,
obviously, the concern has been, how are we enhancing port
security overall?
Mr. Caldwell. We have those concerns, as well. We have had
concerns with the program pretty much from day one and the ways
it was implemented. For example, the reader pilot that was done
recently, we thought the evaluation of that was done quite
poorly and left out a lot of things that would be used to
evaluate the nature of any problems. What were the problems
that were coming up? Was it the card itself? Was it the reader?
Was it the person that was manning the security gate? When they
did their test of the reader pilot, they did not include this
kind of detailed data you need to know to get answers to such
questions.
Obviously, there are some additional concerns in terms of
the shooting down in Norfolk Navy Base.
Senator Ayotte. Yes. That was raised in the Commerce
Committee.
Mr. Caldwell. And the Navy now is not accepting TWIC, at
least by itself, as an acceptable card to get on that base. So,
they had some concerns with it.
There has been an assertion that the TWIC has improved
security, and we have seen that reported in the latest DHS
report to Congress. But we have not seen strong evidence
supporting it in terms of evaluating metrics.
Senator Ayotte. So, you want better metrics and you want--
--
Mr. Caldwell. GAO always wants better metrics, but----
Senator Ayotte. Yes.
Mr. Caldwell. But, I suspect we will be asked to look at it
again as it continues to be implemented.
Senator Ayotte. Are we doing better? I mean, that is a good
question.
Mr. Caldwell. Well, compared to nothing, having a pass that
is unique, that is used in multiple places and with the
background check, is useful. You can have felons because past
crimes can be waived, so they still have those cards. But you
do not have people getting the cards that have committed
espionage against the United States or terrorism crimes. That
is a pretty high bar. But one other way to look at it is that
TWIC was put in----
Senator Ayotte. Yes, that would be important.
Mr. Caldwell. TWIC was put in as part of MTSA, as a series
of protections, to prevent a transportation security incident.
That is where its a judgment call, about whether someone
getting in, committing a crime, committing murder, an whether
would that rise the level of a transportation security
incident? Not likely.
Senator Ayotte. If there is anything else you want to add.
I know we have to run to vote, but----
Mr. Sadler. Just quickly. The first thing I want to say is,
for a TWIC OneVisit, you have to go in and confirm your
identity when you go in to----
Senator Ayotte. The first time.
Mr. Sadler. The first time.
Senator Ayotte. Absolutely, yes.
Mr. Sadler. You have to do that. The other thing I would
say is that this is the first time that the maritime population
has been defined. Prior to TWIC, there was no definition as far
as I know, and I spent 20 years going in and out of ports. So,
I am not sure who knew nationally who was going----
Senator Ayotte. Who was going in and out of the ports.
Mr. Sadler. And who was not going in.
Senator Ayotte. We now know that answer.
Mr. Sadler. We now have a population of three million
people, and I vetted port workers before TWIC, a name-based vet
with information that was submitted by ports. We vetted 900,000
people. We did that prior to the implementation of TWIC as a
mitigation strategy. Now, we are up to three million people,
all right. So, the first thing is that we have defined the
population. We recurrently vet them, every single day.
Senator Ayotte. Mm-hmm.
Mr. Sadler. We have one common standard--put the biometric
aside--one common credential, one common background check. That
did not happen prior to the TWIC across the country. And some
places, you had to buy a multiple credential within the same
State.
Senator Ayotte. Right.
Mr. Sadler. So, if you went to one port, you had to buy a
credential. You went to another port, you had to buy a
credential. And, I cannot tell you what the background check
was. So, we think there is improvement in security just by
virtue of the fact of those things that I just mentioned.
Senator Ayotte. Thank you and thank you, Mr. Chairman.
Chairman Carper. Not at all.
I am going to slip out and run and vote and then come back,
so Dr. Coburn and I can go back and forth. I just want to
telegraph my pitch. When I come back, among the questions I
will be interested in asking, so you can be thinking about
them, are how do we measure success? I want to see if there is
some consensus on how we measure success and if there is some
consensus around common metrics. Then, how are we doing? What
are we doing especially well? What are we not doing so well?
And, finally, I always like to ask, what can we do to help?
All right. Dr. Coburn. Thank you all.
Senator Coburn. [Presiding.] Thank you. Have fun voting.
Let us keep talking about TWIC for a minute. I would just
like your assessment on somebody with a TWIC card that gets
into a port and shoots people. How does that happen? No system
is perfect, and I am not laying blame. I am just saying, how
did we miss that?
Mr. Sadler. At the time that individual was vetted,
Senator, the standard for manslaughter included all
manslaughter, voluntary and involuntary. So, when the
individual came through--the crime had been committed in 2005.
The conviction occurred in 2008. I believe he served about 800
days on his conviction, so he served about 2\1/2\ years. He was
released from incarceration in 2011. We encountered him in
December 2013. And, based on the standards that we were using
at the time, that voluntary manslaughter charge was not a
disqualifier. So, he got his card in January 2014.
As far as him using the card at the base, I would defer to
the Department of Defense (DOD), but the one point I have to
make is that the TWIC in and of itself does not give you access
to a port. You have to have the TWIC and you have to have a
business need.
Senator Coburn. Yes.
Mr. Sadler. So, we have gone back. We are scrubbing all the
cases we had for disqualifications and involuntary
manslaughter, voluntary manslaughter. And, we changed our
policy now that if you come in with a voluntary manslaughter
charge, that is going to be an interim disqualifier----
Senator Coburn. Yes.
Mr. Sadler [continuing]. Interim, meaning that you are
still eligible to appeal. You are still eligible to request a
waiver.
Senator Coburn. Right.
Mr. Sadler. You are still eligible to request an
Administrative Law Judge (ALJ) review. And, you are eligible to
go to court if you do not agree with the finding that we make.
Senator Coburn. OK, great. That is the kind of answer I was
wanting.
Talk to me about TWIC readers.
Mr. Sadler. I will defer to my colleague in the Coast
Guard, but to Senator Carper's point about what we can do to
increase security and how we can be more successful, that is
one way we can be more successful, is by implementing the TWIC
readers, because we have a biometric credential. We believe
that it works. Right now, it is being used as a visual
identification card, but it needs to be used as the biometric
credential, and it needs to be used on a risk-based basis, as
well. So, we believe that it is critically important to install
readers in ports.
Senator Coburn. Admiral.
Admiral Thomas. Thank you, Doctor. I really appreciate the
opportunity to answer that question, because as the agency
responsible for implementing security at our port facilities,
and as a previous Captain of Port myself, I think it is
important to recognize that TWIC and the TWIC reader are part
of a greater access control system for a facility, which has
its own security system, which is in itself part of a greater
system to secure our ports and the entire chain that I
discussed.
So, when you are going to put an access control system in a
facility, you are going to include fences, gates, guards,
lights, cameras, a credential of some sort, and in some cases,
a biometric reader for that credential. So, it is just a matter
of layering the security.
As the Chairman noted in his opening comments, if this was
security at all costs, we would have readers everywhere. But,
because we are trying to balance, as we should, the risk with
the benefit and facilitate commerce, we have done an exhaustive
analysis, which I am happy to explain to you, that has ensured
that the readers go at the highest-risk facilities. And I think
that the Coast Guard's proposed rule puts those readers where
the cost-benefit is currently the best. I think as we expand
the use of TWIC and TWIC-like credentials beyond the maritime
domain, because right now, it is the only place we have
transportation credentials, reader costs will come down, card
costs will come down, and the cost-benefit may change in a way
that it just makes sense to put readers at more facilities.
Thank you.
Senator Coburn. Do you have a proposed date where your
first round will be completed and then an assessment made of
TWIC readers?
Admiral Thomas. We are currently working on the rule. We
put out a Notice of Proposed Rulemaking. We have received about
2,600 comments. So, we are currently working through those
comments. We are going to make some adjustments to the rules
and we will go through the process. Hopefully, it will be
published probably some time next year, and then there will be
a 2-year implementation date before the readers have to be in
place.
Senator Coburn. So, we are 2\1/2\ years away from the
completion of what the present plans of the Coast Guard are?
Admiral Thomas. We are 2\1/2\ years or so away from the
date that I anticipate readers will be required at certain port
facilities.
Senator Coburn. OK. Thank you.
Let me go back for a minute. Ms. McClain, one of your
statements in your opening statement was spending money in a
cost-effective way. If you all do not have metrics on the
effectiveness of grant money that is spent, how do you know it
is cost effective?
Ms. McClain. Senator, I appreciate the question. I think it
is a little outside my lane. I would prefer to take that
question back and get you an answer, working with my colleague
from FEMA, on where we are in developing metrics or answering
that particular question.
Senator Coburn. Well, I do not think anybody will dispute
that we have done some good with the money we have spent, OK. I
am not saying that. I am just saying--and anybody can answer
this that wants, and I would love for GAO to comment on it, as
well. We have a port system where we tier risks and the vast
majority of money have gone to tier one ports. And, under the
system you are utilizing today, without any recognition of the
money that has already been spent, we continue to spend the
same money on the same risk because there is no risk reduction
recognized in your tiering.
So, if you do not have metrics associated with the money
that is being spent in the Port Security Grant Program, when do
we stop spending money at tier one ports? In other words, how
much is enough, and how do we know when we have the best cost-
benefit analysis, the most cost-effective program, based on the
risks and mitigation and the other goal that we have, how do we
know that if we do not have a metric-based system?
In other words, here is why we are spending this $2.9
billion. Here is what we are hoping to get, and here is how we
are going to measure whether we got it, because there are all
sorts of examples--I will not in this hearing--but privately--
give you all the lists of money that you spent on stuff that a
common sense person would say, does not have anything to do
with port security. I mean, I can think of--the two ports we
have in Oklahoma, the Port of Muskogee and the Port of Catoosa,
and we have two 27-foot boats for the Oklahoma Highway Patrol
on that river. And in terms of the risks associated with those
ports, those are low priority to me compared to what the higher
priority things are on that port, those two ports.
So, my question is, if we do not have metrics to measure,
and when we look at this in total--and I think you all have
done a wonderful job in terms of laying this out--but, how do
we know, and how do we know when to quit spending money that
gives us a diminishing return on the Port Security Grant
Program?
Mr. Kamoie. Senator, I am happy to field that question.
Improved measurement is absolutely an area where we see a lot
of opportunity.
Senator Coburn. But, let me interrupt you there.
Mr. Kamoie. Please.
Senator Coburn. What is your measurement now?
Mr. Kamoie. Sure. In fiscal year 2013, we, for the first
time, instituted measures related to sustainment of existing
capabilities versus building new ones. We took the GAO and Mr.
Caldwell's reports and recommendations quite seriously and are
looking very closely at what ports are doing with the funding.
We, for the first time, in the fiscal year 2012 application
cycle are requesting project-level data going in. You probably
are aware of the history of the program and the flexibility
that had been given at the local level against Area Maritime
Security Plans. There remains a lot of flexibility, but we are
increasing the oversight to request project-level data up front
so that we can start to get that information to form even more
effective measures of outcomes.
On the grants management side, Senator, we certainly have
measures now, and even over fiscal year 2012, measures of our
monitoring. Mr. Caldwell mentioned the level of monitoring. One
hundred percent of our Port Security Grants now undergo some
level of monitoring. We have a tiered monitoring system where
our program staff on a routine basis look at every award, look
at the history of the grantee, the history of the outcomes
achieved, their financial measures, from draw-down, rate of
expenditure, rate of deobligation, and that, then, is reviewed,
and we do prioritize based on the risks we see in their
management of the grants all the way up to desk reviews, where
we request a lot of additional information from grantees, and
then site visits.
So, what I would tell you, Senator, is I look forward to
continuing to work with you to continue to get the data we need
to form more effective measures. I agree with you that
everybody can point to the examples, and there are really some
stunning examples of how useful and effective this funding has
been. But, I think you would also agree with me the plural of
anecdote is not data, and we will continue to refine our
measures to get that data.
Senator Coburn. Yes. As I noted, I think it has improved,
but I think my underlying concern, somebody is going to be
sitting up here 10 years from now, and the amount of money to
spend on this kind of program is not going to be there. So, how
we spend the money today is really important, because there is
going to come a time--I will repeat for you, Social Security
Disability runs out of money at the end of next year. Medicare
runs out of money in 2026. Social Security runs out of money in
2032. By 2030, the entire budget will be consumed of Medicare,
Medicaid, Social Security, and the interest on the Federal
debt.
So, my questions are all based on the future, and if we
spend money really well now, we will not need to be spending
money in the future. So, that is the basis of the question. It
is not a criticism. It is just that we need the best cost-
benefit value for every dollar that you send out in the Port
Security grant.
Mr. Kamoie. We agree with you and we are working with our
partners on the Vulnerability Index, which is one of the things
you mentioned, and how do we understand what risk we have
bought down, and we will continue to look at that to make sure
we are spending the money as effectively as possible.
Senator Coburn. Thank you.
Admiral, one of my concerns, and I cannot go into detail,
but let me give you a hypothetical and you give me the answer.
Let us say somebody leaves one of our certified ports overseas
and arrives here, but in between there and now, something was
added to that cargo. Do we have the capability to know that?
Admiral Thomas. Well, Doctor, I am not exactly sure. If
they leave a foreign port----
Senator Coburn. They leave a foreign port that is one of
our certified ports, one of our allies, meeting all the
requirements that you all have, and someplace between when they
left and when they arrived at the Port of Los Angeles, somebody
has added a package.
Admiral Thomas. So, if that occurred at another foreign
port, so----
Senator Coburn. No, not in the port----
Admiral Thomas. Just in transit.
Senator Coburn. In transit.
Admiral Thomas. Well, the only way that we would be able to
determine--a couple things would have to happen. Probably, the
entire crew would have to be complicit with this individual
that is carrying this out, because it is difficult to access
particularly a container in transit without a significant
amount of effort, and that would require probably more than one
person.
Senator Coburn. Let us not worry about the details of that.
Admiral Thomas. Sure.
Senator Coburn. Let us say it happens.
Admiral Thomas. If it happens, the only way we would know
is--and, really, this is a better question for my colleague
from Customs and Border Protection--would be because the
container has been opened and we would be able to determine
that, but maybe you can----
Mr. McAleenan. Sure. Senator, we have two elements that I
think would be germane here. One, the Import Security Filing
gives us the stow plan for the vessel, so we know where each
container is on a vessel, whether that is going to be
accessible during a voyage or not. We do see drug smugglers
attempt to use what we call rip loads, where they break the
Customs seal, put a load just inside the doors of the
container, and lock it back up. That is really only doable on a
vessel in transit around the deck area. So, we know which
containers could be accessed. And then we do routine seal
checks upon arrival to see whether those containers have been
tampered with, whether those doors have been opened. So, there
are different steps in our layer of processes to address it.
Senator Coburn. Can somebody duplicate counterfeit your
seal?
Mr. McAleenan. They can try to, yes, and we have detected
dozens of attempts to do that pretty effectively.
Senator Coburn. So, they have not been able to do that as
of yet?
Mr. McAleenan. I will not say, Senator, that----
Senator Coburn. That you are aware of.
Mr. McAleenan [continuing]. There have been no successful
counterfeit attempts, but we do train our personnel to detect
what our seals are supposed to look like, whether they have
been tampered with, and there are number sequences and other
kind of safeguards in this process.
Senator Coburn. This is a long time ago, but I will just
share an experience with you. I bought a company in Puerto
Rico, put it into four containers, all the equipment,
everything that was there. All four containers arrived at one
of my plants here. All the seals were there. And when we opened
the containers, everything of significant value that could have
been marketed was gone, but the seals were still there. So, the
fact is--and that is way before 9/11. That was in the 1970s.
But, the fact is that people will try and do it.
I guess my question is really this. Do we have the
capability to track ships from the time they leave a port until
the time they arrive here and know whether or not they have
been boarded or accessed between disembarkment and embarkment
here?
Admiral Thomas. That is a question I probably cannot answer
in this venue, sir.
Senator Coburn. Got you. All right. Thank you.
Mr. Caldwell. Senator, did you want me to touch upon the
metrics issue?
Senator Coburn. Yes, please.
Mr. Caldwell. We have seen a weakness in metrics at the
strategic level. Whether it is the national strategy or the
more detailed functional plans, we have not seen metrics laid
out early as to what the end state is and how we are going to
measure that. We have also seen problems, particularly at the
program level, because those are easier for GAO to look for and
find.
We have found an improvement of the metrics of how the
programs are run, i.e., process metrics. One of the first
things that we do when we look at a program is ask how the
program is being run and obtain those metrics. A lot of times,
we will find weaknesses in those process internal controls.
Those have improved across the board, and so when I say some of
these programs have matured, a lot of this is better management
of the program. Where we have not seen large improvements is in
the area of actually measuring the results of the program and
what they are trying to achieve.
I would also agree with you on the importance of cost-
benefit analysis. We will get a push back from the agency that
our recommendations could be expensive and they do not have
enough money to implement them. But FEMA ends up spending $3
billion on port security grants. GAO has had an outstanding
recommendation for 9 years now, that FEMA come up with
performance measures on the Port Security Grants. So, maybe a
couple of million dollars to do some analysis to develop those
metrics on performance, in hindsight, looks like it might have
been money well spent.
One example of cost-benefit analysis having a positive
impact involves the advanced spectroscopic portals (ASP) that
the Domestic Nuclear Detection Office (DNDO) was developing.
The first testing that DNDO did it was very light--it was not
very rigorous. We pointed that out. When they did the rigorous
testing and then they looked at how much those ASPs would cost
compared to the marginal capability they were going to add, DHS
canceled the whole program. They canceled it after spending
$280 million, but eventually, they were planning to spend, $3
billion, so that was a case where whatever the testing or
analysis cost in the end it led to a good result.
Senator Coburn. All right. OK. Let me ask Mr. Kamoie, do
you all have plans to reinsert the fiduciary agents into the
PSG?
Mr. Kamoie. We do not, Senator.
Senator Coburn. And why is that?
Mr. Kamoie. When the fiduciary agent model was used, it was
at a time when the appropriations levels for the program were
much higher, and was several--I think it was starting in 2007
and after rounds of stimulus funding. The agent model was
absolutely necessary to assist the agency in distributing and
monitoring the funds.
Over time, however, as the appropriations level has gone
down and our internal capability with staffing has increased to
manage the program, the fiduciary agent model has become less
necessary. And in terms of monitoring performance, there was a
varying level of performance by fiduciary agents in monitoring,
and so given our increased staffing, our increased
capabilities, we think it is more appropriate that we monitor
and oversee the grant funding and how it is spent.
The other thing I will say is that the allowability of
management and administration costs from the grant program to
fiduciary agents of 3 to 5 percent would result, for example,
just this year in $3 to $5 million in overhead costs that we
think are better invested in actual port security projects.
Senator Coburn. Do you have the flexibility under the
appropriation bills to use some of that grant money for grant
management?
Mr. Kamoie. Senator, I will have to check the language and
get back with you on that.
Senator Coburn. But, would that help you? In other words,
rather than spending $3 to $5 million on a fiduciary, if we
spent an extra $1 or $2 million on managing grants, especially
cost effectiveness of grants, and then looking at that--I am
pleased with the progress that is being made. I just do not
think we are there yet, and so I would love to know what we
need to do to help you to be able to get to the point where a
model for grants at the Federal Government is, the Division of
Library and Museum Sciences. If you get a grant from them, you
can guarantee that they are going to check on you. They are
going to do a metric. They are going to know whether you
followed your plan in the grant. And if you are not, they pull
the grant and you do not ever get another one again. So,
everybody has a different expectation, and so the fact that
some grant money is going to things that are not really for
security, if you had that reputation, I guarantee you,
everything would be put down the way you want it put down, even
though you have flexibility.
Mr. Kamoie. I will absolutely take a look at that. We are
willing to learn lessons from wherever we can.
Senator Coburn. They are the best run grant program in the
government. It is not big.
Mr. Kamoie. I appreciate that.
Senator Coburn. The other thing is the spend down. We are
still, in terms of what--we have granted, but we have still got
a long ways to go on spend down. Where are we on that, and is
that because these are long-term programs?
Mr. Kamoie. So, that is getting better, as well, and early
on in the program, when ports were doing larger capital project
infrastructure building with multi-phase, complicated projects,
it took a long time to spend down. A lot of those projects have
been completed and we have taken a number of steps to assist
grantees in the spend down. One, we remind them quarterly.
Senator Coburn. Yes.
Mr. Kamoie. We are in touch, asking them to draw down. Two,
we have shortened the period of performance for grants to 2
years.
But, your question was where are we. In August 2012, for--
and we can followup in writing with these numbers, but for the
program years 2008 to 2011, 80 percent of the available funds
were not yet drawn down. A year later, for fiscal year 2008 to
2012--of course, every year, one goes off the books--but, we
moved the needle down to 44 percent of funds not being drawn
down. And, we did a check at the end of April, and right now,
we are at 39.3 percent not yet drawn down from 2008 to 2013.
Senator Coburn. All right. I am going to have to recess
this and go vote. Senator Carper will be back in a moment.
Mr. Kamoie. Thank you, Senator.
[Recess.]
Chairman Carper. [Presiding.] Let us just see if there is
any consensus on the metrics that we are using, how do we
measure success. Let us just start with you, Ms. McClain. What
are the metrics that we are using or ought to be using, and
using that metric or metrics, how are we doing?
Ms. McClain. Mr. Chairman----
Chairman Carper. Well, and maybe not so well.
Ms. McClain [continuing]. I think there are several
indicators that evidence success and progress in securing the
ports. I would note that in the last 7 years, our
relationships, our programs internationally, those global
partnerships, the capacity building, the agreements, everything
that is necessary to supply the whole global supply chain, I
think there have been significant advancements in that area. I
also think that our improvements in the advance data and
targeting area make us more secure, the Coast Guard's port
assessments, 1,500 ports. I think there are a lot of indicators
that there is a global recognition of the need to tackle this
issue on a broader basis.
Chairman Carper. All right. Same question, Admiral Thomas.
Admiral Thomas. Thank you, Mr. Chairman. I was Captain of
Port in Galveston, Texas, on September 11, 2001, and then for
the 3-years that followed as we scrambled to figure out what it
meant to secure our ports, and so from my perspective, it is
clear that we have achieved a lot. But, I think one of the
first things we did, and Mr. Caldwell mentioned the strategies
that were out there, we recognized that in order to build a
secure port, we had to first build the regimes. We had to do
that locally. We had to do it nationally. We had to do it
internationally. Then we had to build awareness so we could
figure out what was going on and be able to pick out anomalies.
And then we needed the capability to respond to those
anomalies.
So, if you look at those three building blocks and you
compare to where we were on September 11, 2001, to where we are
today, it is clear there has been progress, and there are clear
metrics within each of those.
So, with regard to regimes, certainly thank you to the
Congress for the Maritime Transportation Security Act and the
SAFE Port Act, but that was the impetus for the international
regime, which is the International Ship and Port Security Code,
as well as regimes that now have been implemented as far down
as individual port authorities. And, I am not talking about
just regimes that are required by the law. I am talking about
they understand that security is now part of their business
product. So, I think in that regard, there are clear measures.
Really, an intangible, probably, from here to see, but as
the Captain of Port, I can tell you, there was no awareness or
recognition that security really was part of the product in the
port. We had gotten the message across with regard to safety
and environment, but now they get it. It is part of their
business, as well. So, I think there is a metric there.
And certainly with regard to awareness and capability, we
have built the capabilities federally, locally,
internationally, all of which, I think, are clear evidence that
we have been effective in terms of enhancement.
I am with you. I think we need to do more. I think we can
never rest on our laurels. I am concerned about emerging
threats like cyber. We need to develop some metrics there.
Chairman Carper. We will come back. We will finish first.
But, how are we doing? What are we doing well? What metrics are
we doing? How do they demonstrate where they are doing better?
But, I want to come back and see what is on this ``to do'' list
for us. Kevin.
Mr. McAleenan. Mr. Chairman, I will touch on five areas.
Broadly, our ability to identify and mitigate risk is the
metric we seek to measure ourselves on.
First, on the data front, as Ellen alluded to, we are
getting advance information on all cargo shipments destined for
the United States--manifest information, entry information, an
Importer Security Filing, which is another 12 data elements
that are critical.
In terms of targeting and assessing that risk, category
two, we are analyzing all of it with our automated targeting
system, which we think is a very sophisticated capability that
is constantly and iteratively approved, and we are currently
working on responding to the GAO's ideas on identifying the
effectiveness of those targets with more granularity.
Three, examining at the earliest possible point in the
cycle. Currently, 85 percent of shipments that we identify as
potentially high-risk are examined before they are laden onto
vessels destined for the United States. Our examination
requests of our CSI foreign partners at our 58 ports are
accepted 99 percent of the time, and we think those are very
solid metrics. One hundred percent of containers identified as
potentially high-risk are examined before they are let into the
United States stream of commerce. So, 85 percent prior to
lading and the rest of the 15 percent before they are allowed
to enter the United States on arrival.
Securing the supply chain, category four. Over 50 percent
of all cargo containers by value are part of our C-TPAT
partnership with our 10,750 partners. We have increased the
security of the supply chain through that partnership. We are
also mutually recognizing other countries' systems, including
the European Union and six other agreements, to ensure broader
visibility globally, as Ellen alluded to, the international
partnerships.
And, five, our efforts to address the highest consequence
threats. Rad/nuc, we are scanning 99.8 percent of all arriving
containerized cargo through----
Chairman Carper. Say that again. What percent?
Mr. McAleenan. Ninety-nine-point-eight percent, so just
about everything arriving into seaport is scanned through a
radiation portal monitor, sophisticated, sensitive technology
for identifying radiological and nuclear materials.
The other part of this coin, sir, the facilitation piece
that you referenced, the vast majority of cargo arriving in the
United States is released before it even touches the dock. Our
C-TPAT partners are getting fewer exams because they have
secured their supply chains. We have established mobile
technology options for agriculture specialists to clear
shipments right there on the dock instead of waiting hours and
having those bananas sit in Wilmington. The U.S. Chamber of
Commerce and 71 others just wrote to the Secretary this week in
an open letter saying that this regime is working well and that
the facilitation piece, in particular, we have achieved through
this layered risk approach.
So, those are the metrics we look at. I am happy to
elaborate on any specifics.
Chairman Carper. All right. Fine. Mr. Kamoie.
Mr. Kamoie. Mr. Chairman, I think while you were out, what
we agreed is that in the Port Security Grant Program, that we
have measures, we have made progress, but that we agree we can
continue to make progress.
On the programmatic side of the effectiveness measures, we
look very carefully at the six priorities of the grant program:
Enhancing maritime domain awareness; enhancing improvised
explosive device detection; chemical, biological, radiological,
nuclear, and explosive prevention, protection, response, and
recovery capabilities; enhancing cybersecurity capabilities;
maritime security risk mitigation projects; planning training
exercises; and the Transportation Worker Identification
Credential implementation.
Right now, we have a measure that we are looking at
building new capabilities across those six areas and sustaining
existing capabilities. But, again, that measure can be better.
On the administrative management side, we have made
progress in measuring our ability to effectively and
efficiently release the funding, monitor programmatic use of
these funds, monitor grantee financial management of the funds,
monitor the closing of awards and grantee draw-down. We are
making progress, Mr. Chairman, and we have an opportunity to
make even more.
Chairman Carper. Good. Thanks. Mr. Sadler.
Mr. Sadler. Yes, sir. For us, I think it is about getting
good, quality information and data for us to make the right
decisions on when we issue a card. It is about continuing to
get that information after we issue the card so we can monitor
the individual to ensure that they have not done something as
to disqualifying, whether it is on a Terrorism Watch List or
through some type of criminal issue.
I think the other thing that is going to make us better is
installing readers. We believe that the Coast Guard, who we are
very close partners with, as we are with everyone else on the
panel, made the right decision to take a risk-based approach
and put readers where they need to be and we think that is
going to be a major improvement for our program, considering it
is a biometric credential.
And I think the last thing that we have to do is share
information, which we do on a daily basis. So, we need good
quality information to make good decisions with. We need the
information to keep on coming, so we can continue to make good
decisions after we issue the credential. We need to install
readers. And, we need to continue to share information, which
we do on a daily basis with our partners.
Chairman Carper. Mr. Caldwell.
Mr. Caldwell. Thank you very much. The most difficult
question is how do you measure security and risk, and I think
we have looked at that quite a bit across these programs. One
of the better measurement programs that we have found is a
Coast Guard program called the Maritime Security Risk Analysis
Model. They can actually, at the facility level, try to measure
the risk based on vulnerabilities and threats and various
scenarios and like that.
The Coast Guard also took a step trying to develop a more
sophisticated measure of how much Coast Guard programs actually
reduced risk in the port environment--their estimated
percentage reduction of maritime security risk subject to Coast
Guard influence. We were critical of this, because in the end,
it was subject matter experts in the Coast Guard sitting down
and thinking about what those reduction measures are and then
putting a single point of percentage on that.
We had a couple of criticisms in terms of ways they could
try to make that better. When there is so much judgment, you
want to give a range instead of a point estimate. But, I do not
want to be too critical of the Coast Guard in the sense that
they certainly were trying to think larger about their suite of
programs and to what extent they reduce risk.
They are looking at whether they want to keep that measure
or not. It was a measure they were using within the Coast
Guard. But they actually were not really using it to direct
resources or conduct operations. So, if you have a performance
measure but you are not really using it to monitor things or
prioritize resources, you have to question whether it is a
useful metric in the end. Thank you.
Chairman Carper. OK. Some of you began to answer the second
part of my question, but I want to take another shot at it. My
staff and my colleagues oftentimes hear me say these words. The
road to improvement is always under construction, and that is
true here, as well. I just want to, in terms of, again,
thinking of metrics, but thinking of areas, not where we are
making progress but areas maybe where we have not made nearly
enough--there has been some allusion to this, but some areas
where we have not made nearly enough, and we can actually
measure that we have not made nearly enough--are there any of
those--think about it out loud--who can help enable us to make
the progress that is needed? Us, the Legislative Branch? This
Committee? The President in his budget? Who needs to help out?
Ellen, do you want to go first?
Ms. McClain. Yes, Mr. Chairman. I think that, just to sort
of set the scene here, we certainly need an approach that is
flexible, innovative, so that we can take on the adaptive
adversary, and we need something that--an approach that is
risk-based so that we can make the most cost effective use of
our resources. That said, we recognize that we do not want to
have negative impacts on global trade.
So, we are looking in the near term to specific
improvements in the area of the targeting algorithms, reducing
the false alarms, working with our partners at some of the CSI
ports to increase the percentage of scanning that is
undertaken. We are looking at, and I think this is a key point
that I hope does not get lost in today's discussion, across all
pathways, focusing on a single pathway does not necessarily
reduce overall risk. So, as we go forward, we need to consider
improving security across all transportation pathways.
And, last, I would note that we are continuing the dialogue
with stakeholders to see what additional or expanded roles they
might take in improving the security of our ports.
Chairman Carper. OK. Thanks. Admiral.
Admiral Thomas. I think there are a couple areas that I
would be concerned about. The first is complacency. As we get
further from 9/11, I think the sense of urgency decreases. And
so from the Congress on down to the security guard at a
facility, we have to make sure we maintain the sense of urgency
with regard to port security, because the threat is adaptive,
and as good as the physical security systems that we have in
place are, there are emerging threats like cyber that we have
not yet addressed. We have begun to address them. I believe the
Coast Guard has the authorities that we need to do that and we
are working on what the resources might be, so you may hear
about that.
The other area that would be of concern is the real high-
end threat that needs to be intercepted as far offshore as
possible. We need to maintain the ability to get out there and
do something about some identified threat that is bound for our
shores, and that is a real challenge because it requires ships
and helicopters and people that are not only capable of getting
there, but are present at the time when you need them.
So, those two things are areas where we need to make sure
that we continue to build our capability and to build our plans
for action.
Chairman Carper. Great. Thank you. Kevin.
Mr. McAleenan. Mr. Chairman, I would echo a couple of the
comments that Ms. McClain made. On the targeting side, there is
always an opportunity to improve our analytics and our
capabilities to assess risk and we are pursuing that
aggressively. We have a good system for taking in current
intelligence, manipulating the data elements against it, and
identifying risk, but we want to continue to get better. So,
that is an area, and we do get Congressional support to
continue to improve in that area.
With the radiation portal monitors, we need to be able to
dial the algorithm so they are very sensitive for the threat
materials we are worried about, but they reduce the naturally
occurring radiological material alarms that we face on normal
commodities, like bananas, for instance, and granite, and other
things that do hit on our radiation portal monitors. We do not
want to waste time on those alarms. We want to focus on what
could potentially be dangerous material.
I think there are continued opportunities globally. We are
currently working with partners on broadening the scope of CSI,
security first, but also looking at other threats to the goal
of supply chain--contraband, commercial fraud that can support
criminal activity, and so forth. Enhancing global supply chain
security standards--we did that after 9/11 with the World
Customs Organization and the same framework of standards. There
are always opportunities to take that to the next level and to
build capacity with those governments and customs services that
are willing to step forward but do not have the internal
capacity or funding.
And then, of course, the private sector, continued
opportunities there, not only on the supply chain side with C-
TPAT, but looking at whether, from a terminal operator
perspective, there might be a return on investment to do
greater security work prior to lading from a private sector
perspective that we could then share and benefit in. So, we are
pursuing all of these angles as the Secretary noted in his
letter.
Chairman Carper. Those are great points. I really
appreciate your responses. I will come back and we will ask the
same question of the last three witnesses, and I will be right
back, Tom.
Senator Coburn. Do you want them to answer those, or do you
want to----
Chairman Carper. No, I will do that when I come back.
Senator Coburn. [Presiding.] OK. Thank you.
Let us talk about the 100 percent mandate and the fact that
we are at 2 to 4 percent. I think those numbers are right.
Please correct me if I am wrong. And, GAO, I would love for you
to get in on this. There is no question, the 9/11 Commission
said, for port security, we need 100 percent screening. And
what we hear is, that is not practical.
So, the question is somewhere between 2 to 4 percent and
100 percent, where do we need to be? How do we need to decide
where we need to be? How do we become more effective in terms
of container inspection? Admiral. Kevin.
Mr. McAleenan. Senator, I will start, and I am sure
colleagues will want to chime in. On the 100 percent mandate, I
think the key question for us is not the percentage itself, but
are we inspecting the right percentage. Are we inspecting and
identifying those containers that are high-risk and mitigating
that threat at the earliest possible point?
While you had to step out to vote, Senator, we talked about
some of the metrics that we are following and whether we are
accomplishing that and I would just like to reiterate one of
those elements for you, sir. On those containers that we
identify as potentially high-risk through our Automated
Targeting System (ATS), we are currently examining, with our
foreign partners under the Container Security Initiative, 85
percent of those containers before they are ever laden on a
vessel destined for the United States So, within that----
Senator Coburn. So, that is 15 percent that are not getting
inspected.
Mr. McAleenan. They are getting inspected fully at the
first port of arrival in the United States. So, we are checking
them before they enter the stream of commerce to the United
States, and we are getting 85 percent of them before they are
even on a ship destined for the United States.
Senator Coburn. OK. But, if that 15 percent, one of them
has a nuclear weapon in it, it is a little late, is it not?
Mr. McAleenan. Yes, but that is not the only layer that we
have in place prior to lading.
Senator Coburn. I understand, but when we think about this,
you are saying 85 percent of those deemed high-risk. So, what
is our goal to get to 100 percent of those deemed high-risk?
Mr. McAleenan. So, our goal there, sir, is to increasingly
target with the right foreign ports--how we can encourage them
to examine anything that we think is high-risk before lading.
So, we have 58 CSI ports covering over 80 percent of cargo
destined for the United States. We think we have placed those
CSI locations in the right places. We are currently, though,
assessing how the threats have changed. Are there certain
strategically important ports that we can add capability? Can
we work with additional countries to encourage them to take
some measures before lading?
Also, just mentioning as you came in, sir, working with
terminal operators in the private sector. Is there a way that
we can encourage terminal operators to increase the overall
inspection if they think there is a return on investment,
working with their customers to sell a security benefit that we
could then benefit from and share in the information, also.
Senator Coburn. All right. Admiral, any comments on that?
Admiral Thomas. The container inspection world really does
belong to Customs and Border Protection, although I can
certainly attest to the impracticality of looking at every
container as it comes through our yards. I have seen the
targeting that we do jointly on cargo and the automated
processes really are very effective and very adaptable. So, if
there is a new intelligence stream that comes in, we can very
quickly, or CBP can very quickly change their targeting and
identify cargo that might be associated with a newly identified
threat.
Senator Coburn. All right. So, here is the question, as a
common sense Okie, we are saying it is not capable to do 100
percent screening. Where is the study that says, here is what
this will cost and here is what this will slow down commerce?
Has that been done?
Mr. McAleenan. A number of studies in that regard have been
done, and I would offer the GAO might want to comment, as well.
We have done a study and provided several papers to Congress
estimating up to $16 billion in costs. The European Union has
done a study. The private sector has done several studies.
The challenge is, sir, there are 800 or so initial ports of
lading for containerized cargo destined for the United States,
an average of three to five lanes per port, an average of five
million to implement this kind of system prior to lading in
each lane, and that scope just makes it very challenging to get
to that level. There are a lot of questions on who pays, who is
responsible, how it is monitored, and so forth.
Senator Coburn. So, if you take the RAND study, even though
it is dated now, and say, if one sneaks in and you have the
tragedy that they spoke about at the Port of Los Angeles,
estimating a trillion-dollar effect on our GDP, $16 billion
does not seem that great. So, where do we go, GAO?
Mr. Caldwell. Senator, thank you. We have done several
studies on it. As far as the type of study you are asking for,
the only place I have seen it is in a recommendation we have
made. I think that CBP and the Department would have been
better off if, at that point, they just said, OK, we will do
the required feasibility study. This would have included a
cost-benefit analysis. CBP could have done it then and tried to
put this thing to bed, or at least show what those tradeoffs
are. Certainly, there have been multiple small pieces of
analysis, so I feel bad. Because I think the Department, in all
the little pieces of analysis they have done since then, have
almost gotten there.
I would also like to stop to talk about one popular myth.
The
9/11 Commission Report never called for the 100 percent
scanning of maritime cargo.
Senator Coburn. What did they call for?
Mr. Caldwell. They called for 100 percent scanning of air
cargo. The report said almost nothing about ports and maritime
security.
Senator Coburn. OK. That is great to know.
Mr. Caldwell. But, moving on, we do think the challenges to
100 percent scanning are likely insurmountable. The SAFE Port
Act left a lot of things undefined, and I think through the
pilots, CBP tried to understand what those undefined things
would actually be in terms of cost, and who does it.
But, there is also a concern that it would create a false
sense of security. You could scan a container. If it is done
within a customs regime that we trust, a port terminal that we
trust, then we have some confidence that after the container is
scanned and gets on that ship, it is going to be monitored.
But, a lot of times, we will not have that case. In a lot of
the cases, because of how ports are laid out, scanning is done
offsite. If that truck with the container has to drive three to
five miles to an from the scanner a lot can happen in that
distance.
The former Coast Guard Commandant Thad Allen said he
thought it was more likely that a weapon of mass destruction
would come in to the United States not through a highly
regulated regime like containers, but into the United States in
some small vessel coming in or snuck in some other way.
I also agree that intelligence will, in the end, be the
key, to revealing any weapons of mass destruction (WMD) that
terrorists are trying to smuggle in. I am not sure ATS by
itself would catch that. They have looked at millions and
millions of containers and used the risk-based analysis. Yet
they are still finding contraband, but, it is not like when
they find drugs in these containers that there is a one-to-one
match between, we had rated that containers as high-risk. There
are many cases where they find illegal stuff in containers that
had gotten through their ATS system, drugs or other contraband.
Our approach at GAO has been to look at the programs that
we have. We still would have liked to have seen DHS and CBP do
that feasibility analysis of 100 percent scanning. At this
point, we have closed that recommendation as not implemented. I
think that is water under the bridge. We would like to see CBP
doing better with the programs we have, recognizing that we are
not going to have a perfect system. One improvement would be
optimizing your targeting system, which means that you are
monitoring it on a regular basis. You are testing it to see how
it is doing. Another improvement is having the best CSI
footprint you can in terms of some of the CSI program focusing
on high-risk ports. If not, maybe CBP should pack up and shake
hands with those partners. Those partners will keep helping us,
but CBP could move some of those CSI operations to other ports.
Senator Coburn. Do you have specific recommendations on
ports from the GAO?
Mr. Caldwell. Yes, we do. We have a recommendation that CBP
use the port risk model they had used in 2009 to initially plan
the 100 percent scanning, or a similar type model to figure out
what ports they should actually be in. We tried to reproduce
that type of analysis and found that about 12 of the CSI ports
CBP was in were low-risk ports. More than half of the CSI ports
were in high-risk ports. We recognize that there are some ports
that are not going to let us in. I mean, you have some nasty
players out there that are not going to let a joint U.S.
program into their ports--I am not at liberty to disclose
details of individual ports, but there is movement in terms of
additional CSI ports, both opening and closing.
Senator Coburn. OK. Let us go back to grants and the tiered
port system for a minute. If we are not doing analysis on
progress, do we reevaluate the ports in terms of tiers? Here is
tier one, tier two, tier three, tier four. Is that done
routinely? Yearly? Biannually? How often do we reanalyze high-
risk ports, one? No. 2 is, without the metrics, but they are
getting better, how do we take what we have improved and
measure it to show a decreased risk for a tier one port so that
the dollars that you have can go to where the risks are the
greatest?
Mr. Kamoie. Thanks for the question, Senator. We reassess
the risk of the Nation's ports every year, and we use the risk
formula that incorporates the most recent data we have
available on threat, vulnerability, and consequence. And, there
have been times where changes in that risk data have resulted
in the changes in the grouping of ports. For example, last
year, in fiscal year 2013, there are eight tier one ports. San
Diego had a change in its relative risk formula, because these
are relative to one another, and so this year, it is not a tier
one port. So, we are making those adjustments. We work very
closely with the Department's Intelligence and Analysis unit to
populate the risk formula with the most recent data. So, yes,
we are looking at that continually.
Your second question, as to what the measurement and,
really, what I would consider to be buying down of that risk
and the vulnerability, I agree, we have some progress to make
there in terms of agreement on measurements and metrics to show
that progress, and show it in a way, and when the Chairman
comes back, his question was about how can the Congress help,
and here, I think, my ask of the Chairman and you, Senator, is
that we have a continued dialogue about the types of data that
would enable you to have more confidence and the American
people have more confidence that we are making that progress
and that we are being effective stewards of the taxpayer
dollars. I agree with you that we certainly have made progress
and we have plenty of good examples, but we would like to
continue to work with you to get at the data and the
measurement that would show that in a more compelling way.
Senator Coburn. Each port has a Port Security Plan, right?
Mr. Kamoie. Yes.
Senator Coburn. All right. Has Homeland Security done an
analysis of what the total cost would be to bring it up, on a
cost-effective benefit, how much total for all the tier one
ports would we need to spend to bring them to where they need
to be? Do we have that? Do we know that?
Mr. Kamoie. I am not aware of that analysis----
Senator Coburn. Well, that is----
Mr. Kamoie. We will have to followup.
Senator Coburn. That is an important question, because if
you do not know what they need, we will never get there, and--
--
Mr. Kamoie. Well, so, I mean, we certainly, at the Captain
of the Port level----
Senator Coburn. I know you know where the weaknesses are,
and I know that is where the grant money is going, but I am
saying, in the big picture----
Mr. Kamoie. Sure.
Senator Coburn [continuing]. If we are going to spend $100
million this year on Port Security Grants, and the total bill
for bringing our tier one ports is $2.5 billion, we are 12\1/2\
years from bringing them, and by that time, you are going to
have replacement needs. So, the question is, do we not think it
is important to really know by port, here is the total cost to
get us where we want you, and which one, out of those top eight
ports, which one has the greatest vulnerability basis and
should we not be spending maybe $70 million at one port and $30
million at the other eight on the basis of what the total need
is to bring them to that level where we feel confident?
Mr. Kamoie. Sure. We will absolutely take a close look at
that. We have moved the entire suite of grant programs toward
performance measurement against the core capabilities that are
in the National Preparedness Goal, following up, implementing
Presidential Policy Directive 8 on National Preparedness. We
continue to find the performance measures for those. But, we
are through the threat hazard identification and risk
assessment process. We are asking grantees to do a lot of what
you are talking about in terms of identifying capabilities and
then using the investments to close the capability gaps.
So, we are moving in that direction, but I am not aware of
a single analysis where we have put a price tag on, by port,
what it would take to close the gap in every port against one
level, but we will certainly take a look at that.
Senator Coburn. Well, I just think that would be really
important to know, because you are going to have limited
funds----
Mr. Kamoie. Yes.
Senator Coburn [continuing]. From here on out. It is not
going to change. And, sending the dollars where this is all
risk-based, right?
Mr. Kamoie. Yes.
Senator Coburn. Sending the dollars where the greatest risk
is should be our priority. So, I would just recommend you look
at that. I do not know if the GAO has any comments on that or
not----
Mr. Kamoie. Senator, if I might, we will take a close look
at that. I think the threat hazard identification risk
assessment process and the Area Maritime Security Working
Groups at the port level, I think they are getting at a lot of
that. But, I agree with you. We could make even more progress.
Admiral Thomas. If I could, on two of your points: The
first had to do with how do you account for risk bought down
with previous grant money in determining the risk ranking for
the next--we actually do that as part of the Coast Guard's
Maritime Security Risk Assessment Model that GAO mentioned. If
we have invested in a system that reduces the vulnerability or
mitigates the consequences of an attack on a facility, it gets
reflected in our model. That data is part of the risk formula
that DHS then uses to determine the tiers for the next year.
So, it is in there.
The other piece that you asked about is have we defined
what a secure port is and when will we know that we get there.
That is an interesting question. What I can tell you, though,
as a Captain of Port, is I watched the initial focus be on
securing individual facilities, so, let us make sure we have
fences and cameras and guards and Radiation Portal Monitors
(RPMs) and get facilities.
And then I saw it evolve to, well, we need to really secure
this port as a system, as well, so how do we link these fences
together? So, we invested in things like communications systems
that will allow everyone--and surveillance systems that were
focused on the common infrastructure, not on the private sector
infrastructure.
And, we said, well, that is good, but have we been able to
address what we are going to do if we get attacked and we need
to recover? So, we invested in trade resumption plans.
And so it has been a natural evolution. I believe we are
still in that evolution because we have emerging threats such
as cyber. I think the next round of grants is putting money
toward cyber vulnerability assessments so that we can then
understand what it is going to take to secure the cyber
infrastructure of the maritime--I do not know that we will ever
be able to say we are there, but I do see a very logical
progress on how we focused our planning and our investment.
Senator Coburn. We have a diagnostic system for cyber
within Homeland Security. Is the TWIC system applicable to that
system?
Mr. Sadler. Let me take that one, sir.
Senator Coburn. Yes.
Mr. Sadler. So, right now, the way the TWIC system works is
that the contractor provides the enrollment equipment and then
they connect to a system that eventually gets back to TSA, and
that system, whether it is on the enrollment side, the data
center side, up to the TSA side, is built to Federal standards.
They have to go through a certification and accreditation. They
go through auditing. They go through testing. So, it is not
monitored within the DHS system. It is monitored through the
TSA operations center. So, everything from the contractor's
data center practices----
Senator Coburn. You have answered my question. Got it. Mr.
Sadler. OK. Thank you.
Chairman Carper. [Presiding.] I would like to come back and
ask Mr. Kamoie, Mr. Sadler, and Mr. Caldwell to answer my
earlier question, please.
Mr. Kamoie. Absolutely, Mr. Chairman.
Chairman Carper. And then, just so you will know, the next
question I am going to ask of all of you is what do we need to
do? What is our ``to do'' list on this Committee and in the
Congress to make sure we continue to make progress? Thank you.
Mr. Kamoie. Absolutely, Mr. Chairman.
Chairman Carper. All right. Mr. Kamoie.
Mr. Kamoie. My ask of you and the Committee is for
continued dialogue--and I shared this with Ranking Member
Coburn before he stepped out--a continued dialogue about the
types of data and the types of measures that would give you the
confidence, give the American people the confidence that we are
investing the grant dollars in a way that is most efficient and
most effective and that we are all good stewards of these
resources.
I agree with Admiral Thomas. The threat is evolving. So,
too, have our measurement of where we are headed next. So, I
would appreciate a continued dialogue with you about how we
define the measures of success that will give you the
confidence that we are all looking for.
Chairman Carper. OK. Thanks.
Mr. Sadler, something for our ``to do'' list to help
continue to make progress.
Mr. Sadler. I think it is just continued support and
helping us get, from TSA's point of view, the readers out, and
the Coast Guard's point of view, understanding that the Coast
Guard is promulgating the rule, but there were a lot of things
that had to happen before they got to the point where they can
do that. So, when I say we need the readers, we need the
readers. That is not in any way insinuating that there is some
delay on the rules side. There was a lot of work that went into
getting to this point. So, we would ask for the continued
support so we could put readers in place, we could buy down
some risk, we can use the full capabilities of the card.
And, I think, to the Admiral's point before, it is critical
that we maintain mission focus. It is also critical that we
make risk-based decisions so we protect the right areas. And
then for our look at it, it is data quality, it is identity
verification, it is reduction in fraud, it is ensuring that the
right people get the card and the right people keep the card
after it has first been issued.
Chairman Carper. All right. Thank you. Mr. Caldwell.
Mr. Caldwell. So, I am going to provide a combo answer
because I am still trying to answer the question you asked
before, I have three things, two for the agencies to do and one
for the Committee to do.
First off is for agencies keeping the programs flexible.
The Coast Guard is trying to make their infrastructure security
patrols less predictable so you improve the level of
deterrence. I like what I see at CBP as well when they are
doing what they call their quayside or dockside scanning. In
such cases a ship will come in and CBP will target that ship.
It will not be based on whether the containers are high-risk or
not. CBP will be scanning every seventh one or tenth one
container coming off. They could be a little more flexible in
CSI and the footprint they have and think about whether they
need to shift that footprint a little bit to cover different
countries and ports, if possible.
I think cyber is the growing area. That is an area where
DHS and the Coast Guard have been monitoring the situation, and
they are talking about taking action. We will have a report we
are issuing tomorrow for the Senate Commerce Committee that
will have a lot more detail on that.
And then something for this Committee, and I think it is
starting to show up on the radar of the agencies. We do have to
sustain current equipment. You have vessels and you have
scanners and you have aircraft that are pretty important in
this security regime. This is true particularly in terms of
some of the interdiction and the deterrence missions and just
the daily things like scanning containers. Some of these assets
are reaching the end of their life. I know that CBP is trying
to extend the range of their scanners from, say, 10 years to 13
years. But, at some point, you are going to have to replace
them. Now that you have built this security regime and all the
things that go with it; sustainability will translate into
resource requirements just to keep what we have.
Chairman Carper. OK. The last three witnesses have pretty
much sort of gotten to my last question, which was, what is our
``to do'' list? And, I do not know that, Ms. McClain, you and
Admiral Thomas and Mr. McAleenan had a chance to do that. Our
``to do'' list--do you----
Ms. McClain. Chairman, I think I just echo some of the
points that were made earlier and emphasize that in moving
forward, anything we do needs to take into consideration that
DHS confronts a multitude of threats. And so to be cost
effective and efficient, we need to always bear that in mind.
I think the second point we made earlier is that, big
picture, we must focus security across all pathways, to buy
down risk, we do not want to encourage sort of a balloon effect
where we put all our security assets over here and the agile
adversary just circumvents that. So, the picture has to be
across all pathways.
And then echoing Mr. Caldwell's point about support to
address the aging infrastructure and funding DHS in accordance
with the President's budget. Thank you.
Chairman Carper. OK. Thanks.
Admiral Thomas, anything you have that we should be doing
on the legislative side.
Admiral Thomas. Thank you, Chairman. I do not have much to
add to what has been said. There may be some very specific
authorities and capabilities that we identify as we continue to
analyze the threat in the ports, but I think we have the right
access through the staffs to get that information to you.
I would say that this type of oversight and continued focus
by this Committee on this issue is really important to stave
off that complacency that I am concerned about, so we do
appreciate that.
Chairman Carper. Thank you.
Mr. McAleenan. Four quick things, echoing several things
that Mr. Caldwell mentioned. We need continued support for the
key programs we have discussed today, the Automated Targeting
System, CSI, and we are actively working on the recommendations
that Mr. Caldwell mentioned.
Recapitalization and sustainment of our critical
technology, radiation detection equipment and Non-Intrusive
Inspections, along with the Domestic Nuclear Detection Office,
we will be working with your team on those plans.
Three, what you articulated at the beginning, Mr. Chairman,
understanding the critical economic, expeditious, and
facilitated movement of cargo aspect of our mission. That
continues to be critical and needs to be understood.
And then, four, working with the Secretary and the
Department on an agreed path forward on scanning, keeping us
honest on the good faith efforts you identified and we
discussed today, but also working together on the best
framework for the future.
Chairman Carper. Good. Thanks.
I think Dr. Coburn, when I was out voting, asked a question
dealing with fiduciary agents, and I just want to come back
and--he asked part of my question. I just wanted to come back
and say the second half of the question. Maybe you all could
take a shot at it. I need to be someplace else, in 8 minutes,
so whoever would--Brian, I am going to ask you to take the shot
at this one----
Mr. Kamoie. Absolutely----
Chairman Carper. Rather than ending the use of fiduciary
agents for all ports, why not let ports decide for themselves
if they would like to use one?
Mr. Kamoie. We have considered that proposal and do not
think it is in the best interests of the program if some are
using fiduciary agents and others not. I mean, the benefit we
have derived by moving away from the fiduciary agent model is,
as the appropriations have gone down and our capabilities
internally have grown in terms of program oversight,
management, and monitoring, we have gotten a pretty good window
into the project level data and the approach grantees are
taking. And, we lost some of that visibility, as you might
expect. There was a variety of performance, varying levels of
performance across the fiduciary agent model.
And then the other thing is with the management and
administration fee, the fiduciary agents had access to 3 to 5
percent of the funds. We think those funds are better invested
in actual security projects.
So, I know that there is a range of opinions in the port
community about the fiduciary agent model, but we have decided
that the best thing for the most effective and efficient
management of the program is to bring that management in-house
and not use the fiduciary agent model.
Chairman Carper. OK. Thanks.
And, this last question would be for Ms. McClain, Admiral
Thomas, and Mr. McAleenan. Really short answers, if you would.
The first question is, what effect has increased security along
our land borders had on maritime border security? Ellen, if you
could just take 30 seconds.
Ms. McClain. Yes, Mr. Chairman. Two quick points. I think
the Trusted Trader Programs that we developed in the land
border context informed how we deal with those programs in the
maritime context.
And, second, I think it pointed out to us, and I will
quickly go back to South Florida in the 1980s, how you need a
risk-based approach across all pathways to secure any single
pathway. Thank you.
Chairman Carper. Thank you. Admiral.
Admiral Thomas. Well, somewhat outside of the realm of port
security, but certainly, we have seen the balloon effect on
particularly the Southern part of the West Coast and also in
the Caribbean. As we secure our land borders for illegal drugs
and contraband and other illegal activities, they have taken to
the water, and so we have adjusted our forces and that is
really the impact that we have seen there.
Chairman Carper. OK. Thank you.
Mr. McAleenan. I agree with the Admiral. We have not seen a
significant impact in terms of changes in the threat within
commercial flows. We have seen the effect of security between
ports of entry push activity out into the littorals on the West
Coast as well as up through Puerto Rico.
Chairman Carper. OK. There is a second half to that
question, but I do not have time to ask it. You may not have
time to answer it.
I am just going to wrap it up here. I am really glad that
Dr. Coburn encouraged us to have this hearing. This is timely.
There is a fair amount of progress to be reported on and there
is still plenty of work to do. I am encouraged that the sense
of team is at play, and that certainly helps, and we are part
of that team. But, thank you all for your preparation today,
for coming and helping to make this a very great hearing.
It is clear to me that one of the most important take-aways
from today's hearing is that it is critically important that we
strike the right balance. It is not an easy thing to do. It is
easy to say, but it is hard to do, strike the right balance
between security, trying to make sure we do not unduly impede
the flow of transportation and trade. As we all know, what did
we say, 95 percent of our trade moves on the water, but the
port surge is vital to our Nation's well-being and they are a
conduit for a lot.
With that, I am going to call a halt to this. Some of my
colleagues are going to have some questions to ask, and we may
have some ourselves, so the hearing record will remain open for
15 days. That is until June 19 at 5 p.m., for the submission of
statements and questions for the record.
With that, I would say to our Republican staff and our
Democrat staff and all my colleagues, thank you very much for
your help in this, and to each of you for joining us today. I
think one of you, it was maybe you, Admiral, said oversight is
a good thing, and we hear that a lot, so we will not disappoint
you. Thanks so much.
With that, we are adjourned. Thank you.
[Whereupon, at 12:27 p.m., the Committee was adjourned.]
A P P E N D I X
----------
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
[all]