[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]




 
RAISING THE STANDARD: DHS'S EFFORTS TO IMPROVE AVIATION SECURITY AROUND 
                               THE GLOBE

=======================================================================

                                HEARING

                               before the

                            SUBCOMMITTEE ON
                           TRANSPORTATION AND
                          PROTECTIVE SECURITY

                                 of the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                     ONE HUNDRED FIFTEENTH CONGRESS

                             FIRST SESSION

                               __________

                           SEPTEMBER 26, 2017

                               __________

                           Serial No. 115-28

                               __________

       Printed for the use of the Committee on Homeland Security
       
       
       
       
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]                              




                                     

        Available via the World Wide Web: http://www.govinfo.gov
        
        
        
        
        
        

                               __________                        
             
                               
                   U.S. GOVERNMENT PUBLISHING OFFICE
                   
 28-417 PDF                 WASHINGTON : 2018       
____________________________________________________________________
 For sale by the Superintendent of Documents, U.S. Government Publishing Office,
Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800
  Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001                                   
                               
                               
                               
                               
                               
                               
                               

                     COMMITTEE ON HOMELAND SECURITY

                   Michael T. McCaul, Texas, Chairman
Lamar Smith, Texas                   Bennie G. Thompson, Mississippi
Peter T. King, New York              Sheila Jackson Lee, Texas
Mike Rogers, Alabama                 James R. Langevin, Rhode Island
Jeff Duncan, South Carolina          Cedric L. Richmond, Louisiana
Lou Barletta, Pennsylvania           William R. Keating, Massachusetts
Scott Perry, Pennsylvania            Donald M. Payne, Jr., New Jersey
John Katko, New York                 Filemon Vela, Texas
Will Hurd, Texas                     Bonnie Watson Coleman, New Jersey
Martha McSally, Arizona              Kathleen M. Rice, New York
John Ratcliffe, Texas                J. Luis Correa, California
Daniel M. Donovan, Jr., New York     Val Butler Demings, Florida
Mike Gallagher, Wisconsin            Nanette Diaz Barragan, California
Clay Higgins, Louisiana
John H. Rutherford, Florida
Thomas A. Garrett, Jr., Virginia
Brian K. Fitzpatrick, Pennsylvania
Ron Estes, Kansas
                   Brendan P. Shields, Staff Director
               Steven S. Giaier,  Deputy General Counsel
                    Michael S. Twinchek, Chief Clerk
                  Hope Goins, Minority Staff Director
                                 ------                                

         SUBCOMMITTEE ON TRANSPORTATION AND PROTECTIVE SECURITY

                     John Katko, New York, Chairman
Mike Rogers, Alabama                 Bonnie Watson Coleman, New Jersey
Clay Higgins, Louisiana              William R. Keating, Massachusetts
Brian K. Fitzpatrick, Pennsylvania   Donald M. Payne, Jr., New Jersey
Ron Estes, Kansas                    Bennie G. Thompson, Mississippi 
Michael T. McCaul, Texas (ex             (ex officio)
    officio)
             Krista P. Harvey, Subcommittee Staff Director
             
             
                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable John Katko, a Representative in Congress From the 
  State of New York, and Chairman, Subcommittee on Transportation 
  and Protective Security:
  Oral Statement.................................................     1
  Prepared Statement.............................................     3
The Honorable Bonnie Watson Coleman, a Representative in Congress 
  From the State of New Jersey, and Ranking Member, Subcommittee 
  on Transportation and Protective Security:
  Oral Statement.................................................     4
  Prepared Statement.............................................     6
The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Ranking Member, Committee on 
  Homeland Security:
  Prepared Statement.............................................    20

                               Witnesses

Mr. Craig Lynes, Director of Global Compliance, Office of Global 
  Strategies, Transportation Security Administration, U.S. 
  Department of Homeland Security:
  Oral Statement.................................................     7
  Joint Prepared Statement.......................................     8
Mr. Todd C. Owen, Executive Assistant Commissioner, Office of 
  Field Operations, Customs and Border Protection, U.S. 
  Department of Homeland Security:
  Oral Statement.................................................    13
  Joint Prepared Statement.......................................     8
Ms. Jennifer Grover, Director, Homeland Security and Justice, 
  U.S. Government Accountability Office:
  Oral Statement.................................................    15
  Prepared Statement.............................................    16

                             For the Record

The Honorable Bonnie Watson Coleman, a Representative in Congress 
  From the State of New Jersey, and Ranking Member, Subcommittee 
  on Transportation and Protective Security:
  Statement of Anthony M. Reardon, National President, National 
    Treasury Employees Union.....................................    26
The Honorable William R. Keating, a Representative in Congress 
  From the State of Massachusetts:
  Report, Secrets In The Sky.....................................    33

                                Appendix

Questions From Ranking Member Bonnie Watson Coleman for Craig 
  Lynes..........................................................    45
Questions From Ranking Member Bonnie Watson Coleman for Todd C. 
  Owen...........................................................    46
Questions From Ranking Member Bonnie Watson Coleman for Jennifer 
  Grover.........................................................    47


RAISING THE STANDARD: DHS'S EFFORTS TO IMPROVE AVIATION SECURITY AROUND 
                               THE GLOBE

                              ----------                              


                      Tuesday, September 26, 2017

             U.S. House of Representatives,
                Subcommittee on Transportation and 
                               Protective Security,
                            Committee on Homeland Security,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10:09 a.m., in 
room HVC-210, Capitol Visitor Center, Hon. John Katko (Chairman 
of the subcommittee) presiding.
    Present: Representatives Katko, Higgins, Fitzpatrick, 
Estes, Watson Coleman, Keating, and Thompson.
    Also present: Representative Jackson Lee.
    Mr. Katko. The Committee on Homeland Security, Subcommittee 
on Transportation Protective Security will come to order. The 
subcommittee is meeting today to examine global aviation 
security standards at last-point-of-departure airports and to 
assess the Department of Homeland Security's current security 
capabilities in order to protect American aviation assets and 
American citizens traveling internationally.
    I now recognize myself for an opening statement.
    The recent failed plot to take down a passenger plane in 
Australia is yet another stark reminder that aviation still 
stands as a top target for terrorists around the world. This is 
the last in a series of incidents, unfortunately, some of which 
have been successful from the terrorists' standpoint.
    This incident is alarming for many reasons, but perhaps 
most disturbing is how the improvised explosive device came 
into the hands of the suspect. According to reports, an ISIS 
operative sent the parts of the IED on a cargo plane from 
Turkey to the suspects in Australia. The suspects were able to 
build the IED and then attempted to conceal it in their 
luggage.
    Fortunately, the bag was over the weight limit and unable 
to be brought on the plane. If not for good luck, and stupidity 
on the part of the bad guys, this plot could have been 
successful.
    The Australians called this one of the most sophisticated 
plots that has ever been attempted on Australian soil. Exposing 
not only the vulnerabilities and threats to both passenger and 
cargo aircraft, this plot illuminates the importance of the 
international community in securing aviation.
    The international aviation system represents our modern, 
globalized world. However, with interconnected transportation 
systems come interconnected risks. No matter how good our 
domestic airport and aircraft security is, we must continue to 
raise the standard of global aviation security for foreign 
countries and last-point-of-departure airports.
    It is imperative that aviation security standards are 
robust and that these standards are commonplace in foreign 
countries, especially those with last-point-of-departure 
airports to the United States.
    Confidence in aviation security at home begins with the 
assurance that our global partners are enforcing security 
standards abroad. Today, this subcommittee holds this hearing 
to better understand the scope and impact of the Department of 
Homeland Security's global programs aimed at securing 
international aviation, as well as recent efforts to enhance 
security at overseas airports with direct flights to the United 
States.
    We want to hear from all of our witnesses about what we are 
currently doing to improve global aviation security, as well as 
what we could be doing better, and how Congress can work with 
the departments to support those efforts.
    I must say, I encourage you all to speak frankly and 
candidly, and not just have talking points and not just have 
glossy overarching language. We want to get down to the nitty 
gritty. We want to know how we can do better and what the 
actual vulnerabilities are.
    We can't afford to ignore the potential security lessons 
from the Australian incident, which was thankfully 
unsuccessful. Just as a failed 2010 Yemen plot led to major 
improvements to cargo screening, we must use this as a way to 
assess and improve our own security and the security of our 
international partners.
    Additionally, ISIS' role in his plot solidifies their 
sophistication, unfortunately, and their determination and 
ability to threaten every corner of the globe despite losing 
large parts of its so-called caliphate in Iraq and Syria.
    The Department of Homeland Security's overseas mission is 
now more important than ever, and it is critical that this 
subcommittee understands the extent of the Department's global 
reach, as well as how the U.S. Government is working with 
foreign partners and aviation stakeholders to enhance security 
at overseas airports.
    The subcommittee supports the recent security measures that 
were implemented for in-bound flights to the United States. We 
look forward to hearing how these measures are improving our 
security and what else is under consideration to continue to 
raise the standard of global aviation security.
    Additionally, we want to hear about the efforts of other 
entities, such as the International Civil Aviation 
Organization, in setting aviation security standards world-
wide. ICAO, as it is known for short, and other entities, are 
an essential component in proliferating security best practices 
and capacity building at high-risk airports around the world.
    However, the sad reality is that many airports around the 
globe, with inadequate security, are receiving passing grades 
based on ICAO standards that I believe are outdated. Our 
Department of Homeland Security must do all it can to raise 
these international standards and ensure their enforcement, and 
I look forward to hearing more about that.
    Throughout the 114th, and 115th Congresses, this 
subcommittee has worked to close security gaps at last-point-
of-departure airports. This includes my legislation signed into 
law that directs TSA to perform comprehensive security risk 
assessments of all LPD airports and develop a strategy to 
enhance security for in-bound flights, while also authorizing 
TSA to donate screening equipment to foreign airports in need 
of advanced technology.
    It also includes Chairman McCaul's Homeland Security 
Authorization Bill, which directs the United States to work 
with international partners to increase the minimum standards 
for aviation security world-wide, and requires foreign airports 
to provide U.S. inspectors with information about the screening 
and vetting of airport workers during regular security 
assessments.
    These pieces of legislation highlight the challenges our 
foreign partners face in passenger and cargo screening, as well 
as vetting aviation workers with access to secure and sensitive 
areas of airports.
    These efforts in Congress, together with the actions of the 
Department of Homeland Security abroad, will continue to bring 
attention to last-point-of-departure airport security and show 
the global aviation community that the United States is serious 
about these international challenges.
    Regardless of how challenging they may be, however, we must 
always strive to lead in this critically important area because 
raising the aviation security standard around the globe will 
ultimately keep America safe.
    We all know and we all acknowledge that America is the Holy 
Grail for terrorism, and we must understand that by keeping 
standards that are in place in America and getting those 
standards internationally is critically important.
    [The statement of Chairman Katko follows:]
                    Statement of Chairman John Katko
                           September 26, 2017
    The recent failed plot to take down a passenger plane in Australia 
is a stark reminder that aviation still stands as a top target for 
terrorists around the world. This incident is alarming for many 
reasons, but perhaps most disturbing is how the improvised explosive 
device came into the hands of the suspects. According to reports, an 
ISIS operative sent the parts of the IED on a cargo plane from Turkey 
to the suspects in Australia. The suspects were able to build the IED 
and then attempt to conceal it in their luggage. Fortunately, the bag 
was over the weight limit and unable to be brought on the plane. If not 
for good luck, this plot could have been successful. The Australians 
called this one of the most sophisticated plots that has ever been 
attempted on Australian soil.
    Exposing not only the vulnerabilities and threats to both passenger 
and cargo aircraft, this plot illuminates the importance of the 
international community in securing aviation. The international 
aviation system represents our modern, globalized world. However, with 
interconnected transportation systems comes interconnected risk. No 
matter how good our domestic airport and aircraft security is, we must 
continue to raise the standard of global aviation security for foreign 
countries and last-point-of-departure airports. It is imperative that 
aviation security standards are robust, and that these standards are 
commonplace in foreign countries, especially those with LPD airports. 
Confidence in aviation security at home begins with the assurance that 
our global partners are enforcing security standards abroad.
    Today, the subcommittee holds this hearing to better understand the 
scope and impact of DHS's global programs aimed at securing 
international aviation, as well as recent efforts to enhance security 
at overseas airports with direct flights to the United States. We want 
to hear from all of our witnesses about what we are currently doing to 
improve global aviation security, as well as what we could be doing 
better, and how Congress can work with the Department to support these 
efforts.
    We cannot afford to ignore the potential security lessons from the 
Australian incident, which was thankfully unsuccessful. Just as the 
failed 2010 Yemen plot led to major improvements to cargo screening, we 
must use this as a way to assess and improve our own security and the 
security of our international partners. Additionally, ISIS's role in 
this plot solidifies their sophistication, determination, and ability 
to threaten every corner of the globe--despite losing large parts of 
its so-called caliphate in Iraq and Syria.
    DHS's overseas mission is now more important than ever, and it is 
critical that this subcommittee understands the extent of the 
Department's global reach, as well as how the U.S. Government is 
working with foreign partners and aviation stakeholders to enhance 
security at overseas airports. The subcommittee supports the recent 
security measures that were implemented for in-bound flights to the 
United States. We look forward to hearing how these measures are 
improving our security and what else is under consideration to continue 
to raise the standard of global aviation security.
    Additionally, we want to hear about the efforts of other entities, 
such as the International Civil Aviation Organization, in setting 
aviation security standards world-wide. ICAO and other entities are an 
essential component in proliferating security best practices and 
capacity building at high-risk airports around the world. However, many 
airports around the globe with inadequate security are receiving 
``passing grades'' based on ICAO standards. DHS must do all it can to 
raise these international standards and ensure their enforcement, and I 
look forward to hearing more about that.
    Throughout the 114th and 115th Congresses, this subcommittee has 
worked to close security gaps at LPD airports. This includes my 
legislation signed into law that directs TSA to perform comprehensive 
security risk assessments of all LPD airports and develop a strategy to 
enhance security for in-bound flights, while also authorizing TSA to 
donate screening equipment to foreign airports in need of advanced 
technology. It also includes Chairman McCaul's DHS Authorization bill, 
which directs the United States to work with international partners to 
increase the minimum standards for aviation security world-wide, and 
requires foreign airports to provide U.S. inspectors with information 
about the screening and vetting of airport workers during regular 
security assessments. These pieces of legislation highlight the 
challenges our foreign partners face in passenger and cargo screening, 
as well as vetting aviation workers with access to secure and sensitive 
areas of airports.
    These efforts in Congress, together with the actions of DHS abroad, 
will continue to bring attention to LPD airport security and show the 
global aviation community that the United States is serious about these 
international challenges. Regardless of how challenging they may be, 
however, we must always strive to lead in this critically important 
area, because raising the aviation security standard around the globe 
will ultimately keep Americans safe.

    Mr. Katko. Now, I am pleased to recognize the Ranking 
Member, my friend of the subcommittee, the gentlelady from New 
Jersey, Mrs. Watson Coleman, for her opening statement.
    Mrs. Watson Coleman. Thank you, Chairman Katko, and thank 
you for convening this hearing.
    I appreciate the witnesses being here today as well. This 
year there have been a series of thwarted terrorist plots that 
underscore the diverse nature of the threat to aviation. We 
know that when the Department of Homeland Security issues an 
aviation security directive, the entire world reacts.
    It is important that this subcommittee continues its robust 
oversight of DHS's efforts to raise baseline security at 
overseas airports. Over the past decade, TSA and CBP have 
played central roles in these efforts.
    The Obama administration expanded CBP's pre-clearance 
program to help the Department of Homeland Security identify 
terrorists, criminals, and other security threats prior to 
boarding passenger planes.
    Additionally, under President Obama's leadership, DHS 
pushed out policies that improved security for U.S.-bound 
flights, principally through active engagement with the 
international body that oversees standards for civil aviation. 
It is imperative that Congress and the Department of Homeland 
Security build on the gains made under the Obama administration 
to advance aviation security.
    The recent aviation threat posed by large personal 
electronic devices and the foiled Australia airplane attack 
demonstrate that we cannot place 9/11, subsequent attacks, and 
thwarted plots in the rearview mirror. We must continue to move 
forward.
    In moving forward, Congress has a responsibility to 
prioritize agency spending. My colleagues on the other side of 
the aisle, should familiarize themselves with the phrase 
``opportunity cost.''
    For every dollar that is diverted to erecting the 
politically-motivated border wall, there are fewer resources 
for doing vital, real security work, like international 
engagement or on aviation security or surface transportation 
security, an area of which I am particularly interested in.
    As stewards of the taxpayer dollars, we have a duty to put 
valuable taxpayer resources in the areas of greatest need. 
Providing adequate resources is paramount to allowing TSA to 
quickly respond to threats.
    I hope to hear more today about where the agency's needs 
are, as well as how they have adjusted to the recent threats. I 
look forward to hearing from CBP about their pre-clearance 
program and plans for the future.
    The Obama administration planned to expand that program by 
10 new foreign airports, but it is unclear whether President 
Trump has a desire in growing this security program. I will be 
happy to hear what you have to say about that.
    I am pleased to see GAO participating in today's hearing. 
GAO has been a steady source for Congress as we learn more 
about security for last-point-of-departure airports. Their 
contribution to today's hearing is invaluable. I look forward 
to engaging with GAO about their findings, and issues for 
Congress to consider.
    Finally, let me say that the new Trump travel ban is deeply 
troubling. Identifying--excuse me--indefinitely banning all 
citizens of certain countries from applying for visas to the 
United States is not only bad security policy, it is un-
American.
    I am confident our Government can continue to conduct 
individualized risk-based assessments on visa applicants that 
ensure our Nation's security without undermining our 
fundamental principles as a Nation. I hope that the courts will 
closely scrutinize this most recent travel ban and urge my 
colleagues to exercise our oversight authority on this issue.
    With all that said, once again, I thank the witnesses for 
appearing before us today. Look forward to hearing from you 
today on those critically important issues. As an aside, let me 
just say that having read your written testimonies that you 
submitted, I am very impressed with the measure of 
accountability checks and balances that are employed with the 
work that you do, and I feel a certain sense of confidence 
having read that.
    With that, Mr. Chairman, I yield back to you. Thank you.
    [The statement of Ranking Member Watson Coleman follows:]
           Statement of Ranking Member Bonnie Watson Coleman
                           September 26, 2017
    Thank you, Mr. Chairman. Thank you for convening this hearing.
    I appreciate the witnesses being here today.
    This year, there have been a series of thwarted terrorist plots 
that underscore the diverse nature of the threat to aviation. We know 
that when the Department of Homeland Security issues an aviation 
security directive, the entire world reacts. It is important that this 
subcommittee continue its robust oversight of DHS's efforts to raise 
baseline security at overseas airports. Over the past decade, TSA and 
CBP have played central roles in these efforts.
    The Obama administration expanded CBP's Preclearance Program to 
help the Department of Homeland Security identify terrorists, 
criminals, and other security threats prior to boarding passenger 
planes. Additionally, under President Obama's leadership, DHS pushed 
out policies that improved security for U.S.-bound flights, principally 
through active engagement with the international body that oversees 
standards for civil aviation. It is imperative that Congress and the 
Department of Homeland Security build on the gains made under the Obama 
administration to advance aviation security.
    The recent aviation threats posed by large personal electronic 
devices and the foiled Australian airplane attack demonstrate that we 
cannot place 9/11, subsequent attacks, and thwarted plots in the rear 
view mirror. We must continue to move forward.
    In moving forward, Congress has a responsibility to prioritize 
agency spending. My colleagues on the other side of the aisle should 
familiarize themselves with the phrase ``opportunity cost.'' For every 
dollar that is diverted to erecting the politically-motivated Border 
Wall, there are fewer resources for doing vital REAL security work, 
like international engagement on aviation security or surface 
transportation security. As stewards of the taxpayer dollars, we have a 
duty to put valuable taxpayer resources in the areas of greatest need. 
Providing adequate resources is paramount to allowing TSA to quickly 
respond to threats.
    I hope to hear more today about where the agency's needs are as 
well as how they have adjusted to the recent threats. I look forward to 
hearing from CBP about their Preclearance program and plans for the 
future. The Obama administration planned to expand the program by 10 
new foreign airports, but it is unclear whether President Trump has any 
interest in growing this security program.
    Finally, I am pleased to see GAO participating in today's hearing. 
GAO has been a steady source for Congress as we learn more about 
security for last-point-of-departure airports. Their contribution to 
today's hearing is invaluable and I look forward to engaging with GAO 
about their findings and issues for Congress to consider.
    With all that said, once again, I thank the witnesses for appearing 
before us today, and look forward to hearing from you today on these 
critically important topics.
    I yield back the balance of my time Mr. Chairman.

    Mr. Katko. Thank you, Mrs. Watson Coleman. Other Members of 
the subcommittee are reminded that opening statements may be 
submitted for the record.
    We are pleased to have a distinguished panel here to 
testify here before us today on this very important topic.
    Let me remind the witnesses that their entire written 
statements will appear in the record. Our first witness is Mr. 
Craig Lynes. Mr. Lynes served as the director of compliance 
with the Office of Global Strategies at the Transportation 
Security Administration. That is his current role.
    Prior to that role, Mr. Lynes, served as the director of 
Global Affairs International Operations from 2014 to 2017, 
where he was responsible for reducing security risks to global 
transportation modes through operational support to TSA 
representatives, or TSARs.
    Previously, Mr. Lynes, was stationed overseas as the 
attache for the United Kingdom, Ireland, and Iceland based at 
the U.S. embassy in London, which is pretty cool I must say. I 
have a lot of family over in Ireland still.
    I now recognize Mr. Lynes for his opening statement.

STATEMENT OF CRAIG LYNES, DIRECTOR OF GLOBAL COMPLIANCE, OFFICE 
 OF GLOBAL STRATEGIES, TRANSPORTATION SECURITY ADMINISTRATION, 
              U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Lynes. Thank you. Chairman Katko, Ranking Member Watson 
Coleman, and Members of the subcommittee, thank you for the 
opportunity to testify regarding TSA's global aviation security 
mission. My name is Craig Lynes, and I serve as TSA's director 
of Global Compliance.
    The terrorist attacks of TWA flight 847 and the bombing of 
Pan Am flight 103 were two significant events from which the 
foreign airport assessment program was founded and that led me 
to seek a career in international aviation security.
    I began my Federal career as a civil aviation security 
inspector for the FAA. I have held a number of international 
positions at TSA, including as an international industry 
representative, the TSA representative attache to the United 
Kingdom and most recently in executive leadership positions 
within TSA's international program.
    It was during my overseas posting in London that I had the 
opportunity to serve as the U.S. speaker at the 25th 
anniversary of the Pan Am flight 103 attack in Lockerbie, 
Scotland, pledging at the somber anniversary, our unrelenting 
commitment to continuing the fight against terrorism, 
protecting global civil aviation, and seeking to ensure that 
these types of horrific events never occur again.
    Yet as terrorists actively pursue multiple approaches to 
compromising the global web of civil aviation, targeting both 
passenger and cargo aircraft, including innovative methods for 
concealing explosives, recruiting airport and airline insiders, 
attacking airport public areas and hijacking aircraft, TSA has 
taken significant steps to address not only these threats, but 
to raise the global baseline for aviation security.
    TSA has worked closely with airlines and industry on 
enhanced security measures enacted in June 2017. These measures 
helped to secure flights from more than 280 last-point-of-
departure airports in 105 countries around the world. These 
enhanced security measures, both seen and unseen, will improve 
screening and heighten security standards for airlines and 
airports.
    The global compliance directorate is responsible for 
ensuring the effective implementation of these measures through 
the world-wide deployment of our assessment teams. TSA's 
international inspectors are located in six regional offices 
throughout the world.
    As required by law, TSA is responsible for assessing 
foreign airports with direct flights to the United States and 
inspecting aircraft operators with service to the United 
States. During fiscal year 2016, TSA conducted 135 foreign 
airport assessments and 1,880 air carrier inspections.
    The United Nation's recent passing of Security Council 
Resolution 2309 called upon the international community to 
bolster its efforts to secure international air travel.
    Within ICAO, TSA continues its work to enhance 
international aviation standards. Recently, TSA Administrator 
Pekoske spoke at the ICAO Symposium, where he emphasized the 
importance of advancing global aviation security.
    These include fostering a culture of security, information 
sharing, ensuring rigorous implementation of standards, 
adopting innovation and technology, all with thorough oversight 
programs.
    To assist and promulgate the efforts of raising the 
baseline, TSA has forward-deployed TSA representatives who 
serve as the on-site attaches in embassies abroad. TSARs are 
charged with building and maintaining strong security 
partnerships around the world to advance TSA security policies 
and initiatives.
    Additionally, TSA international industry representatives 
serve as the primary liaison to over 330 foreign and domestic 
airlines. They coordinate information sharing on aviation 
security requirements, security policy, and incident 
management.
    TSA Federal air marshals also cover numerous flights 
departing from international airports. Our mission overseas is 
to identify, analyze, and mitigate vulnerabilities to reduce 
the risk to in-bound aviation. Our assessment and inspection 
information allows us to identify vulnerabilities and develop 
mitigation plans to address them.
    Capacity development is one of our primary methods for 
addressing vulnerabilities. Activities range from traditional 
classroom training, interactive workshops, technical 
assistance, mentoring and equipment loans and donations. In 
fiscal year 2016, TSA conducted 47 capacity development events 
world-wide.
    Thank you for the opportunity to appear before you today to 
discuss TSA's role in international aviation security. I look 
forward to answering your questions.
    [The joint prepared statement of Mr. Lynes and Mr. Owen 
follows:]
        Joint Prepared Statement of Craig Lynes and Todd C. Owen
                           September 26, 2017
                              introduction
    Good afternoon, Chairman Katko, Ranking Member Watson Coleman, and 
distinguished Members of the subcommittee. Thank you for the 
opportunity to appear before you today to discuss U.S. Customs and 
Border Protection's (CBP) role in cargo and passenger security as it 
pertains to commercial air service.
    In response to 9/11 and the persisting threats from terrorists and 
criminals who have long viewed aviation as a leading target for attack 
and/or exploitation, CBP continues to adapt its security approach and 
strengthen its ability to detect and mitigate diverse threats through a 
multi-layered, risk-based system. As the lead Department of Homeland 
Security (DHS) agency for border security, CBP works closely with our 
domestic and international partners to deny terrorist exploitation of 
the aviation sector and to protect the Nation from a variety of dynamic 
threats, including those posed by passengers, cargo and commercial 
conveyances arriving at our ports of entry (POE).
    CBP utilizes a risk-based strategy and operational approach to 
secure and facilitate the immense volume of international trade and 
travel. In fiscal year 2016, CBP officers processed more than 390 
million travelers at air, land, and sea POEs, including more than 119 
million air travelers. CBP officers also processed more than 27 million 
imported cargo containers at POEs in fiscal year 2016, equating to 
$2.28 trillion in imports.\1\
---------------------------------------------------------------------------
    \1\ Air import values account for approximately 25 percent.
---------------------------------------------------------------------------
    CBP's security and facilitation missions are mutually supportive: 
By utilizing a risk-based strategy and multi-layered security approach, 
CBP can focus time and resources on those suspect shipments and 
passengers that are high-risk. This approach separates known and 
unknown air travelers and allows CBP to facilitate legitimate trade and 
travel, which are critical to America's economic growth.
    By leveraging intelligence-driven analysis, innovative 
partnerships, and advanced technology, CBP secures and promotes the 
movement of legitimate cargo and travelers transiting through the 
aviation environment. This multi-layered approach is designed to 
detect, identify, and prevent potentially dangerous or inadmissible 
individuals or dangerous cargo from boarding planes bound for the 
United States and is integrated into every aspect of our rigorous 
travel and cargo security operations at every stage along the 
international trade and travel continuum.
                           air cargo security
    CBP's cargo security approach incorporates three layered elements 
to improve supply chain integrity, promote economic viability, and 
increase resilience across the entire global supply chain system.
Advance Information and Targeting
    First, CBP leverages advance information about cargo, conveyances, 
and persons, and tailored targeting techniques to increase domain 
awareness and assess the risk of all components and factors in the 
supply chain. CBP, supported by the Transportation Security 
Administration (TSA), recently extended the Air Cargo Advance Screening 
(ACAS) pilot,\2\ which began after the global counterterrorism 
community discovered and disrupted a potential terrorist attack in 
October 2010 that would have occurred mid-air over the continental 
United States, using explosive devices concealed in cargo on-board two 
aircrafts destined to the United States. This incident demonstrated the 
significance of early advance information in identifying and disrupting 
terrorist attempts to exploit the global supply chain. While CBP had 
already been receiving some advance electronic information for air 
shipments prior to arrival in the United States, this incident exposed 
the need to collect certain advance information to enable CBP and TSA 
to target and mitigate high-risk shipments prior to the loading of 
cargo onto aircraft destined for the United States. The ACAS pilot 
program requests that the in-bound carrier or other eligible party 
electronically transmit specified advance cargo data (ACAS data) to CBP 
for air cargo transported onboard U.S.-bound aircraft as early as 
practicable, but no later than prior to loading of the cargo onto the 
aircraft.
---------------------------------------------------------------------------
    \2\ https://www.federalregister.gov/documents/2017/07/24/2017-
15441/extension-of-the-air-cargo-advance-screening-acas-pilot-program.
---------------------------------------------------------------------------
    This advance information requirement is a critical element of CBP's 
targeting efforts at the National Targeting Center (NTC) and enhances 
CBP's capability to identify high-risk cargo without hindering 
legitimate trade and commerce. The NTC, established in 2001, 
coordinates and supports CBP's counterterrorism activities related to 
the movement of cargo in all modes of transportation--sea, truck, rail, 
and air. Using the Automated Targeting System (ATS), the NTC 
proactively analyzes advance cargo information before shipments depart 
foreign ports. ATS incorporates the latest cargo threat intelligence 
and National targeting rule-sets to generate a uniform review of cargo 
shipments, and provides comprehensive data for the identification of 
high-risk shipments. ATS is a critical decision-support tool for CBP 
officers working at the NTC, the Advanced Targeting Units at our POEs, 
and foreign ports.
Government and Private-Sector Collaboration
    Second, in addition to CBP's targeting capabilities, a critical 
component of CBP's effort to extend our cargo security to the point of 
origin is our effective partnerships with private industry. CBP works 
with the trade community through the Customs--Trade Partnership Against 
Terrorism (C-TPAT) program, which is a public-private partnership 
program wherein members of the trade community volunteer to adopt 
tighter security measures throughout their international supply chains 
in exchange for enhanced trade facilitation, such as expedited 
processing. C-TPAT membership has rigorous security criteria, and 
requires extensive vetting and on-site validation visits of domestic 
and/or foreign facilities. This program has enabled CBP to leverage 
private sector resources to enhance supply chain security and integrity 
on a global level.
    C-TPAT membership has grown from just seven companies in 2001 to 
more than 11,000 companies today, accounting for more than 54 percent 
(by value) of goods imported into the United States. The C-TPAT program 
continues to expand and evolve as CBP works with foreign partners to 
establish bi-lateral mutual recognition of respective C-TPAT-like 
programs. Mutual Recognition as a concept is reflected in the World 
Customs Organization's Framework of Standards to Secure and Facilitate 
Global Trade, a strategy designed with the support of the United 
States, which enables Customs Administrations to work together to 
improve their capabilities to detect high-risk consignments and 
expedite the movement of legitimate cargo. These arrangements create a 
unified and sustainable security posture that can assist in securing 
and facilitating global cargo trade while promoting end-to-end supply 
chain security. CBP currently has signed Mutual Recognition 
Arrangements with New Zealand, the European Union, South Korea, Japan, 
Jordan, Canada, Taiwan, Israel, Mexico, Singapore, and the Dominican 
Republic and is continuing to work toward similar recognition with 
China, Brazil, Peru, Uruguay, and India.
Advanced Detection Equipment and Technology
    Finally, CBP maintains robust inspection regimes at our POEs, 
including the use of non-intrusive inspection (NII) equipment, canines, 
and radiation detection technologies. NII technology enables CBP to 
detect materials that pose potential nuclear or radiological threats, 
and other materials, including illicit narcotics such as heroin, 
fentanyl, cocaine, and illicit prescription drugs. Technologies 
deployed to our Nation's land, sea, and air POEs include large-scale X-
ray and Gamma-ray imaging systems, as well as a variety of portable and 
handheld technologies. NII technologies are force multipliers that 
enable us to screen or examine a larger portion of the stream of 
commercial traffic while facilitating the flow of legitimate cargo. 
Canine operations are also an invaluable component of CBP's cargo 
security operations. CBP canine teams work at international mail 
facilities to examine millions of foreign mail shipments coming into 
the United States from all parts of the world.
    These interrelated elements are part of a comprehensive cargo 
security strategy that enables CBP to identify and address the 
potential use of containerized cargo to transport dangerous materials, 
before they arrive at our Nation's border.
                         air passenger security
    On a typical day, CBP welcomes to the United States more than 
300,000 international travelers at our Nation's airports. One of the 
initial layers of defense in securing international air travel is 
preventing dangerous persons from obtaining visas, travel 
authorizations, and boarding passes. Before boarding a flight destined 
for the United States, most foreign nationals \3\ must obtain a 
nonimmigrant or immigrant visa--issued by a U.S. embassy or consulate--
or, if they are eligible to travel under the Visa Waiver Program (VWP), 
they must apply and be approved for a travel authorization through the 
Electronic System for Travel Authorization (ESTA).
---------------------------------------------------------------------------
    \3\ Exceptions would be citizens of countries under other visa 
exempt authority, such as Canada. Citizens of countries under visa 
exempt authority entering the U.S. via air are subjected to CBP's 
vetting and inspection processes prior to departure. In the land 
environment, they are subjected to CBP processing upon arrival at a 
U.S. POE.
---------------------------------------------------------------------------
Pre-departure Safeguards
    Through ESTA, CBP conducts enhanced vetting of VWP applicants in 
advance of travel to the United States, to assess whether they are 
eligible to travel under the VWP, or whether they could pose a risk to 
the United States or the public at large. All ESTA applications are 
screened against security and law enforcement databases, and CBP 
automatically refuses authorization to individuals who are found to be 
ineligible to travel to the United States under the VWP. Similarly, 
current and valid ESTAs may be revoked if concerns arise through 
recurrent vetting.
    In response to increasing concerns regarding foreign fighters and 
other terrorist threats, DHS continues to strengthen the security of 
VWP including by implementing enhancements to ESTA. Recent enhancements 
include a series of additional questions VWP travelers must answer on 
the ESTA application, including other names and citizenships; parents' 
names; contact and employment information; city of birth; travel 
history in select countries. These improvements are designed to provide 
an additional layer of security for the VWP and increase our ability to 
distinguish between lawful applicants and individuals of concern.
    Any traveler who requires a nonimmigrant visa to travel to the 
United States must apply to the Department of State (DOS) under 
specific visa categories depending on the purpose of their travel, 
including those as visitors for business, pleasure, study, and 
employment-based purposes. Prior to the issuance of a visa, the DOS 
screens every visa applicant's biographic data against the DOS Consular 
Lookout and Support System, and provides data to the inter-agency 
community via the streamlined DOS Security Advisory Opinion (SAO) 
process to alert consular officers to the existence of Terrorist 
Screening Database (TSDB) files or records related to potential visa 
ineligibilities. DOS also checks the applicant's biometric data (i.e., 
fingerprints and facial images) against other U.S. Government databases 
for records indicating potential security, criminal, and immigration 
violations.
    In an effort to augment visa security operations, U.S. Immigration 
and Customs Enforcement (ICE) Visa Security Program (VSP) personnel are 
co-located with CBP personnel at the NTC to conduct thorough and 
collaborative analysis and in-depth investigations of high-risk visa 
applicants. The VSP is focused on identifying terrorists and criminal 
suspects and preventing them from exploiting the visa process, while 
the NTC provides tactical targeting and analytical research in support 
of preventing terrorist and terrorist weapons from entering the United 
States.
    Furthermore, ICE, CBP, and DOS have implemented an automated visa 
application screening process that significantly expands DHS's ability 
to identify serious threats to National security and public safety. The 
program enables synchronized reviews of information across these 
agencies and allows for a unified DHS response and recommendation 
regarding a visa applicant's eligibility to receive a visa. This 
process also serves as a precursor to and works in conjunction with the 
current DOS SAO and Advisory Opinion (AO) programs. The collaborative 
program leverages the three agencies' expertise, authorities, and 
technologies to screen pre-adjudicated (approved) visa applications and 
enhance the U.S. Government's anti-terrorism efforts.
    Once travel is booked, CBP's NTC gathers information, assesses 
risk, and conducts pre-departure vetting for all international flights 
departing for the United States by commercial air. CBP leverages all 
available advance passenger data \4\--including Passenger Name Record 
(PNR) and Advance Passenger Information System (APIS) data, previous 
crossing information, intelligence, and law enforcement information, as 
well as open-source information in its counterterrorism efforts at the 
NTC--to make risk-based operational decisions before a passenger boards 
an aircraft, continuing until the traveler is admitted to the United 
States.
---------------------------------------------------------------------------
    \4\ When a traveler purchases a ticket for travel to the United 
States on a commercial air carrier, a PNR may be generated in the 
airline's reservation system. PNR data contains information on 
itinerary, co-travelers, changes to the reservation, and payment 
information. CBP receives passenger data from commercial air carriers 
at various intervals up to 96 hours prior to departure and concluding 
at the scheduled departure time. Further, APIS regulations require that 
commercial air carriers transmit all passenger and crew manifest 
information before departure, prior to securing the aircraft doors. CBP 
vets APIS information, which includes passenger biographic data and 
travel document information, on all international flights to and from 
the United States against the TSDB, criminal history information, 
records of lost or stolen passports, public health records, and prior 
immigration or customs violations and visa refusals.
---------------------------------------------------------------------------
    CBP's pre-departure vetting efforts work in concert with TSA's 
Secure Flight program, which vets passengers flying to, from, over, and 
within the United States against the No-Fly and Selectee portions of 
the TSDB.
Overseas Enforcement Programs and Partnerships
    Supported by these targeting efforts, CBP uses overseas enforcement 
capabilities and partnerships to extend our zone of security. Working 
in conjunction with the NTC, CBP's overseas programs--Preclearance, 
Immigration Advisory and Joint Security Programs (IAP/JSP), and 
Regional Carrier Liaison Groups (RCLGs)--provide the ability to address 
those risks or prevent the movement of identified threats toward the 
United States at the earliest possible point.
    Preclearance provides for the complete inspection, including 
determination of an alien's admissibility to the United States for all 
travelers before passengers ever board a U.S.-bound flight from a 
foreign location at which preclearance is established. Through 
preclearance, CBP is able to work with foreign law enforcement 
officials and commercial carriers to prevent the boarding of 
potentially high-risk travelers, leveraging law enforcement authorities 
consistent with the governing agreements, as opposed to serving a 
purely advisory role. Preclearance also provides unique facilitation 
benefits, generally allowing precleared passengers to proceed to their 
final destination without further CBP processing, as if they had 
arrived on a domestic flight. It is important to note, however, that 
CBP always retains the authority to conduct further inspection or 
engage in enforcement action of a precleared flight upon its arrival in 
the United States. CBP currently has 15 Preclearance locations in six 
countries: Dublin and Shannon in Ireland; Aruba; Freeport and Nassau in 
The Bahamas; Bermuda; Abu Dhabi, United Arab Emirates; and Calgary, 
Toronto, Edmonton, Halifax, Montreal, Ottawa, Vancouver, and Winnipeg 
in Canada.
    Building upon the success of existing Preclearance operations, CBP 
intends to expand the program to new locations. DHS prioritization for 
expansion includes technical site visits to interested airports, during 
which each airport is carefully evaluated based on the current and 
future capacity to host CBP Preclearance operations and aviation 
security screening meeting TSA standards, as well as an analysis of the 
potential facilitation and homeland security benefits. CBP is currently 
negotiating with several countries interested in establishing 
Preclearance operations, and recently concluded agreements to cover 
Stockholm, Sweden (signed November 4, 2016) and Punta Cana, Dominican 
Republic (signed December 1, 2016).
    Through IAP, CBP officers in plain clothes are posted at major 
gateway airports in Western Europe, with a presence in Asia and the 
Middle East including: Amsterdam, Frankfurt, London Heathrow, London 
Gatwick, Manchester, Madrid, Paris, Tokyo, and Doha. Building on the 
IAP concept, CBP launched the JSP, partnering with host country law 
enforcement to identify high-risk travelers. JSP officers are posted in 
Mexico City, Panama City, and San Salvador.
    Finally, Regional Carrier Liaison Groups (RCLG) were developed to 
provide coverage of non-IAP airports and support Preclearance airports. 
CBP coordinates with the RCLGs to prevent terrorists and other 
inadmissible aliens from boarding U.S.-bound commercial aircraft. The 
RCLGs, which are located in Honolulu, Miami, and New York, are staffed 
by CBP officers and utilize established relationships with the 
commercial airlines to prevent passengers who may pose a security 
threat, who present fraudulent documents, or those who are otherwise 
inadmissible from boarding flights to the United States.
Arrival Processing
    CBP's use of advance information and targeting are key elements of 
CBP's multi-layered security strategy to address concerns long before 
they reach the physical border of the United States. It is important to 
note that upon arrival in the United States, all persons, regardless of 
citizenship, are subject to inspection by CBP officers. CBP officers 
review entry documents, collect biometrics,\5\ query CBP and other law 
enforcement databases with both biographic and biometric information, 
and interview each traveler to confirm identity, determine the purpose 
and intent of their travel, and whether any further inspection is 
necessary based on, among other things, National security, 
admissibility, customs, or agriculture concerns.
---------------------------------------------------------------------------
    \5\Generally speaking, biometrics are collected from aliens 
arriving at U.S. airports, except for: (i) Certain Canadian citizens 
temporarily visiting the United States; (ii) children under the age of 
14; (iii) persons over the age of 79; and (iv) aliens admitted on A-1, 
A-2, C-3 (except for attendants, servants, or personal employees of 
accredited officials), G-1, G-2, G-3, G-4, NATO-1, NATO-2, NATO-3, 
NATO-4, NATO-5, or NATO-6 visas; and (v) certain Taiwan officials who 
hold E-1 visas or members of their immediate family who hold E-1 visas.
---------------------------------------------------------------------------
    During arrival processing, CBP officers remove from circulation 
counterfeit, fraudulent, and altered travel documents, as well as lost 
or stolen travel documents presented for use by an individual other 
than the rightful holder. In fiscal year 2016, CBP intercepted 7,689 
fraudulent documents. CBP's Fraudulent Document Analysis Unit maintains 
a central fraudulent document repository and provides analysis, 
intelligence, alerts, and training back to the field. Furthermore, 
through the Carrier Liaison Program, CBP officers provide interactive 
training to commercial air carrier participants to improve the air 
carrier's ability to detect and disrupt improperly documented 
passengers. Since the program's inception in 2005, CLP has provided 
training to more than 36,341 airline industry personnel.
    Furthermore, CBP Tactical Terrorism Response Teams (TTRT) of CBP 
officers who are specially trained in counterterrorism response are 
deployed at the 46 largest POEs--including 22 POEs added in calendar 
year 2017 to conduct advanced interview training. TTRT officers are 
responsible for the examination of travelers identified within the TSDB 
as well as other travelers, their associates, or co-travelers who 
arrive at POE and are suspected of having a nexus to terrorist 
activity. TTRT officers work closely with NTC analysts to exploit 
information derived from targeting and inspection to mitigate any 
possible threat. During fiscal year 2017, through September 2017, more 
than 1,400 individuals were denied entry to the United States as a 
result of TTRT efforts and information discovered during the secondary 
inspection at POEs.
                               conclusion
    CBP will continue to work with our Federal and international 
partners--as well as commercial carriers and the trade community--to 
ensure the security and facilitation of the immense volume of 
international air travelers and cargo. We will continue to collaborate 
to strengthen on-going efforts to secure the aviation sector against 
terrorists and other threats, and promote safe and efficient 
international travel and trade to the United States.
    Chairman Katko, Ranking Member Watson Coleman, and Members of the 
subcommittee, thank you for the opportunity to testify today. I look 
forward to answering your questions.

    Mr. Katko. Thank you, Mr. Lynes. Every time I hear someone 
mention Pan Am 103 I think of one of my best friends for the 
last 20 years who lost his sister on that flight from Oswego 
State. I also think of the 35 students from Syracuse University 
who died on that flight and that were in my district.
    There is a big monument up on the university where I went 
to law school commemorating that terrible day, and it is what 
drives me and drives all of us, I think, to make sure something 
like that never happens again.
    But we must face reality that that is always a possibility 
and that is always a goal of the bad guys, so we have to be 
ever vigilant in what we do here on our committee to make sure 
that we are doing everything we can to hold people's feet to 
the fire in the international community.
    We appreciate you being here today, and we thank you for 
your testimony, Mr. Lynes.
    Our second witness is Mr. Todd Owen. Mr. Owen became the 
assistant commissioner of the office of field operations in 
February. He currently oversees over 29,000 employees including 
more than 24,00 CBP officers and CBP agricultural specialists.
    Previously, Mr. Owen served as the director of field 
operations for the Los Angeles field office, where he had 
responsibility and oversight for all CBP operations in the 
greater Los Angeles area.
    Prior to arriving in Los Angeles, Mr. Owen served as 
executive director of Cargo and Conveyance Security in 
Washington, DC, and as a director of the Customs-Trade 
Partnership Against Terrorism, also known as--I can't even 
pronounce it--C-TPAT.
    The Chair now recognizes Mr. Owen for his opening 
statement, and I must admit that is one of the more interesting 
acronyms I have seen in Washington, so welcome.
    Now before you start, Mr. Thompson is here. He is the 
Ranking Minority Member on the Homeland Security Committee, and 
when we get done with your testimony, if you would like, Mr. 
Thompson, we would be happy to allow you to make a statement.
    Mr. Thompson. OK.
    Mr. Katko. OK.
    Please go ahead, Mr. Owen.

 STATEMENT OF TODD C. OWEN, EXECUTIVE ASSISTANT COMMISSIONER, 
OFFICE OF FIELD OPERATIONS, CUSTOMS AND BORDER PROTECTION, U.S. 
                DEPARTMENT OF HOMELAND SECURITY

    Mr. Owen. OK. Good morning, Chairman Katko, Ranking Member 
Watson Coleman, distinguished Members of the subcommittee. 
Thank you for the opportunity to appear today to discuss U.S. 
Customs and Border Protection's role in cargo and passenger 
security as it pertains to the international aviation sector. 
As the unified border security agency of the United States, CBP 
is charged with securing our borders and preventing the 
introduction of terrorists and terrorist weapons into our 
country.
    In response to 9/11 and the persisting threats from 
terrorists who have long viewed aviation as the leading target 
for attack, CBP continues to adapt our multi-layered security 
approach and strengthen our ability to detect risk and mitigate 
diverse aviation threats, those posed by passengers, cargo, 
commercial conveyances arriving at our ports of entry.
    This multi-layered approach is integrated into every aspect 
of our rigorous travel and cargo security operations at every 
stage along the international trade and travel continuums.
    Each day over 1 million international travelers cross our 
borders, approximately 300,000 in the air environment. 
Additionally, over 1 million international air cargo packages 
enter our country every day. As international travel continues 
to grow, and with the increase in e-commerce, these volumes are 
sure to climb.
    In the travel environment, CBP leverages advanced data, 
enhanced targeting systems, multiple pre-departure safeguards, 
international programs and partnerships, all part of our 
strategy to secure air travel by pushing our borders outward 
through the early identification of and response to potential 
threats.
    CBP's travel security approach starts well before the 
traveler boards a plane. Before traveling to the United States 
most foreign nationals must obtain a nonimmigrant or immigrant 
visa issued by the U.S. embassy or consulate.
    Or if they are eligible for travel under the visa waiver 
program, they must apply and be approved for travel 
authorization through the Electronic System for Travel 
Authorization or ESTA.
    From the moment they apply for a visa, or complete their 
ESTA, CBP's national targeting center begins to assess the risk 
of the applicant against law enforcement, intelligence and 
National security databases. This vetting performed by CBP is 
continuous and occurs through arrival into the United States 
ports of entry.
    Then, once travel is booked and before the flight departs, 
CBP then uses airline reservation data, airline passenger 
manifests, previous border inspection information, intelligence 
and law enforcement information to identify travelers of 
National security concern or who are likely inadmissible into 
the United States.
    CBP is then able to address potential concerns through a 
suite of international enforcement and liaison programs, such 
as pre-clearance, the Immigration Advisory Program, the joint 
security program and through our regional carrier liaison 
groups.
    These partnerships provide CBP the ability to address 
identified risk or prevent the boarding of individuals who pose 
a threat to the country or are inadmissible into the United 
States.
    It is important to note that upon arrival into the United 
States, all persons, regardless of citizenship, are subject to 
inspection by CBP officers. CBP officers review entry 
documents, collect biometrics, query CBP and other law 
enforcement databases and interview each traveler before 
deciding if the traveler is admissible into the United States.
    Likewise, in the air cargo environment, CBP leverages 
advanced information about the cargo, conveyances, and persons 
involved in a shipment to identify those shipments which may 
potentially pose a risk to homeland and aviation security.
    As part of our Air Cargo Advanced Screening pilot program, 
or ACAS, CBP receives advanced information on shipments prior 
to loading onto the aircraft bound for the United States.
    Air cargo shipments warranting additional scrutiny may be 
examined at the last point of departure through coordination 
with our TSA and international partners. The ACAS program was 
launched by CBP and TSA in October 2010 in response to the 
foiled Yemen printer cartridge bomb plot.
    To date, the ACAS pilot program has 53 voluntary 
participants from the air cargo community and covers 83 percent 
of the air cargo shipments headed to the United States. Lessons 
learned from the program have allowed CBP to effectively 
target, identify, and mitigate risk in the air cargo 
environment, while minimizing impact on trade operations.
    In conclusion, CBP will continue to work with our Federal 
and international partners, as well as commercial carriers in 
the trade community, to strengthen our on-going efforts to 
secure the aviation sector against terrorists and other 
threats, and promotes safe and efficient international travel 
and trade to the United States.
    Chairman Katko, Ranking Member Watson Coleman, Members of 
the subcommittee, thank you for the opportunity to testify 
today, and I look forward to answering your questions.
    Mr. Katko. Thank you, Mr. Owen. We appreciate you taking 
the time to be here today and provide your testimony.
    Our third witness is well-known to us. That is Ms. Jennifer 
Grover. Ms. Grover is the director of Government Accountability 
Office's Homeland Security and Justice Team, leading a 
portfolio of work on transportation security.
    In this position she oversees GAO's reviews of the TSA and 
Coast Guard programs and operations. She joined GAO in 1991 and 
regularly testifies before Congressional committees as an 
expert witness. She earned a Master's degree in public policy 
administration from the University of Wisconsin--Madison, and a 
Bachelor's degree in political science from the University of 
Illinois of Urbana--Champaign.
    I now recognize Ms. Grover for her opening statement.

 STATEMENT OF JENNIFER GROVER, DIRECTOR, HOMELAND SECURITY AND 
         JUSTICE, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Grover. Thank you. Good morning, Chairman Katko, 
Ranking Member Thompson, Ranking Member Watson Coleman, other 
Members of the subcommittee and the staff. Thanks for the 
opportunity to testify today on last-point-of-departure 
airports.
    My main message is that TSA has a strong program in place 
to assess security and address deficiencies at foreign 
airports, but could improve its data management to better 
understand the effectiveness of different approaches that they 
use to enhance foreign airport security, as well as the overall 
state of LPD security.
    Through its assessments, TSA evaluates the security 
measures that are in place at the roughly 300 airports across 
the world that fly directly to the United States.
    Over the past years TSA has significantly improved its 
foreign airport assessment program by adding more consistent 
and targeted assessments, risk-based operations, more 
systematic vulnerability scores and new approaches for data 
analysis.
    When TSA inspectors do identify a deficiency, they have a 
broad set of tools that they can use to help foreign officials 
address the problem, including on-the-spot counseling, training 
for airport staff, technical consult, and providing equipment.
    Importantly, TSA can also require the air carriers 
operating from that airport to implement security procedures to 
help fill any gaps in airport security measures.
    Figuring out how to best address a deficiency is 
complicated because each airport is unique in its laws, 
customs, the equipment, and the knowledge about how best to use 
it. So what works at one airport may not always work well at 
another airport that has the same type of problem.
    Therefore TSA needs good data on the root causes behind 
each deficiency, what corrective actions were recommended, what 
capacity-building steps were taken and the outcome to 
understand how to most effectively deploy its resources.
    We found that TSA does have a data management system to 
track these factors, but agency officials are not using it 
consistently and the data fields are not specific enough. For 
example, our review of the 2016 data showed that 70 percent of 
the data on root causes and corrective actions was blank.
    If TSA officials were to complete the databases required 
and if the data collected was more specific, the agency could 
analyze the relative success of different types of approaches 
and would also have better visibility on the state of security 
at LPD airports world-wide. In our forthcoming report we will 
recommend that TSA make these changes.
    One note of caution before I conclude. Although TSA has a 
strong program for assessing foreign airports, that does not 
necessarily ensure strong security across all LPD airports. 
Some airports still struggle to fully implement all aspects of 
the ICAO standards. Our analysis of 5 years' worth of TSA data 
from 2012 to 2016 showed regional variation in LPD airport 
compliance with the ICAO standards.
    TSA considers the results to be sensitive so I can't 
address them here, but I can say that airports in certain 
regions are more likely to fall short of the standards and that 
some of the ICAO standards tend to be more challenging to 
implement than others.
    Given the on-going vulnerabilities that remain at some LPD 
airports, TSA should pursue improved data management to better 
monitor the relative effectiveness of the wide variety of 
different approaches that they have available to them, as well 
as the aviation security environment as a whole. This concludes 
my statement. I look forward to your questions.
    [The prepared statement of Ms. Grover follows:]
                 Prepared Statement of Jennifer Grover
                           September 26, 2017
    Chairman Katko, Ranking Member Watson Coleman, and Members of the 
subcommittee: Thank you for the opportunity today to discuss our work 
examining the Transportation Security Administration's (TSA) foreign 
airport assessment and air carrier inspection programs. We are 
conducting this work in response to a provision in the Aviation 
Security Act of 2016.\1\
---------------------------------------------------------------------------
    \1\ See Pub. L. No. 114-190, tit. III, Sec.  3202(b), 130 Stat. 
615, 652 (2016). The Aviation Security Act was enacted on July 15, 2016 
as title III of the FAA Extension, Safety, and Security Act of 2016.
---------------------------------------------------------------------------
    Civil aviation, including U.S.-bound flights, remains a target of 
coordinated terrorist activity. The threat has become more diverse as 
adversaries develop new tactics to attack the aviation system. With 
approximately 300 airports in foreign countries offering last-point-of-
departure flights to the United States, TSA's efforts to evaluate the 
security of foreign airports and air carriers that service the United 
States--and mitigating any identified security risks--are of vital 
importance in ensuring the security of the aviation system.
    This statement is based on a draft report, the sensitive version of 
which is currently with TSA for comment.\2\ This testimony discusses 
key preliminary findings from that report on: (1) The steps TSA has 
taken to enhance foreign airport assessments and air carrier 
inspections since 2011 and (2) the steps TSA takes to address any 
deficiencies identified during foreign airport assessments and air 
carrier inspections. In addition to these objectives, our forthcoming 
sensitive report will describe the results of TSA's foreign airport 
assessments and air carrier inspections. We also plan to issue a public 
version of that report.
---------------------------------------------------------------------------
    \2\ We shared the information in this statement with TSA for a 
sensitivity review and to obtain its views. TSA officials provided us 
with technical comments, which we have incorporated as appropriate, and 
determined that the statement contains no sensitive information.
---------------------------------------------------------------------------
    To address these objectives, we reviewed TSA documents, including 
its 2016 Foreign Airport Assessment Program Standard Operating 
Procedures (FAAP SOP). In addition, we interviewed senior TSA 
officials, inspectors, and country and industry liaisons located at TSA 
headquarters and in the field. We also interviewed other stakeholders, 
such as officials with the Department of State (State) and the European 
Commission (EC) to discuss efforts these organizations have in place to 
enhance international aviation security and their experiences 
coordinating with TSA. We accompanied a team of TSA inspectors during 
an air carrier inspection at an airport in Europe and we spoke with 
airport officials and representatives from two air carriers at a 
separate European airport. We based our site selection on several 
factors, including the air carrier locations TSA had plans to inspect 
during the course of our audit work and host Government willingness to 
allow us to accompany TSA. Finally, we compared TSA's efforts to 
leverage information for capacity development to the FAAP SOP and 
criteria for obtaining and processing information in Federal internal 
control standards.\3\
---------------------------------------------------------------------------
    \3\ GAO, Standards for Internal Control in the Federal Government, 
GAO-14-704G (Washington, DC: September 2014).
---------------------------------------------------------------------------
    The work upon which this statement is based is being conducted in 
accordance with generally accepted Government auditing standards. Those 
standards require that we plan and perform the audit to obtain 
sufficient, appropriate evidence to provide a reasonable basis for our 
findings and conclusions based on our audit objectives. We believe that 
the evidence obtained provides a reasonable basis for our findings and 
conclusions based on our audit objectives.
                               background
    Enacted shortly after the September 11, 2001, terrorist attacks, 
the Aviation and Transportation Security Act (ATSA) established TSA and 
gave the agency responsibility for securing all modes of 
transportation, including the Nation's civil aviation system.\4\ 
Consistent with ATSA and in accordance with existing statutory 
requirements, TSA is to assess the effectiveness of security measures 
at foreign airports: (1) Served by a U.S. air carrier, (2) from which a 
foreign air carrier serves the United States, (3) that pose a high risk 
of introducing danger to international air travel, and (4) that are 
otherwise deemed appropriate by the Secretary of Homeland Security.\5\
---------------------------------------------------------------------------
    \4\ See Pub. L. No. 107-71, 115 Stat. 597 (2001); 49 U.S.C. 
Sec. 114. For purposes of this statement, U.S.-flagged air carriers are 
air carrier operations regulated in accordance with 49 C.F.R. part 1544 
and are referred to as ``U.S. air carriers'' or ``domestic air 
carriers,'' and foreign-flagged air carriers are air carrier operations 
regulated in accordance with 49 C.F.R. part 1546 and are referred to as 
``foreign air carriers.''
    \5\ 49 U.S.C. Sec. 44907. Prior to the establishment of DHS in 
March 2003, authority for conducting foreign airport assessments 
resided with the Secretary of Transportation and was carried out by the 
Federal Aviation Administration (FAA). TSA assumed responsibility for 
conducting the assessments following the enactment of ATSA (enacted 
Nov. 19, 2001). In March 2003, TSA transferred from the Department of 
Transportation to DHS in accordance with the Homeland Security Act of 
2002. See Pub. L. No. 107-296, Sec. 403(2), 116 Stat. 2135, 2178 
(2002).
---------------------------------------------------------------------------
    TSA assesses the effectiveness of security measures at foreign 
airports using select aviation security standards and recommended 
practices adopted by the International Civil Aviation Organization 
(ICAO), a United Nations organization representing 191 member 
countries.\6\ In addition, TSA is to conduct inspections of U.S. air 
carriers and foreign air carriers servicing the United States from 
foreign airports in order to ensure that they meet applicable security 
requirements, including those set forth in an air carrier's TSA-
approved security program.\7\
---------------------------------------------------------------------------
    \6\ See 49 U.S.C. Sec. 44907(a)(2)(C). ICAO has a primary objective 
to provide for the safe, orderly, and efficient development of 
international civil aviation.
    \7\ In general, domestic and foreign air carriers that operate to, 
from, or within the United States must establish and maintain security 
programs approved by TSA in accordance with requirements set forth in 
regulation at 49 C.F.R. parts 1544 (domestic air carriers) and 1546 
(foreign air carriers). See 49 U.S.C Sec. Sec. 44903(c), 44906; 49 
C.F.R. Sec. Sec. 1544.3, 1544.101-1544.105, 1546.3, 1546.101-1546.105.
---------------------------------------------------------------------------
    In 2007, we recommended that TSA take steps to improve oversight of 
its foreign airport assessment and air carrier inspection programs.\8\ 
In 2011, we reported on TSA's efforts to assess the security at foreign 
airports and made several recommendations to enhance program efficiency 
and effectiveness, among other things.\9\ Specifically, we recommended 
that TSA: (1) Develop a mechanism for trend analysis, (2) establish 
criteria and guidance to help decision makers with vulnerability 
ratings, and (3) consider the feasibility of conducting more targeted 
foreign airport assessments and compiling best practices. DHS concurred 
with the three recommendations and has since taken several actions to 
address them all, including developing a mechanism to compile and 
analyze best practices.
---------------------------------------------------------------------------
    \8\ GAO, Aviation Security: Foreign Airport Assessments and Air 
Carrier Inspections Help Enhance Security, but Oversight of These 
Efforts Can Be Strengthened, GAO-07-729 (Washington, DC: May 11, 2007).
    \9\ GAO, Aviation Security: TSA Has Taken Steps to Enhance its 
Foreign Airport Assessments, but Opportunities Exist to Strengthen the 
Program, GAO-12-163 (Washington, DC: October 21, 2011).
---------------------------------------------------------------------------
   since 2011, tsa has taken various steps to strengthen its foreign 
         airport assessment and air carrier inspection programs
    Our preliminary analysis showed that, since 2011, TSA has taken 
various steps to strengthen its foreign airport assessment and air 
carrier inspection programs. For instance, TSA has taken steps to:
   Better target program resources based on risk.--For example, 
        based on a recommendation in our 2011 report, TSA has taken 
        actions to conduct more targeted foreign airport assessments. 
        Specifically, TSA developed the Pre-Visit Questionnaire, which 
        foreign airport officials fill out prior to TSA's visit. This 
        information enables each TSA foreign airport assessment team to 
        tailor the on-site assessment at each airport and focus TSA's 
        assessment efforts on specific areas of concern. TSA also 
        implemented more focused airport assessments, known as targeted 
        risk assessments, in locations where risk is high or there are 
        other factors that require a more focused evaluation of the 
        site's security posture.
   Strengthen foreign airport access and the comprehensiveness 
        of its airport and air carrier evaluations.--For instance, 
        according to TSA officials, the agency has used several tactics 
        to resolve access issues and overcome delays with scheduling 
        foreign airport visits at certain locations, including 
        deploying the same inspectors over multiple assessments to 
        build rapport with foreign airport officials. Furthermore, 
        since our 2011 review, TSA has begun primarily assessing 
        airports in Europe through joint assessments with the EC.\10\ 
        TSA officials we met with indicated that TSA's strong 
        relationship with the EC has afforded the agency excellent 
        access to foreign airports in Europe and a better understanding 
        of vulnerabilities at these locations, which has resulted in 
        more comprehensive assessments.
---------------------------------------------------------------------------
    \10\ The EC is the executive body of the European Union and is 
responsible for proposing legislation, implementing decisions, 
upholding the Union's treaties, and the general day-to-day running of 
the Union.
---------------------------------------------------------------------------
   Create operational efficiencies.--For instance, TSA 
        developed the Global Risk Analysis and Decision Support System 
        (GRADS) to streamline the assessment report writing process and 
        strengthen the agency's data analysis capabilities of its 
        foreign airport assessment results. According to TSA officials, 
        GRADS has provided agency personnel with a number of benefits, 
        including the ability to run standardized reports, extract and 
        analyze key data, and manage airport operational information, 
        such as data on security screening equipment.
     tsa addresses security deficiencies through various capacity 
       development efforts, but data management challenges exist
TSA Assistance to Foreign Airports and Air Carriers
    Our preliminary analysis showed that TSA assists foreign airports 
in addressing identified security deficiencies in various ways. For 
instance, inspectors transfer knowledge on how to mitigate identified 
airport security deficiencies to foreign airport officials. According 
to TSA officials, inspectors typically offer on-the-spot counseling 
during airport assessments when they discover deficiencies, usually of 
an infrequent, less serious, or technical nature, that can be addressed 
immediately. To address deeper problems with staff security knowledge 
or to strengthen staff knowledge in an evolving threat environment, TSA 
may provide training, such as traditional classroom courses or 
interactive workshops, to foreign airport staff. TSA also assists 
foreign governments in securing technical assistance and consultation 
provided by TSA and other U.S. and foreign government agencies to help 
improve security at foreign airports, particularly after security 
incidents or at airports in developing countries.
    TSA also takes steps, such as on-the-spot counseling, to help air 
carriers address security deficiencies identified during air carrier 
inspections. According to TSA, since carriers have TSA-approved 
security programs, additional training may not be necessary to correct 
small issues. Rather, officials said that counseling air carrier staff 
on the proper procedures and follow up observations of them practicing 
the procedures may suffice. In addition, TSA assigns liaisons to 
counsel air carriers and provide clarification regarding TSA security 
requirements when necessary.
Leveraging Information and Enhancing Data Management
    Our preliminary analysis indicated that, since our 2011 report, TSA 
has taken a number of steps to strengthen its analytical processes and 
better understand the impact of the foreign airport assessment and air 
carrier inspection programs. Specifically, TSA now conducts regional 
strategy meetings in which officials examine trend data for airport 
assessments and air carrier inspections, identify common areas of non-
compliance, and develop capacity building approaches customized to one 
of four regions: Africa-Middle East, Asia-Pacific, Europe, and Western 
Hemisphere. TSA also produces regional risk reports, which are meant to 
provide TSA personnel operating within each of the four regions with an 
understanding of known vulnerabilities in the region in order to inform 
mitigation planning efforts.
    While TSA has taken steps to leverage the results of foreign 
airport assessments and air carrier inspections to monitor system-wide 
vulnerabilities and inform capacity development, our preliminary 
analysis showed that TSA lacks key information for decision making. For 
instance, TSA's database for tracking the resolution status of 
identified foreign airport deficiencies has gaps and its system for 
categorization does not result in sufficient specificity of information 
related to security deficiencies' root causes and corrective actions.
    Root causes represent the underlying reason why an airport is not 
meeting security standards and, according to TSA documentation, fall 
into three general categories: Lack of knowledge, lack of 
infrastructure, and lack of will. Corrective actions are efforts to 
mitigate security deficiencies and might include training and other 
capacity-building efforts. According to TSA, a thorough understanding 
of the underlying reasons for each deficiency is critical to selecting 
the appropriate mitigation activities. However, we found that 70 
percent of fiscal year 2016 records in TSA's database exhibited empty 
fields pertaining to root cause or recommended corrective action. TSA 
officials indicated that the agency began requiring staff to record 
root cause and corrective action information in 2015 and that 
institutionalizing this requirement to facilitate consistent data entry 
will take time. Having complete data on root causes and corrective 
actions would help TSA systematically monitor airport performance in 
addressing deficiencies and leverage information for decision making 
regarding capacity development.
    We also found that the same database has limitations related to the 
categorization of root causes and corrective actions. TSA procedures 
indicate that root causes may relate to three broad categories, as 
explained earlier, and 12 subcategories: Aviation security 
infrastructure, communication, cultural factors, human factors, 
management systems, physical infrastructure, procedures, quality 
control, resources, supervision, technology, and training. However, the 
database does not include a field to categorize root causes according 
to these subcategories or other more specific areas. As a result, it 
does not capture more granular information that would better explain 
the specific root cause of an identified security issue. Moreover, 
information on recommended corrective actions is stored entirely in 
narrative fields and, therefore, is difficult to analyze without manual 
intervention.
    TSA staff stated that they recognize that the classification of 
data currently contained in the database could be improved, but that 
they have not had an opportunity to address the issues because they 
have been focused on developing the newest release of GRADS. TSA staff 
also indicated that they are exploring opportunities to better classify 
data in future releases of GRADS. However, according to TSA procedures, 
a thorough understanding of the underlying reasons for each deficiency 
is critical to properly selecting the appropriate mitigation 
activities. By classifying information on root causes and corrective 
actions with additional specificity, TSA would be better positioned to 
assure that corrective actions accurately address the specific, 
underlying reasons for security vulnerabilities. Our draft report 
includes two recommendations to TSA to strengthen data management.
    Chairman Katko, Ranking Member Watson Coleman, and Members of the 
subcommittee, this concludes my prepared statement. I would be pleased 
to respond to any questions that you may have at this time.

    Mr. Katko. Thank you very much, Ms. Grover. Before I 
recognize myself for 5 minutes of questions, I want to 
recognize my friend from Mississippi, the Ranking Minority 
Member Mr. Thompson for 5 minutes of opening statement.
    Mr. Thompson. Thank you very much, Mr. Chairman. I am 
interested in getting to the questions, and I will just submit 
my written testimony for the record.
    Mr. Katko. Thank you, Mr. Thompson.
    [The statement of Ranking Member Thompson follows:]
             Statement of Ranking Member Bennie G. Thompson
                           September 26, 2017
    Thank you to the Chairman and Ranking Member for holding today's 
hearing.
    I also thank our witnesses for appearing before the subcommittee.
    Earlier this month, we commemorated the anniversary of the 
September 11 terrorist attacks. Unfortunately, 16 years after the 
attacks, terrorist threats to transportation systems both abroad and at 
home remain.
    Last month, we saw the threat to cargo security when Australians 
connected to ISIS were arrested in connection with attempting to place 
an explosive on an international flight. Less than 2 weeks ago, we saw 
the threat to rail and public transportation systems when a bomb 
partially detonated on the London Underground.
    We know that terrorist networks often encourage attacks overseas to 
be mirrored in the United States, and just this summer, Inspire 
magazine called for attacks against U.S. rail systems. Persistent 
threats to transportation systems make clear that we must remain 
vigilant and build on the significant transportation security 
improvements made by the Obama administration.
    I look forward to hearing testimony from GAO and TSA about the 
progress made over the last decade to improve foreign airport 
assessments and air carrier inspections and their recommendations for 
further enhancements.
    I also look forward to hearing from CBP about the future of its 
Preclearance program. The Obama administration recognized the security 
benefit of having our CBP officers overseas to screen U.S.-bound 
passengers and expanded the program for the first time in decades. I 
hope to hear about the status of negotiations initiated under the prior 
administration to expand the program.
    Additionally, I have real questions about whether President Trump--
with his preoccupation with banning travelers from Muslim-majority 
countries and building a Border Wall--will continue efforts to expand 
Preclearance and implement other meaningful aviation security measures.
    I also have serious questions about the newest misguided travel ban 
announced this week and its potential detrimental effects to our 
Nation's security and our American values.
    In closing, I want to recognize the front-line officers working 
every day to keep the American people safe. Their hard work and 
dedication allows our security systems to operate effectively and we 
thank them for their service to our country.
    Once again, thank you to the witnesses for being here today. I 
yield back the balance of my time.

    Mr. Katko. I now recognize myself for 5 minutes of 
questions. Ms. Grover, I want to start with you, a couple of 
quick questions I have for you. You mentioned--well, one 
really. You mentioned they can prove data management, but 
something you said later in your testimony really kind of 
concerned me, and that was that some airports struggle to 
comply with ICAO standards.
    As you know and the whole panel knows, ICAO standards are 
the bare minimum by which airports must operate. If LPD 
airports are not complying or struggling to comply with even 
the bare minimum standards of international travel, that is 
quite concerning to me, to say the least.
    So I know we can't get into which airports and which 
standards they are struggling to comply with in an opening 
setting, but I definitely want to be able to follow up with you 
in a secure setting either through a briefing or through 
written statements for the committee to have.
    But I want to take a step back for a second about the ICAO 
standards overall. Based on your years of experience and what 
you have seen, do you have concerns about some of the 
requirements of ICAO standards not being sufficient, No. 1? No. 
2, do you have any concerns about, any suggestions about how we 
can make those standards better?
    One of the things I am concerned about is what you said. If 
we have these standards and people are struggling to meet them, 
why are they still having LPD airports flying into the United 
States?
    Ms. Grover. Yes, sir, I appreciate the question. So the 
ICAO standards are very broad and they encompass essentially 
all aspects of airport operations. So in that aspect they are 
quite comprehensive, and I agree they do provide a baseline set 
of standards and they are non-prescriptive. So there are lots 
of different ways that airports across the world in theory 
could meet the standards.
    So this really gets at the heart of what we are talking 
about today is the TSA inspectors, when they are out doing 
their assessment every single time, they have to make a 
judgment about what they see in place at that airport to say is 
this situation adequate to ensure security?
    What they do is at the end of each assessment they 
essentially rate the airport on a 1 to 5 scale, depending on 
their assessment of the vulnerabilities. So is everything in 
good shape or are there vulnerabilities that are coming to the 
fore?
    Mr. Katko. Now, is that assessment, that 1 to 5 scale, is 
that based on the ICAO standards or is it just based like on 
other standards as well?
    Ms. Grover. It is based on the ICAO standards. It is based 
on the inspector's assessment of how well the airport is doing 
at implementing the ICAO standards. They have several tools 
that they can use that TSA has developed over time to make sure 
that those judgments are consistent and that they look at 
everything that is important.
    So, you know, TSA also has several tools they can use to 
work with airports, and the air carriers are really the 
fallback measure. So it is important to note that even if there 
are vulnerabilities at an airport, that doesn't necessarily 
mean the flight departing that airport is not secure because 
the air carriers can fill in as a backstop.
    Mr. Katko. OK. That still is troubling to me because of 
course airlines want to make sure their flights are safe, but 
there is a business aspect, a business incentive that is quite 
strong to make sure they do that. But still I am not quite sure 
I understand the depth or gravity of the situation with respect 
to airports or not being able to keep up with the ICAO 
standards, so we will have to talk about that in a secure 
setting.
    But more importantly do you think it is time for more 
prescriptive measures for ICAO, given the repeated attempts in 
some successful, some not successful, airports especially in 
the Middle East?
    I mean, look what we have had. We have had the Daallo 
Airlines, the Metrojet. We have Egypt Air, and we had the 
attempt in Australia. That is all over the last 2 years. So I 
am interested in that.
    Ms. Grover. Sir, I would defer to DHS on that. At the end 
of the day it is the responsibility of the DHS Secretary to 
determine whether or not the measures in place at any airport 
are sufficient. The Secretary always had the option of saying 
that flights cannot come to the United States from a specific 
airport.
    As far as strengthening ICAO standards, I mean, I do think 
it would be valuable to follow up with TSA. They have all of 
the data on the specific vulnerability scores and the risk 
assessments. So they have a good understanding of the 
vulnerabilities across the world, as well as the threats.
    But given that there are airports that are currently not 
meeting the ICAO standards regularly that are in place now, I 
am not sure that raising them across the board would 
necessarily help lift up those airports. TSA has a number of 
tools that they are using to try to work with airports to 
enhance their efforts to meet the current ICAO standards.
    Mr. Katko. I understand that, but for example, the laptop 
ban seemed to snap some of those airports into order, and I 
really applaud the Homeland Security and TSA for having the 
guts to do that because it worked. It sounds like they got 
their act together.
    But I don't think we should be in a situation, and we will 
ask the others as well, of just simply saying, well, since they 
can't meet the ICAO standards as they are now so there is no 
sense raising them. That is not what we should do.
    We don't want another Pan Am Flight 103. We don't want 
another attempt like the Australian Airlines. Lord knows, based 
on the secure briefings we have all had, that the 
vulnerabilities are getting more and more difficult to detect. 
So I think we need to have a more robust discussion in a secure 
setting on that.
    But Mr. Owen, I would like to hear from you about my 
question about ICAO standards, whether you think that they are 
sufficient, whether they need to be tweaked, whether they need 
to be revamped?
    Mr. Owen. Well, really with the ICAO standards that really 
is under the purview of TSA. Where CBP comes involved is at 
those last-point-of-departure airports where we have a physical 
presence, i.e., the pre-clearance locations.
    We do have 15 pre-clearance locations around the world, and 
as part of that agreement with pre-clearance, those airports 
adopt higher security standards, not only on the screening side 
as administered by TSA, but as well as things such as vetting 
the airport employees who have access to the Federal inspection 
site to the aircraft.
    At those 15 pre-departure airports, individuals with 
access, we have their biographic and biometric information, 
which we run through all of our targeting screening. So in many 
ways I see pre-clearance as the gold standard in our 
counterterrorism efforts overseas at last points of departure.
    Again, we are at 15 locations. Ranking Member, we are 
expanding. We have two new agreements in place, and we are 
negotiating with another 10 countries. So we will continue to 
advance that program under the last administration as well as 
under the current administration.
    Mr. Katko. So what can we do? I agree with Mrs. Watson 
Coleman, as well. I think pre-clearance is critically 
important. So what can we do in Congress to help you expand 
that program and incentivize all those countries to get on-
board? Because that may be a way to basically say if you are 
not--I am sorry, LPD, if you are not on-board you are not doing 
your job, we can't take the risk.
    Mr. Owen. Yes, absolutely.
    Mr. Katko. What can we do to help you with that?
    Mr. Owen. Absolutely. With the pre-clearance, again, the 
countries come to us in a voluntary nature. So anything we can 
do to encourage additional countries to want to partner with us 
through the pre-clearance model is definitely the step forward.
    We need to make sure in each of the pre-clearance 
agreements that we do sign that our officers have the full 
authorities to conduct the performance of their duties as they 
would in a U.S. airport. So we cannot have reduced standards 
for our officers overseas. They must have the same standards as 
we do here in the United States.
    Mr. Katko. All right. That is excellent.
    Mr. Lynes, anything you want to add before I turn it over 
to Mrs. Watson Coleman and Mr. Thompson?
    Mr. Lynes. Yes, thank you. As you know, the ICAO standards 
are outcome-focused. As Ms. Grover pointed out, our TSA 
assessment and inspection teams they are looking at actually at 
the implementation effectiveness of those standards.
    For example, controlling, one of the standards would be all 
contracting States shall ensure and control access to a 
critical restricted area of an airport. Our inspection teams 
are looking at how well that is being performed. We do that by 
first reviewing the National programs, what is set out by the 
State. Then that is at the macro level.
    Then we will get back into looking at the actual airport 
implementation, how well that airport is meeting those 
standards. They could be, such as having a fence with three 
strands of barbed wire.
    If we find a hole in the fence we are looking at, OK, what 
are they doing beyond that to control that, whether they have 
guards, patrols? So we are ensuring how well they are actually 
meeting that National standard during our assessments and 
inspections.
    Mr. Katko. Thank you very much.
    The Chair now recognizes the Ranking Member Mr. Thompson 
for 5 minutes of questions. I will note Mr. Thompson that I 
went over a little bit, and the Chair will exercise a lot of 
flexibility since we don't have a lot of Members here today.
    Mr. Thompson. Thank you very much, Mr. Chair.
    Ms. Grover, you talked a little bit about the lack of the 
analyzing data. Can you expound a little bit on that?
    Ms. Grover. Yes, sir. So at the micro level, TSA has good 
information about what is going on at each airport. One of the 
things that TSA has done really well in the past few years is 
developed regional data analysis groups.
    So they have their staff get together and they talk all 
about what are the threats and vulnerabilities for a specific 
set of groups in a region and talk about each airport. So at 
that level, they are really doing a fine job at keeping track 
of what is going on.
    But at a world-wide level, the database that they have set 
up to track the root causes behind the vulnerabilities that 
they find, the deficiencies, and the record of the corrective 
actions that they have recommended, it is just the data is not 
being entered as it should.
    So----
    Mr. Thompson. So excuse me. Is that from an operational 
standpoint that somebody is just not doing it?
    Ms. Grover. That is right. Somebody is just not doing it. 
It is a relatively new requirement, and I think it just hasn't 
become routine practice. But it is important to make sure that 
TSA has the information at an enterprise level to understand 
the different root causes behind the problems, what they are 
putting in place at the airports to try to fix it so that they 
can get a sense of what works and what doesn't.
    Mr. Thompson. Thank you.
    Mr. Lynes, have you been made aware of this?
    Mr. Lynes. Yes. Yes, I have, sir, and let me reassure the 
subcommittee that TSA is taking immediate action whenever we 
identify a vulnerability. We do have the documentation about 
those vulnerabilities, and we do concur with the GAO's 
recommendations. We have been working quite closely to shore up 
those recommendations.
    Mr. Thompson. OK. So it is not a matter of you not having 
the resources to do it. You just need to have the--well, I 
guess you have the will, but we just need to carry it forward?
    Mr. Lynes. As Ms. Grover points out, it is a relatively new 
requirement in our system. Independent of GAO's review of our 
program, we have been working at revisions to our system to 
create a new tool to track the life cycle of those 
vulnerabilities so that we can identify the root cause of that 
vulnerability and what mitigation efforts we can apply to 
address that vulnerability.
    Mr. Thompson. So have you formally submitted this, Ms. 
Grover, to TSA?
    Ms. Grover. Yes, sir, and they have formally concurred with 
our recommendation and stated that they intend to take action.
    Mr. Thompson. OK. Thank you. I guess the other question 
talks about the pre-clearance model and whether or not Mr. 
Owen, you have all of the resources to expand pre-clearance to 
other airports?
    Mr. Owen. Yes. Part of the requirement with the new pre-
clearance model that we adapted after we went operational in 
Abu Dhabi, is that the partner countries that sign on for pre-
clearance do so under a cost recovery basis. So they bear much 
of the cost to establish the facility, to have our officers 
present so the resources are coming from those other countries 
that want to have us there.
    Mr. Thompson. So are we now saying if you can pay for it, 
we will pre-clear you? Or are we doing it based on number of 
passengers, or?
    Mr. Owen. It is based on risk and the negotiations that we 
have place pre-clearance in places like Abu Dhabi where we 
believe there is a strategic importance to be there.
    So that is really was what driving that. Clearly there is a 
facilitation benefit as well that the airlines very much 
appreciate, but whenever we have an opportunity to address that 
potential risk at a last-point-of-departure airport before that 
individual gets put on a plane to come here, that is the model 
we need to embrace more of.
    Mr. Thompson. Right. But if I said where the next two 
airports the highest enplanement airports in the world coming 
to the United States, what would your answer be?
    Mr. Owen. I am sorry. The question?
    Mr. Thompson. In other words, the pre-clearance we are 
giving to the next two airports----
    Mr. Owen. Yes.
    Mr. Thompson [continuing]. Is this based on the ability of 
those countries or those airports to pay the cost? Or is it 
based on the number of passengers who are coming through the 
airport en route to the United States?
    Mr. Owen. It is pretty much a combination of both. I mean, 
they have to incur the cost to have our officers there to have 
the facility there. The cost only makes sense when there is a 
large enough throughput to really have that return on 
investment. So a very small airport would probably not embrace 
pre-clearance, but a larger airport where that return on 
investment is financially possibly would be more likely to 
embrace pre-clearance.
    Mr. Thompson. Mr. Chair----
    Mr. Owen. Again, our decision to go out is based on where 
we see a strategic value from a risk assessment standpoint.
    Mr. Thompson. When we first put this in place one of the 
problems is, Mr. Chairman, we went to airports who could pay 
rather than airports with the largest volume of passengers 
coming to the United States. So that kind of skewed the risk 
model.
    I am trying to see how we get it back and saying if we have 
5,000 people coming from this airport and 1,000 coming from 
another, why are we doing the 1,000-passenger airport rather 
than the 5,000?
    Mr. Owen. Right. You really have to look at all the 
different variables as to what is behind this. Pre-clearance 
started in the early 1950's and was primarily a facilitation 
program with the airports out of Canada.
    The Abu Dhabi model, which we adopted 3 years ago, was 
really the new standard for how we treat pre-clearance. 
Identify high-risk locations where we feel our presence adds 
value, work cooperatively with the host country to make sure 
all of our requirements are met, as we have seen in Abu Dhabi.
    Mr. Thompson. Mr. Chairman, I think it would be instructive 
for the committee if we got the list of pre-clearance airports 
tied to how many passengers from those airports are coming and 
how they rank in terms of airports that we work with.
    I think, you know, that is the politics of it, but one of 
the challenges we have is if we put reimbursement for 
participation above numbers of passengers from a particular 
area----
    Mr. Katko. Right.
    Mr. Thompson [continuing]. Some of us think we are creating 
a bigger problem because those who can pay----
    Mr. Katko. Right.
    Mr. Thompson [continuing]. Get pre-clearance and those who 
can't participate by paying and might have two, three time more 
people coming. I understand the risk.
    Mr. Katko. Yes.
    Mr. Thompson. But I think that is something that from a 
policy standpoint we can look at, Mr. Chair.
    Mr. Katko. Yes, Mr. Thompson, I think that is an excellent 
point. I would ask Mr. Owen to endeavor to get those statistics 
to us within 10 days, and then I think we should meet and talk 
about it.
    Mr. Thompson. OK.
    Mr. Katko. Thank you.
    Mr. Thompson. I yield back. Thank you.
    Mr. Katko. Thank you, Mr. Thompson.
    The Chair now recognizes Mrs. Watson Coleman for 5 minutes 
of questioning.
    Mrs. Watson Coleman. Thank you, Mr. Chairman. First of all, 
I seek unanimous consent to submit testimony for the record 
from the National Treasury Employees Union for today's hearing.
    Mr. Katko. Without objection, so ordered.
    [The information follows:]
Statement of Anthony M. Reardon, National President, National Treasury 
                            Employees Union
                           September 26, 2017
    Chairman Katko, Ranking Member Watson Coleman, distinguished 
Members of the subcommittee, thank you for the opportunity to submit 
this statement on Customs and Border Protection (CBP) staffing issues 
that affect aviation security around the globe on behalf of the 25,000 
CBP officers, agriculture specialists, and trade enforcement personnel 
stationed at 328 land, sea, and air ports of entry across the United 
States and at preclearance stations currently in Ireland, the 
Caribbean, Canada, and United Arab Emirates airports represented by the 
National Treasury Employees Union (NTEU).
    As of June 2017, CBP's Office of Field Operations (OFO) has 22,810 
CBP officers on-board at the ports of entry--1,404 short of its fiscal 
year 2017 on-boarding target of 24,214. The fiscal year 2018 House 
appropriations bill includes funding to filling the current vacancies 
to meet the fiscal year 2017 target of 24,214, but provides no new 
funding to address the current CBP officer staffing shortage of at 
least 2,107 additional CBP officers as stipulated by CBP's own fiscal 
year 2017 Workload Staff Model and to fund an additional 631 CBP 
agriculture specialists as stipulated by CBP's own fiscal year 2017 
Agriculture Resource Allocation Model (see appendix.)
                        cbp preclearance program
    The U.S. currently has 15 airport preclearance locations in six 
countries: Aruba; Freeport and Nassau; the Bahamas; Bermuda; Calgary, 
Toronto, Edmonton, Halifax, Montreal, Ottawa, Vancouver, and Winnipeg, 
Canada; Dublin and Shannon, Ireland; and Abu Dhabi, United Arab 
Emirates. More than 600 CBP law enforcement officers are stationed at 
15 locations around the world checking travel documents, passports, 
visas, and making sure travelers abide by strict customs and 
agriculture importation rules. Passengers departing these airports are 
treated the same as domestic travelers, and do not have to go through 
customs when they arrive in the United States.
    Airports with preclearance programs accounted for about 18 million 
travelers in 2016-15 percent of all commercial air travellers to the 
United States. The Department of Homeland Security (DHS) has stated 
that it would like to see this increased to 33 percent of foreign 
passengers annually by 2024. The effort is designed to extend the 
United States' border security to foreign airports as part of new 
initiatives to reduce the risk of potential terrorists entering the 
country.
    The preclearance operations in the United Arab Emirates and the 
foreign airports to be chosen for new preclearance operations are 
responsible for most of the program's costs, including a significant 
portion of CBP officers and agriculture specialists' salaries and 
benefits, as well as the construction and maintenance of the space 
dedicated to the preclearance operation inside the airport.
    In May 2015, the United States identified airports in 9 countries 
as possible participants in the program--Punta Cana, Tokyo, Stockholm, 
London, Manchester, Istanbul, Oslo, Madrid, Amsterdam, and Brussels. 
Agreements with CBP were reached late last year for new facilities at 
Stockholm Arlanda Airport in Sweden and Punta Cana International 
Airport in the Dominican Republic. CBP is expected to reach final 
agreements with a few of the other foreign airports that were named in 
its 2015 expansion round. Preclearance operations in these airports may 
begin as early as 2019.
    In November 2016, DHS selected 11 additional foreign airports, 
located in 9 countries, for possible Preclearance expansion. The new 
airports selected to potentially take part are El Dorado International 
Airport in Bogota; Ministro Pistarini International Airport in Buenos 
Aires; Scotland's Edinburgh Airport; Keflavik International Airport in 
Iceland; Mexico City International Airport; Italy's Milan-Malpensa 
Airport; Kansai International Airport in Osaka; Rio de Janeiro-Galeao 
International Airport; Rome's Leonardo da Vinci-Fiurnicino Airport; Sao 
Paulo-Guarulhos International Airport in Brazil; and Princess Juliana 
International Airport in St. Maarten. More than 10 million travelers 
fly to the United States from these airports annually.
    NTEU recognizes the security benefits of preclearance including 
preventing high-risk travelers from boarding aircraft bound for the 
United States and reduced wait times for passenger processing at the 
busiest U.S. international airports. Nonetheless, NTEU has serious 
concerns about the impact of preclearance expansion on the already 
critical staffing shortages at the Nation's ports of entry.
              cbp at the ports of entry staffing shortage
    There is an existing vacancy rate of nearly 1,400 funded CBP 
officers at the ports and, according to CBP's analytic workload 
staffing model, an additional 2,100 CBP officers need to be funded and 
hired in order to meet 2017 staffing needs--translating into a total 
CBP officer staffing shortage of 3,500 today.
    The economic cost of this shortage is also staggering. For every 33 
additional CBP officers hired, the United States can potentially gain 
over 1,000 private-sector jobs. If Congress fully staffed the ports 
with the needed 3,500 additional CBP officers, 106,000 private-sector 
jobs could be created. Understaffed ports lead to long delays in travel 
and cargo lanes and also create a significant hardship for front-line 
employees. Both involuntary overtime and involuntary work assignments 
far from home disrupt CBP officers' family life and destroy morale. 
Notably, on-going CBP staffing shortages directly contribute to CBP's 
perennial low ranking in Federal employee workforce satisfaction 
surveys.
    In addition to CBP's trade and travel security, processing and 
facilitation mission, CBP employees at the ports of entry are the 
second-largest source of revenue collection for the U.S. Government. In 
2016, CBP processed more than $2.2 trillion in imports and collected 
more than $44 billion in duties, taxes, and other fees.
    As you know, the President's January Executive Order calls for 
hiring 5,000 additional Border Patrol agents (BPAs) and 10,000 new 
Immigration and Customs Enforcement (ICE) agents, but does not ask for 
one additional CBP officer new hire, despite the fact that CBP officers 
at the ports of entry in 2016 encountered over 274,000 undocumented 
immigrants and seized over 600,000 pounds of illegal drugs, and over 
$62 million in illicit currency, while processing over 390 million 
travelers and $2.2 trillion in imports through the ports.
    As preclearance operations come on board, NTEU asks how can CBP OFO 
staff these new locations when it has a current staffing shortage of 
3,500 CBP officer and 631 agriculture specialist positions?
    The 1,400 existing vacancies at U.S. ports of entry must be filled 
first and 2,100 new CBP officer staffing positions needs to be funded 
by Congress. CBP officers should not be diverted to new preclearance 
operations before the existing staffing shortage at the U.S. ports of 
entry is resolved.
    Congress should reevaluate CBP's funding priorities as it finalizes 
its fiscal year 2018 appropriations bills. Unlike other DHS components 
operating between the ports of entry and at ICE, both of which received 
significant increases in personnel funding in the fiscal year 2018 
appropriation bill recently approved by the House, CBP at the ports of 
entry has established and documented Workload Staffing Models that 
justify the need to hire 3,500 CBP officers and 631 agriculture 
specialists today. Because of the on-going staffing shortages at the 
nations' ports, CBP officers at some ports work up to 16 hours a day 
and since 2015, CBP OFO has had to divert several hundred CBP officers 
from already short-staffed ports to the critically short-staffed land 
ports at San Ysidro and Tucson for 90-day stints.
    Even though the salaries of CBP personnel at the new preclearance 
ports will be primarily funded by the foreign countries hosting the new 
preclearance facilities, there are no excess CBP employees today that 
can be reassigned to preclearance ports without exacerbating the 
staffing shortages at domestic ports of entry.
    Delays at the U.S. ports of entry result in real losses to the U.S. 
economy. Understaffed ports lead to long delays in travel and cargo 
lanes, hurting businesses and consumers, and also create a significant 
hardship for front-line employees. NTEU agrees that expanding CBP 
inspection facilities at preclearance locations adds another level of 
security to the homeland, but until Congress acknowledges and addresses 
the current critical CBP staffing shortages at the ports of entry, 
preclearance expansion will only exacerbate current deficiencies at 
domestic air, sea, and land ports.
    If Congress is serious about improving aviation security around the 
globe, there is an opportunity to address the justified and documented 
need to fund additional CBP staffing at the ports in the Omnibus bill 
that will be considered later this year. On behalf of the men and women 
represented by NTEU at the Nation's ports of entry, I urge you to 
authorize and fund CBP officers and agriculture specialists at least to 
the levels that BPAs and ICE agents are funded in the recently-approved 
fiscal year 2018 House appropriations bill.
    Thank you for the opportunity to submit this statement to the 
committee.

             APPENDIX.--CBP RESOURCE OPTIMIZATION STRATEGY

      cbpo staffing requirements through fiscal year 2017: 28,414
                             gap: 2107 \1\
---------------------------------------------------------------------------
    \1\ Incorporates legislative proposal fee increases in staff gap 
calculation.

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

 cbp agricultural specialist staffing requirements through fiscal year 
                              2017: 3,048
                                gap: 631
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


    Mrs. Watson Coleman. Thank you, Mr. Chairman.
    Ms. Grover. thank you so much for your testimony. It 
actually is good news that it is your assessment, it is GAO's 
assessment that TSA is moving forward in doing the kinds of 
things that you have recommended over the course of time.
    Then the minor issue, not minor minor, but the issue that 
you are really concerned about now is that they establish what 
they are finding and what they are going to do to respond to 
their findings. Is that right?
    Ms. Grover. Yes, ma'am. TSA has made significant 
improvements in this program over many years, and----
    Mrs. Watson Coleman. That is great to hear because so then 
with TSA not getting beaten up so badly I hope that you will 
find that you will have higher morale and people will recognize 
that the job that you all are doing is appreciated by everybody 
at every level. One of the concerns that we have always had 
with TSA is that perhaps the morale was impacted by lack of 
movement out of certain positions, type of job that you get to 
do.
    What I am wondering is do you all have an upward mobility 
program where you take people within your agency that you see 
have certain promise and give them training so that they can 
move up through the agency and do some of these other what seem 
to be really pretty exciting jobs on the international air 
level, on the regional levels and things of that nature?
    Mr. Lynes. Yes. I think I am a really good example of that 
over my 20-year career. We do have mid-level and senior-level 
development programs. I would be more than happy to take that 
back as I am not in the H.R. department. But I would be more 
than happy to take that back and give the committee some 
additional details about our programs within TSA.
    Mrs. Watson Coleman. Abu Dhabi was an airport that had pre-
clearance.
    Mr. Lynes. Yes, yes.
    Mrs. Watson Coleman. But it also at some point became an 
airport where you had the restrictions on the personal 
electronic devices. Is that not true? Tell me how did that 
happen?
    Mr. Lynes. Well, the security directives that were issued 
in March 2017 by then Secretary Kelly were to counter a very 
specific threat. Then later in June 2017, the then, again, 
then-Secretary Kelly was evaluating the threat and directed TSA 
to issue global security directives and emergency amendments.
    It was after our TSA assessment and inspection teams were 
able to review those locations that they were able to meet 
those enhanced standards and since the restrictions were 
removed.
    Mrs. Watson Coleman. The restrictions on all the airports 
was removed.
    Mr. Lynes. From the 10 locations that were specified----
    Mrs. Watson Coleman. From the 10----
    Mr. Lynes [continuing]. In the March directives. That is 
correct.
    Mrs. Watson Coleman. OK. So this restriction doesn't exist 
anywhere at any of the airports now, or does it?
    Mr. Lynes. That is correct.
    Mrs. Watson Coleman. OK. You all have been very active and 
you have done a lot of, I guess, going back monitoring, making 
sure that things that you think were agreed upon are being done 
and ensuring that the security standards are being upheld. Is 
that placing any kind of a--is that sustainable in terms of the 
resources that you have?
    I know that you went to a couple of hundred airports. You 
are going to go again to recheck. Do you have the resources to 
sustain that kind of oversight and monitoring?
    Mr. Lynes. Yes, we do. We do have a risk methodology for 
visiting airports, and our inspection teams follow that risk 
methodology in the way that they go and visit these locations.
    Mrs. Watson Coleman. So you have the manpower resources, 
the ability to hire? You have got a sufficient staff?
    Mr. Lynes. Yes. We believe that we are adequately resourced 
to perform our duties.
    Mrs. Watson Coleman. Mr. Owen, a couple of months ago there 
were these incidences that were found at the Newark airport 
involving hazing, actually assaulting of some of the newer or 
low-level employees by supervisors. As a result of that I 
believe that three of your employees were actually arrested and 
about five of them were put on suspension or administrative 
leave?
    Mr. Owen. Right. Once the initiation of the investigation 
several officers were placed on administrative duties where 
their law enforcement authorities were suspended and with the 
conclusion of the--or the on-going investigation by the Office 
of the Inspector General, we have now had three officers that 
have been arrested and indicted for those actions.
    Mrs. Watson Coleman. Are you all looking into seeing if 
there are any other airports that have similar situations?
    Mr. Owen. Yes, we are. I would just tell you that we are 
all appalled by the behavior of those employees, and we would--
fully cooperated with the I.G. throughout the investigation. I 
personally made management changes in Newark to address what I 
felt had been allowed to continue unaddressed. So we have taken 
this very seriously throughout the agency.
    Mrs. Watson Coleman. So are you looking at other airports? 
Are you--OK.
    Mr. Owen. Yes, we are. We have not found any indication 
that there has been similar misconduct at any other of our 
ports of entry.
    Mrs. Watson Coleman. Thank you, Mr. Owen. Have you engaged 
in any kind of employee development, employee training to 
ensure that your supervisors know their responsibilities, their 
accountabilities and what is improper behavior that will not be 
tolerated?
    Mr. Owen. Yes, we have.
    Mrs. Watson Coleman. OK. Yes. Yes. We talked about the 
expanding of the pre-clearance programs to two or ten or what 
other airports. You said that there are two other airports 
that----
    Mr. Owen. Yes.
    Mrs. Watson Coleman. We have engaged in that?
    Mr. Owen. We have two additional----
    Mrs. Watson Coleman. Can you tell us who they are?
    Mr. Owen. Yes, we have two signed agreements to move 
forward. So one is in Punta Cana and one is in Stockholm, 
Sweden. So those agreements have been signed. We are basically 
just waiting for the host country to address the infrastructure 
issues and any of their legal authority matters that they need 
to address.
    Outside of those two signed agreements we are in 
negotiations at various stages with another 10 countries for 
further expansion throughout the world.
    Mrs. Watson Coleman. So my last question at this moment, 
because I am just a little bit over as well?
    Mr. Katko. That is fine.
    Mrs. Watson Coleman. OK. The most recent travel ban----
    Mr. Owen. Yes, ma'am.
    Mrs. Watson Coleman. That has been released by the 
administration, do you anticipate--first of all, we don't 
completely understand the criteria that was used, and I don't 
think either one of you has the capacity to respond to why 
these particular countries were under this ban and what this 
ban really means. But what do you see the sort of pressure it 
is going to place on your resources?
    Mr. Owen. Well, I could speak to the, you know, expected 
impact at the ports of entry. We will not see what we saw with 
the first travel ban. This is a more measured approach. There 
is a time period before it becomes effective.
    Anyone who currently has a valid travel document from those 
eight countries is still allowed to travel. This does not 
pertain to legal permanent residents.
    Many of the areas that were so problematic in the first 
travel ban are not within this. So while I can't speak to the 
formulation of the policy, I can speak to the impact it will 
have at the ports of entry. This will be very smooth and you 
will not see any problems like you saw back in January, late 
January.
    Mrs. Watson Coleman. What is the implementation date, the 
beginning? I know it is phasing in.
    Mr. Owen. It is there is phasing in for some of the 
countries----
    Mrs. Watson Coleman. Effective?
    Mr. Owen [continuing]. It is immediate. For some it goes 
through October 18.
    Mrs. Watson Coleman. OK.
    Mr. Owen. So based on different countries and the different 
categories there is a more phasing in.
    Mrs. Watson Coleman. Does this require a different 
training?
    Mr. Owen. No, because in order to travel to the United 
States you need a valid travel document.
    Mrs. Watson Coleman. OK.
    Mr. Owen. Anyone who has a valid travel document it will be 
admissible outside of other concerns that have nothing to do 
with the travel ban, our normal performance of the duties. So 
if someone from those eight countries has a valid travel 
document today they would still be allowed to travel. As a 
result the impact at our ports of entry will be very, very 
minimal.
    Mrs. Watson Coleman. The impression I got was that there 
would be people who may not be permitted to come into this 
country today or in the beginning of this travel ban, but that 
that could change. So is someone training people on what that 
criteria would be, those changes would be?
    Mr. Owen. Once again, within CBP it is quite simple. They 
need a valid travel document, a visa. If they have the visa----
    Mrs. Watson Coleman. So you are at the end of it.
    Mr. Owen. We are at the end of it.
    Mrs. Watson Coleman. You are at the end of that food chain.
    Mr. Owen. State Department is at the front of it, yes, 
ma'am.
    Mrs. Watson Coleman. OK. Thank you. That is something I 
think we need to explore with DHS. Thank you. Thank you, Mr. 
Owen, Mr. Lynes, and Ms. Grover.
    Thank you.
    Mr. Katko. Thank you, Mrs. Watson Coleman.
    The Chair now recognizes the gentleman from Massachusetts, 
Mr. Keating.
    Mr. Keating. Thank you, Mr. Chairman. I was concerned with 
a recent Boston Globe investigative report entitled ``Secrets 
in the Sky.'' It went back to something we still haven't 
corrected. It seems that there are gaps, serious gaps between 
our agencies.
    This deals with the FAA procedure of licensing pilots and 
other related activities. You know, in the course of that, the 
FAA came back and said they are not the police officers of the 
sky, leaving the job to groups like Transportation Security 
Administration, Homeland Security, and the FBI.
    Indeed, TSA monitors all the time. In fact, they reference 
this 28 million airmen, you know, with threat assessments that 
they have monitored in a course.
    However, that is only as good as the material you have to 
look at. There is a huge gap that exists here where people have 
got their pilot's license using dead people's names, where 
there was someone who was sentenced to life imprisonment and 
released on compassionate grounds because he had cancer with 
the Lockerbie bombing threats. He still had some valid 
credentials in the air.
    So my question is this. I think Congress has tried from the 
FAA standpoint to get them to move and correct some of these 
things, which doesn't seem to be really working.
    My concern is can TSA or Homeland Security have more 
oversight? What would you suggest to close this gap, to give 
you more ability to look at the materials you get in from the 
FAA? Because this gap is a serious one and presents a real 
safety issue.
    With all the other things we are doing, this persists and 
it was one of the concerns dating back to the 9/11 Commission 
that hasn't been addressed. So what I am asking you is from 
Homeland Security, from TSA's standpoint and having GAO look at 
these kind of issues, as well as the inspector general, we have 
to somehow--we can't let this gap exist between the FAA and 
TSA.
    So from your perspective what changes could we make as a 
Congress to give you more ability to have oversight over the 
original material that you are dealing with? I mean, looking at 
the numbers, 43,000 pilots received their license and they 
didn't provide permanent address, according to an audit just a 
few years ago. Eight thousand people found the Social Security 
numbers on file belonged to dead people.
    So you are only as good as the information you get to 
review. What could you recommend we do to give you more 
oversight authority to make sure that that material you are 
getting from the FAA is, you know, is valuable, is accurate and 
doesn't present a security risk?
    Mr. Lynes. Yes, thank you. We do work quite well with the 
intelligence community on information that we receive and while 
I am aware of the security threat assessment process that is 
being performed by the TSA, it is not my area of expertise. I 
would be more than happy to take that question back to get 
additional information regarding the security threat 
assessments that we do perform of FAA certificate holders.
    Mr. Keating. Yes. My question is not with TSA's ability to 
do that. You are only able to do that well given the 
information that you have to review. So anything you could 
suggest as a follow-up to this hearing where we could look at 
changes where TSA has a greater ability to review that FAA 
procedures, because they are letting, it is so decentralized 
they let airports do it.
    It is a real black hole in our security system. It is 
something I think TSA and Homeland should have more ability to 
have oversight over. So I would appreciate that. That is a real 
concern of mine. It should be a concern of all of ours. It 
hasn't been corrected since the recommendations of the 9/11 
Commission.
    It is still with reports just like this, which I will share 
with the committee----
    Mr. Katko. Do you want to enter it into the record?
    Mr. Keating. Yes.
    Mr. Katko. Without objection, so ordered.
    [The information follows:]
    Report Submitted For the Record by Honorable William R. Keating
                           SECRETS IN THE SKY
By Kelly Carr, Jaimi Dowdell and Jenn Abelson, Spotlight Fellows and 
        Globe Staff
            The FAA was warned in 2009 that people with terrorist ties 
                    were licensed to fly and repair aircraft. Eight 
                    years later, it is, incredibly, still the case.
    BORNHOLM, DENMARK.--Just two minutes after the private jet was 
cleared for landing, the pilot realized his error and declared an 
emergency. He had miscalculated the fuel needs for the one-hour journey 
from Germany, and now his engines were flaming out.
    The Learjet plummeted toward the ground that day in September 2012, 
then carved its way through a field, coming to rest amid cornstalks and 
mud, the passenger on-board seriously hurt. First responders found the 
pilot, an Iranian with a criminal record, unconscious in the cockpit. 
Nearby, investigators discovered a US pilot certificate with a name 
that wasn't his.
    Nader Ali Sabouri Haghighi's own pilot certificate, it turned out, 
had been revoked years earlier for providing false information, but the 
Federal Aviation Administration conveniently mailed him a new one. 
Haghighi had called the FAA hotline claiming to be a professional pilot 
named Daniel George who had lost his license. He then recited George's 
license number and other personal details that he'd obtained from their 
business dealings. Without asking further questions, the FAA agent sent 
Haghighi a license with George's name on it.
    It ought to have been difficult for the black-haired, brown-eyed 
Iranian to use a pilot's license belonging to a fair-skinned, gray-
haired American nearly 20 years his senior, except for one factor: FAA 
pilot licenses do not include photographs of the pilot. Haghighi was 
able to pull off his ruse for nearly four years until Danish police 
found the license in the rubble of the crash.
    Almost a decade after Haghighi's brazen identify theft, the FAA 
still does not include pilot photos on its licenses, and the agency 
does not fully vet pilot information before issuing them credentials. 
Last year, a leading congressional overseer of the FAA, then-
Representative John Mica, called US pilot licenses ``a joke'' and said 
that a day pass to Disney World in his native Florida contains more 
sophisticated security measures.
    FAA officials defend their licensing practices, noting that pilots 
are also required to carry a government-issued ID such as a driver's 
license to prove their identity. The pilot certificate, they say, is 
more an indicator of the pilot's level of training than a security 
tool, and commercial airports and airlines generally issue their own 
IDs for access to tarmacs, planes, and other secure areas.
    But the flawed airman licenses are part of a troubling pattern of 
lax oversight of more than 1 million FAA-approved airmen--including 
pilots, mechanics, flight attendants, and other aviation personnel--
that has made the agency vulnerable to fraud, and the public vulnerable 
to those who mean to do harm, a Spotlight Team review has found.
    After the 9/11 attacks, Congress called on the FAA to overhaul its 
licensing for more than 600,000 US-certified pilots. But the FAA's 
changes so far have been modest, such as making licenses with higher-
quality materials to reduce forgeries. Today, FAA security procedures 
remain geared more toward the convenience of pilots than the needs of a 
nation engaged in a ``war on terror,'' often failing to challenge 
airmen's claims on their applications and seemingly unaware of 
deceptions.
    Haghighi, for example, continued to finagle help from the FAA even 
after he went to jail in Denmark for flying without a valid license and 
endangering his passenger. After his release, the FAA issued him a 
medical certificate that helped him land a job at an airline in 
Indonesia in 2014. All he had to do was change one letter in the 
spelling of Sabouri and alter his birth year. An official at another 
federal agency eventually tipped off the FAA to Haghighi's duplicity.
    Or take the case of Richard Hoagland. Beginning in 1994, he 
purchased homes, registered a plane, obtained a pilot license, and even 
got married under the name Terry Symansky, according to court records. 
The ruse wasn't discovered until Symansky's nephew was doing family 
research on Ancestry.com and found that his late uncle was listed as 
alive. The FAA never caught on that the real Terry Symansky had been 
dead since 1991, issuing Hoagland a new private pilot certificate in 
Symansky's name as recently as 2010. Hoagland is now serving a two-year 
sentence in federal prison for identity theft.
    FAA procedures also make it easy for pilots to hide damaging 
information, by simply not reporting it. That's because the agency 
relies on them to self-report felony convictions and other crimes that 
could lead to license revocation. Among the licensed pilots currently 
listed in the airman registry are Carlos Licona and Paul Grebenc, 
United Airlines pilots who were sentenced to jail in Scotland earlier 
this year for attempting to fly a commercial airliner with alcohol in 
their blood. Under FAA rules, an alcohol-related offense, especially 
related to flying can be grounds for license revocation or suspension, 
though the FAA decides on a case-by-case basis.
    But as of Sept. 1, Grebenc and Licona were still listed in the 
FAA's active airman registry. Agency records showed that as of January, 
four months after the men were arrested, there were no reported 
incidents or enforcement actions related to the pilots.
    FAA officials stress that they are not the police officers of the 
skies, leaving that job to an alphabet soup of agencies including the 
Transportation Security Administration, Homeland Security, and the FBI. 
The FAA merely issues the airman certificates and keeps the database 
that helps these investigators do their work. And, while FAA officials 
admit they don't routinely investigate information that pilots, 
mechanics, and others list on license applications, the TSA says it 
continuously reviews the FAA database against the Terrorist Screening 
Database, additional terrorism-related information, and other 
government watch lists. Since 2010, the TSA has completed 28 million 
airman threat assessments.
    But it is hardly a fail-safe system. Outside reviewers have 
repeatedly found that the FAA's Airman Registry is riddled with errors 
and gaps, making it difficult for law enforcement officials to rely on. 
More than 43,000 pilots received licenses even though they did not 
provide the FAA with a permanent address, according to a 2013 audit by 
the Department of Transportation inspector general. Two years earlier, 
the Department of Homeland Security inspector general found that 8,000 
of the Social Security numbers on file belonged to dead people, in part 
because the FAA doesn't purge its files of dated information. Another 
15,000 didn't match the airmen's personal information on file.
    When asked whether the FAA vets the information on airman 
certificate applications, officials did not answer directly. The FAA 
issued a statement reading, ``Pilots are expected to provide accurate 
and complete information on all FAA forms.''
    Agency officials also said that, when pilots apply for medical 
certificates--a crucial document needed to fly--they conduct a one-time 
check against the national drivers' database for drug- or alcohol-
related convictions.
    The lack of accurate information can have serious consequences. 
Last October, when a student pilot from Jordan intentionally crashed a 
twin-engine plane near a major defense contractor in East Hartford, 
Conn., law enforcement officials initially feared terrorism and 
converged on the Illinois address he had given the FAA. But the 
student, Feras M. Freitekh, had listed the address of a family friend, 
a place where he had never lived, so law enforcement descended or a 
house nearly 900 miles from his actual home.
    Most worrisome, even with on-going TSA vetting, people with 
suspected or proven ties to terrorism still keep active airman 
certificates.
FAA-approved offenders
    Mark Schiffer couldn't believe what he was finding.
    Schiffer, the chief scientist for a company that helps banks detect 
fraud, was simply testing an algorithm to check names against publicly 
available watch lists that included suspected terrorists and other bad 
actors. In April 2009, he was using data from the FAA Airman Registry 
for his test because the list was large and readily available.
    But he kept turning up terrorists.
    There was Fawzi Mustapha Assi, who was on the FBI's most-wanted 
list for five years before being convicted of providing material 
support to Hezbollah in 2008. Though imprisoned, he had an active 
pilot's license, which never expires. His release was expected in a few 
years.
    Also on the list was Myron Tereshchuk, an FAA-certified mechanic 
and student pilot, who was convicted in federal court in 2005 for 
possession of biological agents or toxins that could be used as 
weapons. Tereshchuk was also in prison, but he, too, was expected to be 
released in a few years.
    And there was Abdelbaset Ali Mohmed al-Megrahi, who was sentenced 
to life in prison for his role in the bombing of Flight 103 over 
Lockerbie, Scotland. Scottish authorities released him in 2009 on 
compassionate grounds after he was diagnosed with terminal cancer. He 
still had a valid aircraft dispatcher certificate from the FAA.
    ``Holy cow,'' Schiffer said to himself.
    In all, Schiffer and his company, Safe Banking Systems of New York, 
confirmed eight matches between FAA-approved airmen and various watch 
lists.
    ``The results were as unexpected as they are chilling,'' Safe 
Banking Systems said in a June 2009 report distributed to nearly 40 
lawmakers and top government officials, including the FAA administrator 
and then-Secretary of State Hillary Clinton.
    But no one responded until a New York Times reporter asked the 
Transportation Security Administration about the certified airmen with 
terror ties listed in the Safe Banking Systems report. The following 
day, in June 2009, the TSA advised the FAA to revoke airman certificate 
for six of the eight names that SBS gave to the reporter.
    The Department of Homeland Security's inspector general, in an 18-
month investigation released in July 2011, found that the TSA's ability 
to screen airmen for national security threat is hampered by the 
quality of information the FAA provides. The TSA could not properly vet 
thousands of airmen because of missing or inaccurate data within the 
FAA's registry, according to the report. From 2007 to 2010, the TSA 
recommended the revocation of 27 licenses, but the number would likely 
have been larger had all of the information been complete.
    The inspector general also found that the TSA doesn't screen for 
broader criminal activity, allowing airmen who ``have outstanding 
warrants or are known fugitives'' to escape detection. The IG said that 
one U.S.-approved pilot was actually a ``drug kingpin'' serving 20 
years in a foreign prison.
    Since then, the TSA and FAA have stepped up their screening for 
national security threats, reviewing the FAA database four times a year 
to ensure accuracy.
    The Spotlight Team wanted to check whether the heightened scrutiny 
has improved the FAA's record in preventing bad actors from having 
pilot's licenses. At the request of the Globe, Safe Banking Systems 
tested the public part of the airman registry and again found problems.
    Running the same name-matching program in January 2017, SBS found 
five active airmen on watch lists with possible ties to terrorism or 
international crime, including Tairod Nathan Webster Pugh, a former Air 
Force mechanic who bought a one-way ticket to Turkey in 2015. His 
packed bags included flash drives with maps, a letter to his wife about 
jihad, and his Federal Aviation Administration airman certificate, 
according to court records. When he was arrested, Pugh was headed to 
Syria to offer himself as an aircraft mechanic.
    In May, Pugh was sentenced to 35 years in prison for attempting to 
provide material support to the Islamic State, though he is appealing.
    On Aug. 1, Pugh's name still appeared on the FAA's list of active 
airmen. But Pugh was removed by Sept. 1, days after the Globe requested 
his records. FAA officials now say that Pugh's license was actually 
revoked in 2015, though on Friday, they could not explain why his name 
continued to be on the active list for another two years.
    In addition, SBS turned up a long-time American Airlines mechanic 
who attempted to broker a deal that would have moved seven Airbus A300s 
to Iran, which the United States has identified as a state sponsor of 
terrorism; a Florida businessman who was planning on illegally shipping 
navigation systems used for steering planes, ships, and missiles to 
Turkey; and an Irish pilot sanctioned by the U.S. Office of Foreign 
Assets Control for his connections to a company and plane that were 
also sanctioned. The mechanic and Florida businessman both have been 
released from prison, while the Irish pilot has not been charged with a 
crime.
    In August, when the Globe requested information about the airmen 
identified by SBS, FAA records contained no indication that any of the 
five had faced FAA enforcement action.
    ``Have things really changed? Does the government know who they are 
dealing with?'' said David Schiffer, Safe Banking Systems' chief 
executive officer (and Mark Schiffer's father). ``The fact that some 
are licensed while still incarcerated is unbelievable. We certainly 
view this as a very serious threat to national security.''
A history of deceit
    Long before the crash in Denmark, Nader Haghighi had spent years 
duping the FAA. When his name came across the desk of federal 
investigator Robert Mancuso in late 2008, Haghighi had already racked 
up a significant criminal record for stealing a plane, had had his 
pilot's license revoked, and had even been deported from the United 
States in 2006, according to federal investigative reports and court 
records. And the FAA was receiving two new calls per month about 
Haghighi's scams.
    Mancuso, a special agent for the U.S. Department of Transportation 
Inspector General's Computer Crimes Unit, began investigating a report 
that Haghighi had tried to illegally obtain a pilot's license on-line 
using Daniel George's name. Mancuso quickly discovered that George was 
just one more victim of a con man who used at least a dozen aliases and 
falsely claimed to have a degree from the Massachusetts Institute of 
Technology and a job at Lockheed Martin.
    But Haghighi made a mistake when he initially tried to get George's 
license. He had collected George's personal information when he hired 
the professional pilot to fly a plane for him. But when Haghighi 
entered the stolen information on-line to get a copy of George's 
license, Haghighi neglected to change the e-mail address on the 
account, so George received notification about the new license and 
contacted the FAA. The agency intercepted the certificate before it was 
sent out.
    And Mancuso thought that was the end of it, though he kept 
investigating Haghighi.
    Then, when Haghighi crashed with George's license in his possession 
a few years later, Mancuso made a stunning discovery: Haghighi had 
found yet another way to get a license. He called the FAA directly, 
posing as George and complaining that he had never received the 
certificate he had requested weeks earlier. The FAA, without further 
investigation, mailed out new copy to Haghighi's post office box in 
Texas, something an FAA employee told Mancuso was ``not uncommon for 
our office to do, based on a phone call from the airman.''
    ``I was shocked,'' said Mancuso, who traveled to Denmark to testify 
against Haghighi. ``I assumed that some type of fraud alert would be 
placed on Mr. George's record to prohibit this from happening, 
especially when it was sent to the same bad address.''
    The FAA said pilots today can no longer request duplicate 
certificates by telephone, but they can get them on-line or by mail.
    During his trial in Denmark, Haghighi tried yet another scam, 
insisting that his real name wasn't Haghighi or George but the one on 
another passport recovered from the crashed plane. But the judge didn't 
believe him and sentenced Haghighi to 10 months in prison for 
endangering passengers, including children, flying without a valid 
license or a required co-pilot on multiple occasions.
    Even then, Haghighi was not through tricking the FAA. A year after 
his release from prison, in February 2014, he contacted the agency to 
secure another medical certificate, which is needed for pilots to fly.
    On his application, he changed his name from ``Sabouri'' to 
``Saboori'' and his birth year from 1972 to 1973. According to a U.S. 
Department of Transportation investigative report, Haghighi lied 
repeatedly on the form, claiming that he had not visited a medical 
professional in three years, even though emergency responders had found 
him unconscious inside a crashed plane just two years earlier.
    His word was good enough for the FAA, which gave Haghighi a new 
certificate that he promptly used to land a job with Susi Air, an 
Indonesian airline.
Flying again
    Haghighi is an extreme example, but his case is by no means 
isolated. At least one other pilot on the FAA registry, Re Tabib, won 
his license back after he went to prison for attempting to smuggle 
aircraft parts to Iran and was formally declared a security threat by 
the TSA.
    In 2006, federal officers seized thousands of aircraft parts, some 
packed in suitcases, and ``shopping lists'' from the California home of 
Tabib, an Iranian-born FAA certified pilot. He was arrested on charges 
of attempting to illegally export parts for F-14 Tomcat jets to Iran.
    Tabib, a veteran airman who at one time piloted private flights for 
the designer Gianni Versace pleaded guilty and served time in federal 
prison from July 2007 until January 2009. Yet, according to court 
records, the FAA issued him an Airline Transport Pilot certificate, the 
highest-level license for pilots, just three months after his release, 
allowing him to fly large jets.
    Unlike other pilots with a criminal record, Tabib made no attempt 
to hide his past, alerting the agency about his felony conviction on an 
application form that calls on candidates to disclose any previous 
arrests or convictions. But the FAA--which can suspend flying 
privileges for anyone with an ATP license it judges not of ``good moral 
character''--did not revoke or suspend his license.
    As of August, FAA records revealed no incidents or enforcement 
records connected to Tabib. The agency declined to comment further on 
Tabib's case but said it examines possible violations of the ``good 
moral character'' standard on a case-by-case basis. The agency said 
that a criminal conviction is not automatic grounds for action against 
an ATP license.
    In June 2009, just months after Tabib received his new certificates 
from the FAA, Safe Banking Systems, the New York fraud detection 
company, matched Tabib's name to public watch lists and passed it along 
with others to The New York Times.
    The TSA responded to the story by advising the FAA to revoke 
Tabib's certificate. Tabib's airman certificates gave him ``insider 
access'' that, combined with his connections to Iran, could render him 
a security threat, according to a 2010 decision by an administrative 
law judge.
    Tabib fought the decision for years and finally reached a 
settlement with the TSA in 2012. His attorney, Robert Schultz, said the 
law permitting the TSA to revoke airman licenses is unconstitutional 
because it treats airmen as presumed guilty without proper due process.
    ``Mr. Tabib was a professional pilot who was denied the right to 
earn a living for years based on mere suspicion,'' Schultz said, 
referring to the TSA threat assessment. Last year, the FAA issued him 
new commercial pilot and flight instructor certificates.
    This time, Tabib's name was kept out of the FAA database of active 
airmen that the public can download to review the full list of pilots 
and mechanics. As a result, his name did not appear this year when Safe 
Banking Systems checked for airmen who had been on terror watch lists. 
More than 350,000 airmen were excluded from the public database at 
their request.
    Recent social media posts show Tabib in front of a King Air C90 
turboprop aircraft. A photo from this spring shows him wearing an 
aviation headset in the cockpit of a plane at the Azadi airport in 
Iran. His Facebook page says he's now a flight instructor and pilot at 
John Wayne Airport in Orange County, Calif. Tabib is flying again.
Con air
    Mario Jose Donadi-Gafaro, a U.S.-licensed pilot, died along with 
six others in a horrific plane crash in Venezuela in 2008 when his 
plane plummeted into a bustling neighborhood a few minutes after 
takeoff. He never made a distress call, and questions still remain nine 
years late about the cause of the accident.
    But another mystery is how Donadi-Gafaro, a pilot who also 
moonlighted as a drug trafficker, kept a U.S. pilot's license as long 
as he did.
    Donadi-Gafaro's criminal career began at least a decade before the 
crash. His initial U.S. felony drug conviction in 1999 for importing 
cocaine into Miami International Airport should, under FAA rules, have 
immediately triggered agency scrutiny of his license.
    But even after the pilot was convicted a second time--this time in 
Venezuela--in 2006 for attempting to transport cocaine on an aircraft, 
the FAA did not revoke Donadi-Gafaro's license instead, the agency gave 
him a promotion. He applied for and was issued his Air Transport 
Pilot's License, the gold standard of U.S. airmen ratings, on July 23, 
2007. Almost a decade after the crash in Venezuela that killed him, the 
FAA still listed Donadi-Gafaro as an ``active'' pilot, including him in 
its database as recently as March 2016.
    The agency finally deactivated his license in 2016 after the Globe 
began asking questions about it. The FAA declined to comment on whether 
Donadi-Gafaro had reported his conviction, saying that information is 
protected under the Privacy Act.
``We don't know who they are''
    A frustrated John Mica held up a plastic card as he addressed a 
2016 hearing of his House subcommittee on the topic of ``securing our 
skies.'' The card, borrowed from then-Representative Tammy Duckworth, a 
pilot, was an example of a modern FAA certificate.
    ``An airline pilot has access to the controls, flying the plane,'' 
said Mica, but a U.S. pilot's license lacks basic security features and 
includes only a decorative picture. ``The only photo on this license 
are the Wright brothers, Orville and Wilbur. Orville and Wilbur, I blew 
it up here. OK?''
    To make his point, the congressman held up an entry pass for Disney 
World. The card, decorated with Minnie Mouse, has a magnetic strip that 
is capable of linking identities to fingerprints. This allows Disney to 
track when cardholders enter or leave the park. The FAA license is 
primitive by comparison.
    ``This is Minnie Mouse,'' said Mica, referring to the Disney pass. 
Then, nodding to Duckworth certificate in his other hand, he added, 
``and this is Mickey Mouse.''
    Congress long ago called on the FAA to implement significant 
changes. The Intelligence Reform and Terrorism Prevention Act of 2004 
mandated not only pictures of pilots, but also that pilot licenses 
include biometric capabilities such as fingerprints or iris scans.
    ``Fifteen years later, we see a system that has not complied with 
the laws that we have passed multiple times,'' said Mica. ``We have 
pilots that are flying planes. We don't know who they are.''
    The FAA said that it has made some improvements. In 2003, the 
agency switched from paper licenses to new ``security-enhanced airman 
certificates,'' the FAA said. The plastic documents include an FAA seal 
and, according to the FAA, are resistant to tampering, alteration, and 
counterfeiting.
    But lawmakers have repeatedly challenged the agency on why the FAA 
has not followed congressional mandates regarding the licenses. Mica, 
in particular, voiced his concern publicly about the licenses in 
letters and hearings in 2010, 2011, 2013, and most recently, last year.
    In 2017, the former congressman says he's still concerned about the 
lack of progress and failure to have a ``credible'' document.
    ``We tried to get them to comply, but they never did fully 
comply,'' Mica said. ``Any credit card in your wallet has better 
capability.''
    Many pilots and flight instructors opposed the photo IDs, some 
complaining that it could add to the cost of licensing without 
improving national security. In written comments to the FAA, pilots 
said the photo on the license was unnecessary because they are already 
required to carry other photo IDs--and because airport officials never 
ask to see pilot certificates anyway.
    ``Many of our members describe this effort as `security theater,' 
putting a photograph on a document that authorities never ask for,'' 
said Doug Stewart, chairman of the Society of Aviation and Flight 
Educators, in a 2011 letter.
    ``What is most critical in the issuance of an FAA pilot certificate 
from a security standpoint is the accurate establishment of the pilot's 
identity, background descriptors, and qualifications,'' wrote Robb 
Powers, chairman of the national security committee at the Air Line 
Pilots Association, International. ``Presently, FAA does not verify the 
identity of the person requesting a pilot certificate other than 
through visual inspection of the individual's driver's license or 
passport.''
    As of last month, the agency said it, along with the Department of 
Transportation, is ``still evaluating options for including a photo,'' 
a project expected to cost about $1 billion.
    While the FAA has pondered additional security requirements for 
more than a decade, special interest groups have worked to quietly 
relax regulation for pilots. In a victory for advocates of general 
aviation, Congress eased the medical requirements for pilots seeking a 
basic license, requiring only a visit to the family doctor and 
participation in an on-line course provided by th Aircraft Owners and 
Pilots Association. And the FAA reauthorization bill now in the Senate 
includes an amendment to roll back some commercial pilot training 
requirements enacted after a 2009 regional airline crash that killed 50 
and was blamed on pilot error.
``What a nightmare''
    Early into his new job, officials at Susi Air in Indonesia grew 
suspicious of Nader Haghighi an discovered that his passport number 
belonged to someone else. They alerted the United States.
    Robert Mancuso, the Department of Transportation investigator who 
tracked Haghighi for years as the con man fooled authorities while 
using many aliases, including Nader Schruder, learned about the latest 
escapade and sent an e-mail to FAA officials.
    ``Hello all! It's my yearly e-mail regarding Mr. Nader Schruder. He 
seems to have popped back up in Indonesia with his revoked FAA 
certificate . . . Can you also run a search for any pilots with the 
name `Nader Ali Saboori' to make sure he doesn't have another 
certificate.''
    The FAA responded the next day: ``I do show a record for SABOORI; 
Nader Ali with a First Class Medical certificate issued 2/27/14 . . . 
It's probably the same airman.''
    Haghighi soon after found himself without a job. He left Indonesia 
and was detained during a stopover in Panama after U.S. authorities put 
out an alert. In November 2014, Haghighi pleaded guilty in U.S. 
District Court in Houston to four counts of identity theft.
    George, the man whose identity Haghighi stole, wrote a letter to 
the judge detailing the personal toll--hundreds of thousands of dollars 
in lost revenue from potential pilot position and thousands of hours 
spent trying to figure out where Haghighi would turn up next.
    ``What a nightmare this man has been to me personally and 
professionally,'' George wrote.
    After Haghighi was released from federal prison in October 2016, he 
was deported to his native Iran--ending roughly 15 years of deception.
    ``It's sad it went on this long. He was putting the public's life 
in danger,'' said Mancuso, now a special agent at another federal 
office of the inspector general.
    Haghighi, in Facebook messages to a Globe reporter, expressed no 
remorse for his behavior and described the FAA in bluntly critical 
terms: ``know the right person, pay the right amount in a right way and 
then the sky turns green.''
    The Globe could find no evidence that Haghighi has a U.S. pilot's 
license today, but a Facebook photo update in March suggests he hasn't 
given up hope: He was smiling from the cockpit of a plane with his hand 
inches away from the controls.

Q: How could the man on the bottom steal--and use--the pilot's license 
of the man on the top?
A: U.S. pilot's licenses don't include photos of the pilots, a big 
advantage for an experienced con man like Nader Ali Sabouri Haghighi.

This investigation was made possible through the Spotlight 
Investigative Journalism Fellowship, funded by Participant Media, Open 
Road Films, and FirstLook Media. The fellowship provides journalists 
the opportunity to pursue their own in-depth investigation with the 
help of the Globe Spotlight Team. Jaimi Dowdell can be reached at 
[email protected]. Kelly Carr can be reached at 
[email protected]. JennAbels01 can be reached 
[email protected]. For more information about the Spotlight 
fellowship, go to www.spotlightfellowship.com. Globe staff members 
Jonathan Saltzman, Lisa Tuite, and Todd Wallack also contributed to 
this report.

    Mr. Keating. Thank you. So I will do that. I will look 
forward to suggestions. I know it is difficult for some of the 
agencies to come forth with suggestions over the boundaries, 
but I honestly think given the time period and the results it 
would seem FAA isn't just isn't gonna do this. So we have to, I 
think particularly this committee have to give TSA more 
authority and oversight to review this serious issue. So thank 
you very much.
    I yield back.
    Mr. Katko. Thank you, Mr. Keating.
    Mrs. Watson Coleman.
    Mrs. Watson Coleman. Thank you, Mr. Chairman. I would ask 
unanimous consent for Congresswoman Jackson Lee to be allowed 
to sit at the dais and to ask questions at today's hearing?
    Mr. Katko. Without objection, so ordered.
    Mrs. Watson Coleman, you are recognized for 5 minutes of 
questions.
    Mrs. Watson Coleman. Jackson Lee.
    Mr. Katko. Ms. Jackson Lee, you are recognized for 5 
minutes of questions.
    Ms. Jackson Lee. First of all, let me thank you for the 
courtesy of the Chairman and the Ranking Member and also the 
courtesy of extending to me the opportunity to be with you this 
morning. Forgive me for being delayed at another meeting, but I 
thought this was very important for several reasons, and I have 
a number of questions.
    But my first question is have you all made an assessment of 
the conditions as relates to security at the airport in Puerto 
Rico, San Juan in particular? Not sure whether we have 
discussed that already, but the conditions are of a level of 
humanitarian crisis.
    I understand there may be a thousand people or more at the 
airport. Have you sent additional personnel? What is the level 
of security at that airport?
    Then can I ask you on a just a side issue, we have had a 
briefing from a number of our Members of Puerto Rican descent, 
and it is imperative that you convey back to Secretary Duke, 
Chief of Staff Kelly, that there is a humanitarian crisis and 
there is need for immediate action even today.
    I want to put on record there should be some kind of 
military czar. Obviously you are civilians established and as 
well the C-130's can probably land on the airport delivering 
food and medicine, which is what is their desperate need.
    So you might comment as well as you will convey that aspect 
of it but the question would be have you assessed since we are 
talking about aviation security, global whether you have had an 
assessment or there is an assessment going on, on the 
conditions at the airport in Puerto Rico because of the 
vulnerabilities that are there?
    I will let you answer that. I am looking--I will let you 
answer that and let me follow up with another question.
    Mr. Lynes. Yes, thank you. Puerto Rico does have a TSA 
Federal security director because it is what we consider a 
domestic airport. It falls outside of my remit. I am not sure 
of the exact details of the current status.
    TSA has stood up its Critical Incident Management Group, 
which is monitoring the situation to provide any needed 
assistance from the TSA assets. So I am sorry. I would have to 
take that back and get some further information for you.
    Ms. Jackson Lee. So would you be willing to take it back as 
well as my addendum regarding the immediate crisis that needs 
to be responded to? Obviously, Homeland Security is the 
supervising agency that can collaborate with the U.S. 
Department of Defense. Would you convey that back please?
    Mr. Lynes. I would, yes.
    Ms. Jackson Lee. Sir, from the CBP, conditions there that 
you are working with?
    Mr. Owen. Yes, we have officers on the ground that have 
been working for full employee accountability to make sure our 
employees have come through the storm. We have done an initial 
assessment on the Federal inspection site at the San Juan 
airport. The area that we work in is in where we process the 
international.
    There has been some damage there, but it is not as 
significant--saw much greater damage in St. Thomas and St. 
Croix as a result of the earlier storm. So we do have officers 
on the ground that are working toward that mission. But for the 
larger point we will take that back to the Department, ma'am.
    Ms. Jackson Lee. Great. Ms. Grover, unless you want to 
answer. I don't know whether you----
    Ms. Grover. Nothing to add, thank you.
    Ms. Jackson Lee. Thank you. Let me additionally thank the 
TSA and CBP for their service to the Nation. I usually always 
start with that and the excellent work that you all are doing. 
Particularly to the Transportation Security Administration, it 
is important to convey because I remember the very thorny start 
that you had because we were so unused to it. Please let the 
men and women there know, because they are the first 
encountering, how much I appreciate their service.
    So my last question has to do with the enhanced ban, which 
I think takes a lot of resources. I am not sure how effective 
the ban is adding these additional nations. What are you 
crafting? Are you going in to get a different matrix dealing 
with these expanded numbers? Are you needing expanded 
resources? Will you be using additional intelligence?
    The last point, do you feel that you are at a high level of 
accountability on aviation security throughout the Nation's 
domestic airports?
    Mr. Katko. If I may interject for just one moment? This was 
covered thoroughly, so if you would do it in a summary fashion, 
that would be helpful. Thank you.
    Ms. Jackson Lee. Thank you.
    Mr. Owen. Yes, ma'am. In terms of the new travel ban, CBP 
is involved with the implementation at the airport. So we were 
not involved with the formulation. I can't speak to that. But 
what I can speak to is that it will be a very smooth 
implementation. Those that have valid travel documents will 
continue to be allowed for travel.
    There is a graduation, a graduated roll-out for certain 
countries as part of this. Really the emphasis becomes at time 
of application for a visa and that falls within the State 
Department.
    But at the U.S. airports it will be a very smooth 
implementation. If there is valid travel document they will be 
allowed to come into the country. We will not see the issues 
that we saw back in late January.
    Ms. Jackson Lee. Anything with TSA?
    Mr. Lynes. No. From the perspective of--you asked about the 
ban. I defer to the Department of Homeland Security statement 
on the travel ban.
    Ms. Jackson Lee. Anything Ms. Grover?
    Ms. Grover. No, ma'am.
    Ms. Jackson Lee. Yield back. Thank you.
    Mr. Katko. Thank you, Ms. Jackson Lee.
    Before we conclude I just want to ask a question of both 
Mr. Lynes and Ms. Grover for information that both Mrs. Watson 
Coleman and myself would like to have quickly, and that is as 
the subcommittee continues its oversight and due diligence in 
assessing the National aviation threats, especially at LPD 
airports, it is very helpful for us to see which specific 
airports are of concern.
    Now, we touched on some of those today. I understand the 
sensitivity of this information. That is why we didn't get into 
it in an open setting. That is why I am requesting that TSA 
provide to the committee in writing a ranking of the 10 worst 
LPD airports in terms of security and the reasoning for the 
poor ranking.
    I also asked Ms. Grover to provide information that she has 
regarding those airports that are either not meeting ICAO 
standards or are having troubles meeting those ICAO standards 
and provide as much detail as you can on those. I ask that both 
of you produce that information to us within 5 business days. 
Is that doable?
    Ms. Grover. Yes, sir.
    Mr. Katko. Mr. Lynes.
    Mr. Lynes. Yes, Congressman, I do believe that we have 
provided some of those details from the FAA Extension Safety 
and Security Act of 2016. Our agency was required to produce a 
report. If you have not already received that, I will make sure 
that you get that.
    Mr. Katko. But it is not just a report I want. We 
specifically asked about the 10 worst LPD airports in terms of 
security and the reasoning for the poor ranking, as well as 
those that are struggling to meet the ICAO standards. All 
right?
    Mr. Lynes. Yes, sir.
    Mr. Katko. Thank you very much. I would like to thank all 
of the witnesses for their testimony today. It was extremely 
helpful as always. We are all on the same page here.
    That is one thing I love about this subcommittee and this 
Homeland Security as a whole. It is about as bipartisan as you 
can get because keeping this country safe is about as 
bipartisan an issue as you can have. That is why it is very 
rewarding to work on this committee.
    Members of the committee may have additional questions for 
witnesses, and we will ask you to respond to these in writing. 
Pursuant to committee rule VII(D), the hearing record will be 
open for 10 days. Without objection, the subcommittee stands 
adjourned.
    [Whereupon, at 11:16 a.m., the subcommittee was adjourned.]



                            A P P E N D I X

                              ----------                              

  Questions From Ranking Member Bonnie Watson Coleman for Craig Lynes
    Question 1a. In your testimony, you mentioned that TSA ``invite[s] 
select foreign Government aviation security personnel to participate in 
some of our own training programs such as FAMs training.'' How does TSA 
choose which countries to invite for training programs?
    Question 1b. How does TSA vet individuals participating in the 
training?
    Answer. The Transportation Security Administration (TSA) offers a 
number of training opportunities to its foreign counterparts which meet 
the requirements under the International Civil Aviation Organization 
(ICAO) Annex 17. This includes train-the-trainer programs such as those 
to assist in the development of sustainable in-flight security officer 
programs. In this specific reference, countries selected to participate 
must have a current air marshal program with a concept of operations 
comparable to the TSA's Federal Air Marshal Service (FAMS) and 
available funding to pay the participants' travel costs if training is 
conducted domestically, or TSA's cost if it is to occur overseas.
    Question 2. On September 24, President Trump announced his revised 
travel order which indefinitely bans entry for nationals from eight 
countries, including Venezuela, which is home to three last-point-of-
departure airports. The White House stated that Venezuela was included 
because the Venezuelan government is ``uncooperative in verifying 
whether its citizens pose National security or public-safety threats'' 
and does not share ``terrorism-related information adequately.'' Given 
these concerns, what is the Trump administration's rationale for 
continuing to allow direct flights to the United States from Venezuela?
    Answer. As noted in Proclamation 9645 of September 24, 2017, 
Enhancing Vetting Capabilities and Processes for Detecting Attempted 
Entry Into the United States by Terrorists and Other Public Safety 
Threats, the Secretary of Homeland Security has determined that 
Venezuela has been uncooperative in verifying whether its citizens pose 
National security or public-safety threats. In addition, the Venezuelan 
government has failed to share public-safety and terrorism-related 
information adequately, and has been assessed to be not fully compliant 
with regard to the acceptance of its nationals who are subject to final 
orders of removal from the United States. The entry restrictions and 
additional vetting requirements established by the President are 
necessary to prevent the entry of those foreign nationals about whom 
the U.S. Government lacks sufficient information to assess the risks 
they pose to the United States; elicit improved identity-management and 
information-sharing protocols and practices; and advance U.S. foreign 
policy, National security, and counterterrorism objectives.
    Notwithstanding these deficiencies, DHS has reasonable confidence 
in our ability to verify Venezuelan nationals' identity, which 
contributes to our aviation security efforts. In addition to 
information provided directly by foreign partners, the U.S. Government 
has an array of data sources at its disposal to assist with vetting and 
screening of Venezuelan nationals regardless of whether they arrive in 
the United States on direct flights from Venezuela. Therefore, we have 
determined that direct flights from Venezuela to the United States can 
continue. As articulated in the Proclamation, the restrictions imposed 
on Venezuela focus on government officials of specified agencies who 
are responsible for the identified inadequacies rather than the 
Venezuelan general public.
    Question 3a. What steps can TSA take when it finds that a foreign 
airport or air carrier is not meeting security standards?
    If a last-point-of-departure airport fails an assessment and 
neither the airport or host government can absorb the cost associated 
with correcting the cause of failure, what happens to the airport?
    Question 3b. Is the air carrier responsible for the costs?
    Answer. When the Transportation Security Administration (TSA) 
determines that a foreign airport or air carrier is not meeting 
security standards, TSA will work with the appropriate authorities in 
the host country to address and properly mitigate any identified 
security deficiencies through training, instruction, or capacity 
development where resources and political partnership will allow.
    If the assessment of the last-point-of-departure airport results in 
significant findings which indicate that a condition exists that 
threatens the safety and security of aviation transportation to or from 
that airport, the Secretary of Homeland Security, in coordination with 
the Secretary of State, may determine if further Secretarial action is 
warranted. Secretarial action may include: 90-day action to give the 
host country time to improve security measures; public notification; 
imposition of operating authority conditions; or suspension of service 
for applicable air carriers operating to/from that location.
    In locations where resources do not facilitate the ability of the 
host country to absorb the cost of improving security measures, it may 
be incumbent upon air carriers operating from that location to absorb 
costs associated with meeting TSA-issued security directives and 
emergency amendments, in accordance with the requirements of the air 
carrier's approved security program.
  Questions From Ranking Member Bonnie Watson Coleman for Todd C. Owen
    Question 1. With a CBP officer vacancy of 1,335 funded positions 
and, according to CBP's own CBP Officer Workload Staffing Model 
documenting a need to fund and hire an additional 2,100 CBP officers, 
how will CBP be able to staff these two new preclearance locations that 
CBP has recently signed agreements with Punta Cana and Stockholm and 
the up to 10 additional preclearance locations by 2024?
    Answer. Preclearance locations hire experienced journeyman officers 
for its overseas locations, which allows for a more expedient and 
flexible hiring process than that of onboarding a new officer. Thus, 
preclearance will be able to staff any new locations--including Punta 
Cana and Stockholm--within agreed-upon time lines for operations 
following entry into force of the agreements.
    Staffing the front line with well-qualified individuals of the 
highest integrity and capability remains a top mission support priority 
for CBP. CBP will maintain the hiring surge that has been in effect 
since fiscal year 2014. In the last 2 years, CBP has made significant 
improvements, including the implementation of an expedited hiring 
process, to reduce the average time-to-hire from 469 days in January 
2016 to fewer than 300 days. As of April 2017, CBP is applying this 
expedited process to all applicants and we expect it to continue to 
significantly decrease the new hire process.
    Question 2. Will CBP be diverting CBP officers from already 
extremely short-staffed U.S. ports of entry to staff new preclearance 
ports?
    Answer. Preclearance does hire its journeyman officers from our 
U.S. ports of entry, as well as from Field Operations program offices. 
However, precleared flights from these foreign airports land at U.S. 
domestic terminals, decreasing workload requirements at U.S. domestic 
air ports of entry. Furthermore, a portion of the operational cost to 
post CBP officers at these future locations will be covered by the host 
nation airport operator as well as through routine user fee 
collections, allowing CBP to hire at its domestic U.S. ports of entry 
in order to backfill a portion of new Preclearance assignments.
    Question 3a. Earlier this summer, we learned of deeply troubling 
allegations of misconduct by CBP Officers at Newark Liberty 
International Airport. We were told that 11 CBP employees at this 
airport, including three supervisors, were placed on administrative 
duty and that their firearms, badges, and access to sensitive databases 
were suspended meanwhile DHS' Office of the Inspector General 
investigated the allegations. In September, we were notified that three 
of these accused CBP officers were arrested on charges of forcibly 
assaulting and intimidating fellow officers. Can you please tell us 
when CBP's headquarters first learned of these allegations at Newark 
and its response?
    Answer. CBP Headquarters became aware of the alleged misconduct in 
Newark on or about January 23, 2017, when the allegations were reported 
via email to CBP's Office of Professional Responsibility (OPR). In 
accordance with Department of Homeland Security (DHS) policy, the 
information was immediately forwarded to the DHS Office of Inspector 
General (OIG), which opened an investigation.
    Question 3b. Does CBP have any recent or new information about any 
similar allegations of misconduct among its employees at other ports of 
entry?
    Answer. Review of the CBP OPR Joint Intake Case Management Systems 
did not identify any additional allegations involving ritualistic 
hazing by one or more CBP employees as alleged in this case.
    Question 3c. What specific steps has CBP taken to determine whether 
similar improper conduct has occurred at other locations?
    Answer. CBP takes all misconduct allegations seriously. As such, 
CBP Office of Field Operations (OFO) has a program manager assigned to 
CBP Office of Professional Responsibility (OPR) who also reviews the 
Joint Intake Case Management System daily. This program manager also 
serves as a liaison to OPR and Office of the Inspector General (OIG) 
for OFO.
    Question 3d. What specific actions are under way to prevent this 
type of egregious misconduct from happening in the future?
    Answer. Immediately after the alleged misconduct became known to 
OFO, mandatory musters geared toward both managers and employees were 
conducted to reiterate the standards of conduct and table of offenses 
for unprofessional and disruptive behavior. OFO also maintains a robust 
professionalism program at each Field Office. There are approximately 
169 full-time Professionalism Service Managers (PSMs) Nation-wide. OFO 
Headquarters conducts routine conference calls with all PSMs to discuss 
topics of concern and best practices on how to avoid and address 
unprofessional and disruptive behavior.
    Question 4a. The Obama administration identified, based on risk, 21 
expansion priority locations around the world for the Preclearance 
security program. Two locations, Sweden and the Dominican Republic, are 
in the agreement phase of negotiations but, no new agreements have been 
executed. Since January, have there been any meetings or discussions 
with the other 19 selected locations? Are any agreements in the 
pipeline?
    Answer. CBP continues to engage in discussions and take part in 
negotiations with the other prioritized locations for the establishment 
of preclearance. Ultimately, before preclearance operations may begin 
at any location, an agreement between the United States and the host 
government which will permit air transport preclearance in the host 
country must be signed and entered into force. Overall, CBP intends to 
match the speed at which host countries and airports are willing to 
move forward with negotiations and airport designs. Currently, CBP is 
engaged in varying levels of discussion with a number of the 
prioritized locations and our expectation is that more agreements will 
be signed in the near future.
    Question 4b. Does DHS plan to solicit additional expressions of 
interest from foreign countries in the upcoming fiscal year? If not, 
why not?
    Answer. CBP remains committed to furthering our discussions and 
engagement with the already selected prioritized countries from the 
previous open seasons for the establishment of preclearance. CBP is 
willing to discuss preclearance with any additional interested 
locations, however, at this time another open season has not yet been 
established.
    Question 5a. In previous years, Congress was briefed on the 
deployment of CBP Preclearance to the United Arab Emirates, and we were 
told by the Department that the plan was for the program to be deployed 
first to Abu Dhabi and then soon after to Dubai. As you know, the 
latter has a greater volume of travelers, more travelers of possible 
concern, and is served by U.S. air carriers. Is Dubai on the 
administration's current priority list?
    Answer. Although Dubai remains a priority location for CBP in the 
establishment of preclearance, there are no U.S. air carries that fly 
direct to Dubai. Currently Dubai is in the midst of a large airport 
construction project for Al Maktoum International Airport. CBP will 
continue to engage with the airport authorities.
    Question 5b. Does DHS still plan to establish Preclearance in 
Dubai?
    Answer. Establishing preclearance in Dubai will require CBP to 
enter into either a new agreement or amendments to the current 
agreement with the host country. CBP continues to pursue preclearance 
in Dubai, once Dubai meets the U.S. legal prerequisites for a 
preclearance location.
Questions From Ranking Member Bonnie Watson Coleman for Jennifer Grover
    Question 1. How are TSA's inspection authorities different for air 
carriers and foreign airports and what implications does that have for 
TSA's ability to impact aviation security?
    Answer. Although TSA is authorized under U.S. law to conduct 
foreign airport assessments at intervals it considers necessary, it may 
not perform an assessment of security measures at a foreign airport 
without permission from the host government. TSA also does not have 
authority to impose or otherwise enforce security requirements at 
foreign airports and, therefore, seeks to address security deficiencies 
it identifies through capacity building, such as training of foreign 
airport staff and on-site consultation, and working with U.S. and 
foreign-flagged air carriers (i.e., air carriers) to implement security 
measures, among other things. In contrast to the airport assessments, 
TSA is authorized under U.S. law to place security requirements on air 
carriers that service the United States and may take enforcement 
actions if TSA determines through its air carrier inspection program 
that carriers have failed to comply with the requirements.\1\ For 
example, in June 2017, DHS announced new security requirements, 
including heightened screening of personal electronic devices, for air 
carriers operating last-point-of-departure flights to the United States 
from foreign airports.\2\ Although we did not conduct work to 
specifically answer whether differences in TSA's inspection authorities 
have implications for TSA's ability to impact aviation security, we did 
find that while TSA does not have authority to impose requirements or 
compel action by host-government officials at foreign airports should a 
deficiency be identified, TSA has exercised its regulatory authority 
over both U.S. and foreign-flagged air carriers to mitigate identified 
deficiencies or threats.
---------------------------------------------------------------------------
    \1\ See 49 U.S.C.  44903(c), 44906. See also 49 C.F.R. pts. 1544 
and 1546 (imposing requirements on U.S. and foreign-flagged air 
carriers, respectively).
    \2\ See Security Directive  1544-17-01A, International Aviation 
Security (July 13, 2017); Emergency Amendment 1544-17-01A, 
International Aviation Security (July 13, 2017); and Emergency 
Amendment 1546-17-02A, International Aviation Security (July 13, 2017).
---------------------------------------------------------------------------
    Question 2. What is the most important change that TSA has made in 
its foreign airport assessment program since GAO's last review?
    Answer. Since 2011, TSA has taken various steps to strengthen its 
foreign airport assessment program, including better targeting program 
resources based on risk, resolving airport access issues, making 
evaluations more comprehensive, and creating operational efficiencies. 
Some of the important changes that TSA has made in these areas include:
    Better target program resources based on risk.--In 2013, TSA 
established a working group to evaluate ways to better integrate risk 
management in the foreign airport assessment and air carrier inspection 
programs. This working group developed a risk framework, which, 
according to TSA documentation, provides a systematic approach for 
analyzing risk at international airports, supports Office of Global 
Strategies (OGS) decision making, and informs efforts to mitigate 
security deficiencies. In 2015, OGS created the Analysis and Risk 
Mitigation (ARM) Directorate, which formalized the risk mitigation 
responsibilities of the working group and serves as the data analysis 
and evaluation arm of OGS. OGS officials stated that ARM helps the 
program focus its resources based on risk. For example, ARM analyzes 
and prioritizes activities, such as training, that are designed to 
mitigate security vulnerabilities at foreign airports.
    Resolve airport access issues.--Since our 2011 review, TSA has 
faced delays in scheduling some foreign airport assessments and 
obstacles in obtaining full access to airport operations at certain 
locations. According to TSA officials, TSA has used several tactics to 
resolve access issues, including deploying the same inspectors over 
multiple assessments to build rapport with foreign airport officials. 
For example, in one country in the Western Hemisphere region, TSA's 
access to airport operations was initially limited by the host 
government. However, over time, TSA used a small pool of inspectors who 
officials said were able to build trust with the host government and 
gain better access, including the ability to conduct interviews of 
airport officials and take photographs of the security environment. 
Additionally, in 2011, we reported on TSA's challenges in obtaining 
access to airports in Venezuela. Specifically, we reported that TSA had 
not been able to assess airports in Venezuela or conduct TSA compliance 
inspections for air carriers, including U.S. carriers, flying from 
Venezuela to the United States since 2006. According to TSA officials, 
in 2014, TSA regained access in Venezuela after establishing dialogue 
with the new government in place and emphasizing the benefits of the 
evaluation process.
    Make evaluations more comprehensive.--In 2012, TSA developed job 
aids that provide inspectors with a set of detailed areas to assess for 
each foreign airport assessment standard. For example, a job aid for 
passenger and cabin baggage screening includes several prompts related 
to screening roles and responsibilities, the resolution process if a 
suspicious item is detected, and alternative procedures if screening 
equipment is not working as intended. According to TSA officials, these 
actions have led to more comprehensive evaluations and a better 
understanding of foreign airport vulnerabilities.
    Create operational efficiencies.--In 2012, TSA developed the Global 
Risk Analysis and Decision Support System (GRADS) to streamline the 
assessment report writing process and strengthen TSA's data analysis 
capabilities of its foreign airport assessment results. According to 
TSA officials, GRADS has provided TSA personnel with a number of 
benefits, including the ability to run standardized reports, extract 
and analyze key data, and manage airport operational information, such 
as data on security screening equipment. According to TSA 
documentation, prior to 2012, the agency captured the results of its 
foreign airport assessments in narrative form that often amounted to 
more than 80 pages, hampering the ability to perform data analysis.
    Question 3. How well is TSA doing at monitoring the results of its 
foreign airport assessments and air carrier inspections?
    Answer. TSA has taken a number of steps to strengthen its 
analytical processes and better understand the impact of the foreign 
airport assessment and air carrier inspection programs. For example, 
since fiscal year 2012, TSA has held strategy meetings to address 
aviation security threats and vulnerabilities within each of TSA's four 
regions: Africa-Middle East, Asia-Pacific, Europe, and Western 
Hemisphere. During these meetings, TSA officials examine trend data for 
both airport assessments and air carrier inspections, including 
vulnerability ratings over a multi-year period, identify common areas 
of non-compliance, and develop capacity-building approaches customized 
to each region. Additionally, in 2016, TSA began producing regional 
risk reports to provide TSA personnel operating within one of the four 
regions with an understanding of known vulnerabilities and their 
associated risk in order to inform mitigation-planning efforts. These 
reports include such information as key risks at each location and 
region-wide trends on vulnerabilities. While TSA has taken steps to 
leverage the results of foreign airport assessments and air carrier 
inspections to monitor system-wide vulnerabilities and inform capacity 
development, TSA lacks key information for decision making. For 
instance, we found that the Open Standards and Recommended Practices 
Findings Tool (OSFT)--a database for tracking the resolution status of 
identified foreign airport deficiencies--has gaps and its system for 
categorization does not result in sufficient specificity of information 
related to security deficiencies' root causes and corrective actions. 
For example, we found that around two-thirds of fiscal year 2016 
records in the OSFT exhibited empty fields pertaining to root cause or 
recommended corrective action. We also found that the OSFT has 
limitations related to the categorization of root causes and corrective 
actions. TSA procedures indicate that root causes may relate to three 
broad categories (lack of knowledge, lack of infrastructure, and lack 
of will) and 12 subcategories: Aviation security infrastructure, 
communication, cultural factors, human factors, management systems, 
physical infrastructure, procedures, quality control, resources, 
supervision, technology, and training. However, the OSFT does not 
include a field to categorize root causes according to these 
subcategories or other more specific areas. As a result, it does not 
capture more granular information that would better explain the 
specific root cause of an identified security issue.
    Question 4. What are examples of the specific types of capacity 
development that TSA offers to foreign airports?
    Answer. TSA assists foreign airports in addressing identified 
security deficiencies in a variety of ways. TSA inspectors work to 
transfer knowledge on how to mitigate identified airport security 
deficiencies to foreign airport officials and provide TSA program 
officials with suggestions for capacity development that could be 
effective in addressing these deficiencies. Specifically, TSA capacity 
development assistance to foreign airports includes on-the-spot 
counseling, training, technical assistance and consultation, and 
provision of security equipment.
    Inspectors counsel foreign airport staff on-the-spot.--According to 
TSA officials, inspectors typically offer counseling during airport 
assessments when they discover deficiencies, usually of an infrequent, 
less serious, or technical nature, that can be addressed immediately. 
For example, during a 2013 assessment of an airport in the Europe 
region, inspectors observed a total of 53 employees within the 
restricted area, of which one was not displaying his badge. Airport 
officials immediately requested that the individual display his badge 
and informed the TSA inspection team that they will remind all staff to 
properly display their airport media while in the restricted area. For 
the remainder of the airport visit, no badge display issues were noted. 
In another example, during an assessment in the Western Hemisphere 
region, inspectors observed persons entering a restricted area without 
undergoing screening. The inspectors counseled the airport's security 
officials on the importance of adhering to the airport's security 
program, and observed the airport officials take immediate action by 
implementing escort and screening procedures.
    TSA provides security training.--TSA may provide training to 
foreign airport staff to address deeper problems with staff security 
knowledge or to strengthen staff knowledge in an evolving threat 
environment. Training may take several forms, including traditional 
classroom courses or interactive workshops, and can range in length 
from 1 or 2 days to more than 1 week. Course topics include risk 
management, screening operations, and airport security, with a broad 
variety of sub-topics, such as insider risk, cargo security, and 
inspection techniques. According to TSA, new courses are in development 
to meet the changing security landscape. New course topics include 
landside security, behavioral awareness, and the effective use of 
canines.
    TSA arranges for technical assistance and consultation.--TSA 
assists foreign governments in securing technical assistance and 
consultation provided by TSA and other U.S. and foreign government 
agencies to help improve security at foreign airports, particularly 
after security incidents or at airports in developing countries. For 
example, after the 2016 terrorist attack on Brussels Airport, TSA was 
invited by airport officials to provide on-site consultation during the 
reconstitution of the airport facilities. In another example, TSA 
provided a country in the Africa-Middle East region with on-site 
technical assistance for configuring and testing explosives detection 
equipment at baggage screening checkpoints. In addition, the Department 
of State's Anti-Terrorism Assistance Program augments TSA's resources 
in building the aviation security capacity of foreign governments. For 
instance, the Department of State provides recipient nations with 
courses focused on airport security management, quality control, and 
fraudulent document recognition as well as multi-day passenger and 
cargo security consultations. In addition, with regard to capacity 
development TSA collaborates with other countries. Partners may promote 
common aviation security goals to other countries when political 
considerations preclude TSA from doing so, or combine resources with 
TSA for joint efforts. For example, in one collaboration, a country in 
the Asia-Pacific region provided resources and facilities, while TSA 
provided staff so that neighboring countries could attend aviation 
security training.
    TSA loans and donates security equipment.--TSA may loan or donate 
security equipment such as explosives detection devices and metal 
detection hand wands to lower-income countries. Since fiscal year 2012, 
TSA has loaned X-ray screening equipment and explosives detection 
devices to five countries. TSA may also provide staff at foreign 
airports with demonstrations for using equipment that has been loaned 
or donated by TSA, as well as equipment otherwise acquired by host 
governments. For instance, in 2016 TSA provided operator training and 
maintenance assistance to a country in the Africa-Middle East region 
that had procured passenger body scanners.
    Question 5. Given the strides that TSA made under the Obama 
administration on addressing GAO's key findings at last-point-of-
departure airports, do you think that TSA has the resources to keep up 
the level of compliance activities while executing new security 
directives?
    Answer. We did not conduct the work necessary to evaluate whether 
TSA has sufficient resources to keep up the level of compliance 
activities while executing new security directives.