[Congressional Record (Bound Edition), Volume 160 (2014), Part 13]
[House]
[Pages 17780-17788]
[From the U.S. Government Publishing Office, www.gpo.gov]




 CHEMICAL FACILITY ANTI-TERRORISM STANDARDS PROGRAM AUTHORIZATION AND 
                       ACCOUNTABILITY ACT OF 2014

  Mr. MEEHAN. Mr. Speaker, I move to suspend the rules and concur in 
the Senate amendment to the bill (H.R. 4007) to recodify and 
reauthorize the Chemical Facility Anti-Terrorism Standards Program.
  The Clerk read the title of the bill.
  The text of the Senate amendment is as follows:
  Senate amendment:

       In lieu of the matter proposed to be inserted, insert the 
     following:

     SECTION 1. SHORT TITLE.

       This Act may be cited as the ``Protecting and Securing 
     Chemical Facilities from Terrorist Attacks Act of 2014''.

     SEC. 2. CHEMICAL FACILITY ANTI-TERRORISM STANDARDS PROGRAM.

       (a) In General.--The Homeland Security Act of 2002 (6 
     U.S.C. 101 et se.) is amended by adding at the end the 
     following:

        ``TITLE XXI--CHEMICAL FACILITY ANTI-TERRORISM STANDARDS

     ``SEC. 2101. DEFINITIONS.

       ``In this title--
       ``(1) the term `CFATS regulation' means--
       ``(A) an existing CFATS regulation; and
       ``(B) any regulation or amendment to an existing CFATS 
     regulation issued pursuant to the authority under section 
     2107;
       ``(2) the term `chemical facility of interest' means a 
     facility that--
       ``(A) holds, or that the Secretary has a reasonable basis 
     to believe holds, a chemical of interest, as designated under 
     Appendix A to part 27 of title 6, Code of Federal 
     Regulations, or any successor thereto, at a threshold 
     quantity set pursuant to relevant risk-related security 
     principles; and
       ``(B) is not an excluded facility;
       ``(3) the term `covered chemical facility' means a facility 
     that--
       ``(A) the Secretary--
       ``(i) identifies as a chemical facility of interest; and
       ``(ii) based upon review of the facility's Top-Screen, 
     determines meets the risk criteria developed under section 
     2102(e)(2)(B); and
       ``(B) is not an excluded facility;
       ``(4) the term `excluded facility' means--
       ``(A) a facility regulated under the Maritime 
     Transportation Security Act of 2002 (Public Law 107-295; 116 
     Stat. 2064);
       ``(B) a public water system, as that term is defined in 
     section 1401 of the Safe Drinking Water Act (42 U.S.C. 300f);
       ``(C) a Treatment Works, as that term is defined in section 
     212 of the Federal Water Pollution Control Act (33 U.S.C. 
     1292);
       ``(D) a facility owned or operated by the Department of 
     Defense or the Department of Energy; or
       ``(E) a facility subject to regulation by the Nuclear 
     Regulatory Commission, or by a State that has entered into an 
     agreement with the Nuclear Regulatory Commission under 
     section 274 b. of the Atomic Energy Act of 1954 (42 U.S.C. 
     2021(b)) to protect against unauthorized access of any 
     material, activity, or structure licensed by the Nuclear 
     Regulatory Commission;
       ``(5) the term `existing CFATS regulation' means--
       ``(A) a regulation promulgated under section 550 of the 
     Department of Homeland Security Appropriations Act, 2007 
     (Public Law 109-295; 6 U.S.C. 121 note) that is in effect on 
     the day before the date of enactment of the Protecting and 
     Securing Chemical Facilities from Terrorist Attacks Act of 
     2014; and
       ``(B) a Federal Register notice or other published guidance 
     relating to section 550 of the Department of Homeland 
     Security Appropriations Act, 2007 that is in effect on the 
     day before the date of enactment of the Protecting and 
     Securing Chemical Facilities from Terrorist Attacks Act of 
     2014;

[[Page 17781]]

       ``(6) the term `expedited approval facility' means a 
     covered chemical facility for which the owner or operator 
     elects to submit a site security plan in accordance with 
     section 2102(c)(4);
       ``(7) the term `facially deficient', relating to a site 
     security plan, means a site security plan that does not 
     support a certification that the security measures in the 
     plan address the security vulnerability assessment and the 
     risk-based performance standards for security for the 
     facility, based on a review of--
       ``(A) the facility's site security plan;
       ``(B) the facility's Top-Screen;
       ``(C) the facility's security vulnerability assessment; or
       ``(D) any other information that--
       ``(i) the facility submits to the Department; or
       ``(ii) the Department obtains from a public source or other 
     source;
       ``(8) the term `guidance for expedited approval facilities' 
     means the guidance issued under section 2102(c)(4)(B)(i);
       ``(9) the term `risk assessment' means the Secretary's 
     application of relevant risk criteria identified in section 
     2102(e)(2)(B);
       ``(10) the term `terrorist screening database' means the 
     terrorist screening database maintained by the Federal 
     Government Terrorist Screening Center or its successor;
       ``(11) the term `tier' has the meaning given the term in 
     section 27.105 of title 6, Code of Federal Regulations, or 
     any successor thereto;
       ``(12) the terms `tie ring' and `tie ring methodology' mean 
     the procedure by which the Secretary assigns a tier to each 
     covered chemical facility based on the risk assessment for 
     that covered chemical facility;
       ``(13) the term `Top-Screen' has the meaning given the term 
     in section 27.105 of title 6, Code of Federal Regulations, or 
     any successor thereto; and
       ``(14) the term `vulnerability assessment' means the 
     identification of weaknesses in the security of a chemical 
     facility of interest.

     ``SEC. 2102. CHEMICAL FACILITY ANTI-TERRORISM STANDARDS 
                   PROGRAM.

       ``(a) Program Established.--
       ``(1) In general.--There is in the Department a Chemical 
     Facility Anti-Terrorism Standards Program.
       ``(2) Requirements.--In carrying out the Chemical Facility 
     Anti-Terrorism Standards Program, the Secretary shall--
       ``(A) identify--
       ``(i) chemical facilities of interest; and
       ``(ii) covered chemical facilities;
       ``(B) require each chemical facility of interest to submit 
     a Top-Screen and any other information the Secretary 
     determines necessary to enable the Department to assess the 
     security risks associated with the facility;
       ``(C) establish risk-based performance standards designed 
     to address high levels of security risk at covered chemical 
     facilities; and
       ``(D) require each covered chemical facility to--
       ``(i) submit a security vulnerability assessment; and
       ``(ii) develop, submit, and implement a site security plan.
       ``(b) Security Measures.--
       ``(1) In general.--A facility, in developing a site 
     security plan as required under subsection (a), shall include 
     security measures that, in combination, appropriately address 
     the security vulnerability assessment and the risk-based 
     performance standards for security for the facility.
       ``(2) Employee input.--To the greatest extent practicable, 
     a facility's security vulnerability assessment and site 
     security plan shall include input from at least 1 facility 
     employee and, where applicable, 1 employee representative 
     from the bargaining agent at that facility, each of whom 
     possesses, in the determination of the facility's security 
     officer, relevant knowledge, experience, training, or 
     education as pertains to matters of site security.
       ``(c) Approval or Disapproval of Site Security Plans.--
       ``(1) In general.--
       ``(A) Review.--Except as provided in paragraph (4), the 
     Secretary shall review and approve or disapprove each site 
     security plan submitted pursuant to subsection (a).
       ``(B) Bases for disapproval.--The Secretary--
       ``(i) may not disapprove a site security plan based on the 
     presence or absence of a particular security measure; and
       ``(ii) shall disapprove a site security plan if the plan 
     fails to satisfy the risk-based performance standards 
     established pursuant to subsection (a)(2)(C).
       ``(2) Alternative security programs.--
       ``(A) Authority to approve.--
       ``(i) In general.--The Secretary may approve an alternative 
     security program established by a private sector entity or a 
     Federal, State, or local authority or under other applicable 
     laws, if the Secretary determines that the requirements of 
     the program meet the requirements under this section.
       ``(ii) Additional security measures.--If the requirements 
     of an alternative security program do not meet the 
     requirements under this section, the Secretary may recommend 
     additional security measures to the program that will enable 
     the Secretary to approve the program.
       ``(B) Satisfaction of site security plan requirement.--A 
     covered chemical facility may satisfy the site security plan 
     requirement under subsection (a) by adopting an alternative 
     security program that the Secretary has--
       ``(i) reviewed and approved under subparagraph (A); and
       ``(ii) determined to be appropriate for the operations and 
     security concerns of the covered chemical facility.
       ``(3) Site security plan assessments.--
       ``(A) Risk assessment policies and procedures.--In 
     approving or disapproving a site security plan under this 
     subsection, the Secretary shall employ the risk assessment 
     policies and procedures developed under this title.
       ``(B) Previously approved plans.--In the case of a covered 
     chemical facility for which the Secretary approved a site 
     security plan before the date of enactment of the Protecting 
     and Securing Chemical Facilities from Terrorist Attacks Act 
     of 2014, the Secretary may not require the facility to 
     resubmit the site security plan solely by reason of the 
     enactment of this title.
       ``(4) Expedited approval program.--
       ``(A) In general.--A covered chemical facility assigned to 
     tier 3 or 4 may meet the requirement to develop and submit a 
     site security plan under subsection (a)(2)(D) by developing 
     and submitting to the Secretary--
       ``(i) a site security plan and the certification described 
     in subparagraph (C); or
       ``(ii) a site security plan in conformance with a template 
     authorized under subparagraph (H).
       ``(B) Guidance for expedited approval facilities.--
       ``(i) In general.--Not later than 180 days after the date 
     of enactment of the Protecting and Securing Chemical 
     Facilities from Terrorist Attacks Act of 2014, the Secretary 
     shall issue guidance for expedited approval facilities that 
     identifies specific security measures that are sufficient to 
     meet the risk-based performance standards.
       ``(ii) Material deviation from guidance.--If a security 
     measure in the site security plan of an expedited approval 
     facility materially deviates from a security measure in the 
     guidance for expedited approval facilities, the site security 
     plan shall include an explanation of how such security 
     measure meets the risk-based performance standards.
       ``(iii) Applicability of other laws to development and 
     issuance of initial guidance.--During the period before the 
     Secretary has met the deadline under clause (i), in 
     developing and issuing, or amending, the guidance for 
     expedited approval facilities under this subparagraph and in 
     collecting information from expedited approval facilities, 
     the Secretary shall not be subject to--

       ``(I) section 553 of title 5, United States Code;
       ``(II) subchapter I of chapter 35 of title 44, United 
     States Code; or
       ``(III) section 2107(b) of this title.

       ``(C) Certification.--The owner or operator of an expedited 
     approval facility shall submit to the Secretary a 
     certification, signed under penalty of perjury, that--
       ``(i) the owner or operator is familiar with the 
     requirements of this title and part 27 of title 6, Code of 
     Federal Regulations, or any successor thereto, and the site 
     security plan being submitted;
       ``(ii) the site security plan includes the security 
     measures required by subsection (b);
       ``(iii)(I) the security measures in the site security plan 
     do not materially deviate from the guidance for expedited 
     approval facilities except where indicated in the site 
     security plan;
       ``(II) any deviations from the guidance for expedited 
     approval facilities in the site security plan meet the risk-
     based performance standards for the tier to which the 
     facility is assigned; and
       ``(III) the owner or operator has provided an explanation 
     of how the site security plan meets the risk-based 
     performance standards for any material deviation;
       ``(iv) the owner or operator has visited, examined, 
     documented, and verified that the expedited approval facility 
     meets the criteria set forth in the site security plan;
       ``(v) the expedited approval facility has implemented all 
     of the required performance measures outlined in the site 
     security plan or set out planned measures that will be 
     implemented within a reasonable time period stated in the 
     site security plan;
       ``(vi) each individual responsible for implementing the 
     site security plan has been made aware of the requirements 
     relevant to the individual's responsibility contained in the 
     site security plan and has demonstrated competency to carry 
     out those requirements;
       ``(vii) the owner or operator has committed, or, in the 
     case of planned measures will commit, the necessary resources 
     to fully implement the site security plan; and
       ``(viii) the planned measures include an adequate procedure 
     for addressing events beyond the control of the owner or 
     operator in implementing any planned measures.
       ``(D) Deadline.--
       ``(i) In general.--Not later than 120 days after the date 
     described in clause (ii), the owner or operator of an 
     expedited approval facility shall submit to the Secretary the 
     site security plan and the certification described in 
     subparagraph (C).
       ``(ii) Date.--The date described in this clause is--

       ``(I) for an expedited approval facility that was assigned 
     to tier 3 or 4 under existing CFATS regulations before the 
     date of enactment of the Protecting and Securing Chemical 
     Facilities from Terrorist Attacks Act of 2014, the date that 
     is 210 days after the date of enactment of that Act; and
       ``(II) for any expedited approval facility not described in 
     subclause (I), the later of--

       ``(aa) the date on which the expedited approval facility is 
     assigned to tier 3 or 4 under subsection (e)(2)(A); or
       ``(bb) the date that is 210 days after the date of 
     enactment of the Protecting and Securing

[[Page 17782]]

     Chemical Facilities from Terrorist Attacks Act of 2014.
       ``(iii) Notice.--An owner or operator of an expedited 
     approval facility shall notify the Secretary of the intent of 
     the owner or operator to certify the site security plan for 
     the expedited approval facility not later than 30 days before 
     the date on which the owner or operator submits the site 
     security plan and certification described in subparagraph 
     (C).
       ``(E) Compliance.--
       ``(i) In general.--For an expedited approval facility 
     submitting a site security plan and certification in 
     accordance with subparagraphs (A), (B), (C), and (D)--

       ``(I) the expedited approval facility shall comply with all 
     of the requirements of its site security plan; and
       ``(II) the Secretary--

       ``(aa) except as provided in subparagraph (G), may not 
     disapprove the site security plan; and
       ``(bb) may audit and inspect the expedited approval 
     facility under subsection (d) to verify compliance with its 
     site security plan.
       ``(ii) Noncompliance.--If the Secretary determines an 
     expedited approval facility is not in compliance with the 
     requirements of the site security plan or is otherwise in 
     violation of this title, the Secretary may enforce compliance 
     in accordance with section 2104.
       ``(F) Amendments to site security plan.--
       ``(i) Requirement.--

       ``(I) In general.--If the owner or operator of an expedited 
     approval facility amends a site security plan submitted under 
     subparagraph (A), the owner or operator shall submit the 
     amended site security plan and a certification relating to 
     the amended site security plan that contains the information 
     described in subparagraph (C).
       ``(II) Technical amendments.--For purposes of this clause, 
     an amendment to a site security plan includes any technical 
     amendment to the site security plan.

       ``(ii) Amendment required.--The owner or operator of an 
     expedited approval facility shall amend the site security 
     plan if--

       ``(I) there is a change in the design, construction, 
     operation, or maintenance of the expedited approval facility 
     that affects the site security plan;
       ``(II) the Secretary requires additional security measures 
     or suspends a certification and recommends additional 
     security measures under subparagraph (G); or
       ``(III) the owner or operator receives notice from the 
     Secretary of a change in tiering under subsection (e)(3).

       ``(iii) Deadline.--An amended site security plan and 
     certification shall be submitted under clause (i)--

       ``(I) in the case of a change in design, construction, 
     operation, or maintenance of the expedited approval facility 
     that affects the security plan, not later than 120 days after 
     the date on which the change in design, construction, 
     operation, or maintenance occurred;
       ``(II) in the case of the Secretary requiring additional 
     security measures or suspending a certification and 
     recommending additional security measures under subparagraph 
     (G), not later than 120 days after the date on which the 
     owner or operator receives notice of the requirement for 
     additional security measures or suspension of the 
     certification and recommendation of additional security 
     measures; and
       ``(III) in the case of a change in tiering, not later than 
     120 days after the date on which the owner or operator 
     receives notice under subsection (e)(3).

       ``(G) Facially deficient site security plans.--
       ``(i) Prohibition.--Notwithstanding subparagraph (A) or 
     (E), the Secretary may suspend the authority of a covered 
     chemical facility to certify a site security plan if the 
     Secretary--

       ``(I) determines the certified site security plan or an 
     amended site security plan is facially deficient; and
       ``(II) not later than 100 days after the date on which the 
     Secretary receives the site security plan and certification, 
     provides the covered chemical facility with written 
     notification that the site security plan is facially 
     deficient, including a clear explanation of each deficiency 
     in the site security plan.

       ``(ii) Additional security measures.--

       ``(I) In general.--If, during or after a compliance 
     inspection of an expedited approval facility, the Secretary 
     determines that planned or implemented security measures in 
     the site security plan of the facility are insufficient to 
     meet the risk-based performance standards based on 
     misrepresentation, omission, or an inadequate description of 
     the site, the Secretary may--

       ``(aa) require additional security measures; or
       ``(bb) suspend the certification of the facility.

       ``(II) Recommendation of additional security measures.--If 
     the Secretary suspends the certification of an expedited 
     approval facility under subclause (I), the Secretary shall--

       ``(aa) recommend specific additional security measures 
     that, if made part of the site security plan by the facility, 
     would enable the Secretary to approve the site security plan; 
     and
       ``(bb) provide the facility an opportunity to submit a new 
     or modified site security plan and certification under 
     subparagraph (A).

       ``(III) Submission; review.--If an expedited approval 
     facility determines to submit a new or modified site security 
     plan and certification as authorized under subclause 
     (II)(bb)--

       ``(aa) not later than 90 days after the date on which the 
     facility receives recommendations under subclause (II)(aa), 
     the facility shall submit the new or modified plan and 
     certification; and
       ``(bb) not later than 45 days after the date on which the 
     Secretary receives the new or modified plan under item (aa), 
     the Secretary shall review the plan and determine whether the 
     plan is facially deficient.

       ``(IV) Determination not to include additional security 
     measures.--

       ``(aa) Revocation of certification.--If an expedited 
     approval facility does not agree to include in its site 
     security plan specific additional security measures 
     recommended by the Secretary under subclause (II)(aa), or 
     does not submit a new or modified site security plan in 
     accordance with subclause (III), the Secretary may revoke the 
     certification of the facility by issuing an order under 
     section 2104(a)(1)(B).
       ``(bb) Effect of revocation.--If the Secretary revokes the 
     certification of an expedited approval facility under item 
     (aa) by issuing an order under section 2104(a)(1)(B)--
       ``(AA) the order shall require the owner or operator of the 
     facility to submit a site security plan or alternative 
     security program for review by the Secretary review under 
     subsection (c)(1); and
       ``(BB) the facility shall no longer be eligible to certify 
     a site security plan under this paragraph.

       ``(V) Facial deficiency.--If the Secretary determines that 
     a new or modified site security plan submitted by an 
     expedited approval facility under subclause (III) is facially 
     deficient--

       ``(aa) not later than 120 days after the date of the 
     determination, the owner or operator of the facility shall 
     submit a site security plan or alternative security program 
     for review by the Secretary under subsection (c)(1); and
       ``(bb) the facility shall no longer be eligible to certify 
     a site security plan under this paragraph.
       ``(H) Templates.--
       ``(i) In general.--The Secretary may develop prescriptive 
     site security plan templates with specific security measures 
     to meet the risk-based performance standards under subsection 
     (a)(2)(C) for adoption and certification by a covered 
     chemical facility assigned to tier 3 or 4 in lieu of 
     developing and certifying its own plan.
       ``(ii) Applicability of other laws to development and 
     issuance of initial site security plan templates and related 
     guidance.--During the period before the Secretary has met the 
     deadline under subparagraph (B)(i), in developing and 
     issuing, or amending, the site security plan templates under 
     this subparagraph, in issuing guidance for implementation of 
     the templates, and in collecting information from expedited 
     approval facilities, the Secretary shall not be subject to--

       ``(I) section 553 of title 5, United States Code;
       ``(II) subchapter I of chapter 35 of title 44, United 
     States Code; or
       ``(III) section 2107(b) of this title.

       ``(iii) Rule of construction.--Nothing in this subparagraph 
     shall be construed to prevent a covered chemical facility 
     from developing and certifying its own security plan in 
     accordance with subparagraph (A).
       ``(I) Evaluation.--
       ``(i) In general.--Not later than 18 months after the date 
     of enactment of the Protecting and Securing Chemical 
     Facilities from Terrorist Attacks Act of 2014, the Secretary 
     shall take any appropriate action necessary for a full 
     evaluation of the expedited approval program authorized under 
     this paragraph, including conducting an appropriate number of 
     inspections, as authorized under subsection (d), of expedited 
     approval facilities.
       ``(ii) Report.--Not later than 18 months after the date of 
     enactment of the Protecting and Securing Chemical Facilities 
     from Terrorist Attacks Act of 2014, the Secretary shall 
     submit to the Committee on Homeland Security and Governmental 
     Affairs of the Senate and the Committee on Homeland Security 
     and the Committee on Energy and Commerce of the House of 
     Representatives a report that contains--

       ``(I)(aa) the number of eligible facilities using the 
     expedited approval program authorized under this paragraph; 
     and
       ``(bb) the number of facilities that are eligible for the 
     expedited approval program but are using the standard process 
     for developing and submitting a site security plan under 
     subsection (a)(2)(D);
       ``(II) any costs and efficiencies associated with the 
     expedited approval program;
       ``(III) the impact of the expedited approval program on the 
     backlog for site security plan approval and authorization 
     inspections;
       ``(IV) an assessment of the ability of expedited approval 
     facilities to submit facially sufficient site security plans;
       ``(V) an assessment of any impact of the expedited approval 
     program on the security of chemical facilities; and
       ``(VI) a recommendation by the Secretary on the frequency 
     of compliance inspections that may be required for expedited 
     approval facilities.

       ``(d) Compliance.--
       ``(1) Audits and inspections.--
       ``(A) Definitions.--In this paragraph--
       ``(i) the term `nondepartmental'--

       ``(I) with respect to personnel, means personnel that is 
     not employed by the Department; and
       ``(II) with respect to an entity, means an entity that is 
     not a component or other authority of the Department; and

       ``(ii) the term `nongovernmental'--

       ``(I) with respect to personnel, means personnel that is 
     not employed by the Federal Government; and
       ``(II) with respect to an entity, means an entity that is 
     not an agency, department, or other authority of the Federal 
     Government.

[[Page 17783]]

       ``(B) Authority to conduct audits and inspections.--The 
     Secretary shall conduct audits or inspections under this 
     title using--
       ``(i) employees of the Department;
       ``(ii) nondepartmental or nongovernmental personnel 
     approved by the Secretary; or
       ``(iii) a combination of individuals described in clauses 
     (i) and (ii).
       ``(C) Support personnel.--The Secretary may use 
     nongovernmental personnel to provide administrative and 
     logistical services in support of audits and inspections 
     under this title.
       ``(D) Reporting structure.--
       ``(i) Nondepartmental and nongovernmental audits and 
     inspections.--Any audit or inspection conducted by an 
     individual employed by a nondepartmental or nongovernmental 
     entity shall be assigned in coordination with a regional 
     supervisor with responsibility for supervising inspectors 
     within the Infrastructure Security Compliance Division of the 
     Department for the region in which the audit or inspection is 
     to be conducted.
       ``(ii) Requirement to report.--While an individual employed 
     by a nondepartmental or nongovernmental entity is in the 
     field conducting an audit or inspection under this 
     subsection, the individual shall report to the regional 
     supervisor with responsibility for supervising inspectors 
     within the Infrastructure Security Compliance Division of the 
     Department for the region in which the individual is 
     operating.
       ``(iii) Approval.--The authority to approve a site security 
     plan under subsection (c) or determine if a covered chemical 
     facility is in compliance with an approved site security plan 
     shall be exercised solely by the Secretary or a designee of 
     the Secretary within the Department.
       ``(E) Standards for auditors and inspectors.--The Secretary 
     shall prescribe standards for the training and retraining of 
     each individual used by the Department as an auditor or 
     inspector, including each individual employed by the 
     Department and all nondepartmental or nongovernmental 
     personnel, including--
       ``(i) minimum training requirements for new auditors and 
     inspectors;
       ``(ii) retraining requirements;
       ``(iii) minimum education and experience levels;
       ``(iv) the submission of information as required by the 
     Secretary to enable determination of whether the auditor or 
     inspector has a conflict of interest;
       ``(v) the proper certification or certifications necessary 
     to handle chemical-terrorism vulnerability information (as 
     defined in section 27.105 of title 6, Code of Federal 
     Regulations, or any successor thereto);
       ``(vi) the reporting of any issue of non-compliance with 
     this section to the Secretary within 24 hours; and
       ``(vii) any additional qualifications for fitness of duty 
     as the Secretary may require.
       ``(F) Conditions for nongovernmental auditors and 
     inspectors.--If the Secretary arranges for an audit or 
     inspection under subparagraph (B) to be carried out by a 
     nongovernmental entity, the Secretary shall--
       ``(i) prescribe standards for the qualification of the 
     individuals who carry out such audits and inspections that 
     are commensurate with the standards for similar Government 
     auditors or inspectors; and
       ``(ii) ensure that any duties carried out by a 
     nongovernmental entity are not inherently governmental 
     functions.
       ``(2) Personnel surety.--
       ``(A) Personnel surety program.--For purposes of this 
     title, the Secretary shall establish and carry out a 
     Personnel Surety Program that--
       ``(i) does not require an owner or operator of a covered 
     chemical facility that voluntarily participates in the 
     program to submit information about an individual more than 1 
     time;
       ``(ii) provides a participating owner or operator of a 
     covered chemical facility with relevant information about an 
     individual based on vetting the individual against the 
     terrorist screening database, to the extent that such 
     feedback is necessary for the facility to be in compliance 
     with regulations promulgated under this title; and
       ``(iii) provides redress to an individual--

       ``(I) whose information was vetted against the terrorist 
     screening database under the program; and
       ``(II) who believes that the personally identifiable 
     information submitted to the Department for such vetting by a 
     covered chemical facility, or its designated representative, 
     was inaccurate.

       ``(B) Personnel surety program implementation.--To the 
     extent that a risk-based performance standard established 
     under subsection (a) requires identifying individuals with 
     ties to terrorism--
       ``(i) a covered chemical facility--

       ``(I) may satisfy its obligation under the standard by 
     using any Federal screening program that periodically vets 
     individuals against the terrorist screening database, or any 
     successor program, including the Personnel Surety Program 
     established under subparagraph (A); and
       ``(II) shall--

       ``(aa) accept a credential from a Federal screening program 
     described in subclause (I) if an individual who is required 
     to be screened presents such a credential; and
       ``(bb) address in its site security plan or alternative 
     security program the measures it will take to verify that a 
     credential or documentation from a Federal screening program 
     described in subclause (I) is current;
       ``(ii) visual inspection shall be sufficient to meet the 
     requirement under clause (i)(II)(bb), but the facility should 
     consider other means of verification, consistent with the 
     facility's assessment of the threat posed by acceptance of 
     such credentials; and
       ``(iii) the Secretary may not require a covered chemical 
     facility to submit any information about an individual unless 
     the individual--

       ``(I) is to be vetted under the Personnel Surety Program; 
     or
       ``(II) has been identified as presenting a terrorism 
     security risk.

       ``(C) Rights unaffected.--Nothing in this section shall 
     supersede the ability--
       ``(i) of a facility to maintain its own policies regarding 
     the access of individuals to restricted areas or critical 
     assets; or
       ``(ii) of an employing facility and a bargaining agent, 
     where applicable, to negotiate as to how the results of a 
     background check may be used by the facility with respect to 
     employment status.
       ``(3) Availability of information.--The Secretary shall 
     share with the owner or operator of a covered chemical 
     facility any information that the owner or operator needs to 
     comply with this section.
       ``(e) Responsibilities of the Secretary.--
       ``(1) Identification of chemical facilities of interest.--
     In carrying out this title, the Secretary shall consult with 
     the heads of other Federal agencies, States and political 
     subdivisions thereof, relevant business associations, and 
     public and private labor organizations to identify all 
     chemical facilities of interest.
       ``(2) Risk assessment.--
       ``(A) In general.--For purposes of this title, the 
     Secretary shall develop a security risk assessment approach 
     and corresponding tiering methodology for covered chemical 
     facilities that incorporates the relevant elements of risk, 
     including threat, vulnerability, and consequence.
       ``(B) Criteria for determining security risk.--The criteria 
     for determining the security risk of terrorism associated 
     with a covered chemical facility shall take into account--
       ``(i) relevant threat information;
       ``(ii) potential severe economic consequences and the 
     potential loss of human life in the event of the facility 
     being subject to attack, compromise, infiltration, or 
     exploitation by terrorists; and
       ``(iii) vulnerability of the facility to attack, 
     compromise, infiltration, or exploitation by terrorists.
       ``(3) Changes in tiering.--
       ``(A) Maintenance of records.--The Secretary shall document 
     the basis for each instance in which--
       ``(i) tiering for a covered chemical facility is changed; 
     or
       ``(ii) a covered chemical facility is determined to no 
     longer be subject to the requirements under this title.
       ``(B) Required information.--The records maintained under 
     subparagraph (A) shall include information on whether and how 
     the Secretary confirmed the information that was the basis 
     for the change or determination described in subparagraph 
     (A).
       ``(4) Semiannual performance reporting.--Not later than 6 
     months after the date of enactment of the Protecting and 
     Securing Chemical Facilities from Terrorist Attacks Act of 
     2014, and not less frequently than once every 6 months 
     thereafter, the Secretary shall submit to the Committee on 
     Homeland Security and Governmental Affairs of the Senate and 
     the Committee on Homeland Security and the Committee on 
     Energy and Commerce of the House of Representatives a report 
     that includes, for the period covered by the report--
       ``(A) the number of covered chemical facilities in the 
     United States;
       ``(B) information--
       ``(i) describing--

       ``(I) the number of instances in which the Secretary--

       ``(aa) placed a covered chemical facility in a lower risk 
     tier; or
       ``(bb) determined that a facility that had previously met 
     the criteria for a covered chemical facility under section 
     2101(3) no longer met the criteria; and

       ``(II) the basis, in summary form, for each action or 
     determination under subclause (I); and

       ``(ii) that is provided in a sufficiently anonymized form 
     to ensure that the information does not identify any specific 
     facility or company as the source of the information when 
     viewed alone or in combination with other public information;
       ``(C) the average number of days spent reviewing site 
     security or an alternative security program for a covered 
     chemical facility prior to approval;
       ``(D) the number of covered chemical facilities inspected;
       ``(E) the average number of covered chemical facilities 
     inspected per inspector; and
       ``(F) any other information that the Secretary determines 
     will be helpful to Congress in evaluating the performance of 
     the Chemical Facility Anti-Terrorism Standards Program.

     ``SEC. 2103. PROTECTION AND SHARING OF INFORMATION.

       ``(a) In General.--Notwithstanding any other provision of 
     law, information developed under this title, including 
     vulnerability assessments, site security plans, and other 
     security related information, records, and documents shall be 
     given protections from public disclosure consistent with the 
     protection of similar information under section 70103(d) of 
     title 46, United States Code.
       ``(b) Sharing of Information With States and Local 
     Governments.--Nothing in this section shall be construed to 
     prohibit the sharing of

[[Page 17784]]

     information developed under this title, as the Secretary 
     determines appropriate, with State and local government 
     officials possessing a need to know and the necessary 
     security clearances, including law enforcement officials and 
     first responders, for the purpose of carrying out this title, 
     provided that such information may not be disclosed pursuant 
     to any State or local law.
       ``(c) Sharing of Information With First Responders.--
       ``(1) Requirement.--The Secretary shall provide to State, 
     local, and regional fusion centers (as that term is defined 
     in section 210A(j)(1)) and State and local government 
     officials, as the Secretary determines appropriate, such 
     information as is necessary to help ensure that first 
     responders are properly prepared and provided with the 
     situational awareness needed to respond to security incidents 
     at covered chemical facilities.
       ``(2) Dissemination.--The Secretary shall disseminate 
     information under paragraph (1) through a medium or system 
     determined by the Secretary to be appropriate to ensure the 
     secure and expeditious dissemination of such information to 
     necessary selected individuals.
       ``(d) Enforcement Proceedings.--In any proceeding to 
     enforce this section, vulnerability assessments, site 
     security plans, and other information submitted to or 
     obtained by the Secretary under this title, and related 
     vulnerability or security information, shall be treated as if 
     the information were classified information.
       ``(e) Availability of Information.--Notwithstanding any 
     other provision of law (including section 552(b)(3) of title 
     5, United States Code), section 552 of title 5, United States 
     Code (commonly known as the `Freedom of Information Act') 
     shall not apply to information protected from public 
     disclosure pursuant to subsection (a) of this section.
       ``(f) Sharing of Information With Members of Congress.--
     Nothing in this section shall prohibit the Secretary from 
     disclosing information developed under this title to a Member 
     of Congress in response to a request by a Member of Congress.

     ``SEC. 2104. CIVIL ENFORCEMENT.

       ``(a) Notice of Noncompliance.--
       ``(1) Notice.--If the Secretary determines that a covered 
     chemical facility is not in compliance with this title, the 
     Secretary shall--
       ``(A) provide the owner or operator of the facility with--
       ``(i) not later than 14 days after date on which the 
     Secretary makes the determination, a written notification of 
     noncompliance that includes a clear explanation of any 
     deficiency in the security vulnerability assessment or site 
     security plan; and
       ``(ii) an opportunity for consultation with the Secretary 
     or the Secretary's designee; and
       ``(B) issue to the owner or operator of the facility an 
     order to comply with this title by a date specified by the 
     Secretary in the order, which date shall be not later than 
     180 days after the date on which the Secretary issues the 
     order.
       ``(2) Continued noncompliance.--If an owner or operator 
     remains noncompliant after the procedures outlined in 
     paragraph (1) have been executed, or demonstrates repeated 
     violations of this title, the Secretary may enter an order in 
     accordance with this section assessing a civil penalty, an 
     order to cease operations, or both.
       ``(b) Civil Penalties.--
       ``(1) Violations of orders.--Any person who violates an 
     order issued under this title shall be liable for a civil 
     penalty under section 70119(a) of title 46, United States 
     Code.
       ``(2) Non-reporting chemical facilities of interest.--Any 
     owner of a chemical facility of interest who fails to comply 
     with, or knowingly submits false information under, this 
     title or the CFATS regulations shall be liable for a civil 
     penalty under section 70119(a) of title 46, United States 
     Code.
       ``(c) Emergency Orders.--
       ``(1) In general.--Notwithstanding subsection (a) or any 
     site security plan or alternative security program approved 
     under this title, if the Secretary determines that there is 
     an imminent threat of death, serious illness, or severe 
     personal injury, due to a violation of this title or the risk 
     of a terrorist incident that may affect a chemical facility 
     of interest, the Secretary--
       ``(A) shall consult with the facility, if practicable, on 
     steps to mitigate the risk; and
       ``(B) may order the facility, without notice or opportunity 
     for a hearing, effective immediately or as soon as 
     practicable, to--
       ``(i) implement appropriate emergency security measures; or
       ``(ii) cease or reduce some or all operations, in 
     accordance with safe shutdown procedures, if the Secretary 
     determines that such a cessation or reduction of operations 
     is the most appropriate means to address the risk.
       ``(2) Limitation on delegation.--The Secretary may not 
     delegate the authority under paragraph (1) to any official 
     other than the Under Secretary responsible for overseeing 
     critical infrastructure protection, cybersecurity, and other 
     related programs of the Department appointed under section 
     103(a)(1)(H).
       ``(3) Limitation on authority.--The Secretary may exercise 
     the authority under this subsection only to the extent 
     necessary to abate the imminent threat determination under 
     paragraph (1).
       ``(4) Due process for facility owner or operator.--
       ``(A) Written orders.--An order issued by the Secretary 
     under paragraph (1) shall be in the form of a written 
     emergency order that--
       ``(i) describes the violation or risk that creates the 
     imminent threat;
       ``(ii) states the security measures or order issued or 
     imposed; and
       ``(iii) describes the standards and procedures for 
     obtaining relief from the order.
       ``(B) Opportunity for review.--After issuing an order under 
     paragraph (1) with respect to a chemical facility of 
     interest, the Secretary shall provide for review of the order 
     under section 554 of title 5 if a petition for review is 
     filed not later than 20 days after the date on which the 
     Secretary issues the order.
       ``(C) Expiration of effectiveness of order.--If a petition 
     for review of an order is filed under subparagraph (B) and 
     the review under that paragraph is not completed by the last 
     day of the 30-day period beginning on the date on which the 
     petition is filed, the order shall vacate automatically at 
     the end of that period unless the Secretary determines, in 
     writing, that the imminent threat providing a basis for the 
     order continues to exist.
       ``(d) Right of Action.--Nothing in this title confers upon 
     any person except the Secretary or his or her designee a 
     right of action against an owner or operator of a covered 
     chemical facility to enforce any provision of this title.

     ``SEC. 2105. WHISTLEBLOWER PROTECTIONS.

       ``(a) Procedure for Reporting Problems.--
       ``(1) Establishment of a reporting procedure.--Not later 
     than 180 days after the date of enactment of the Protecting 
     and Securing Chemical Facilities from Terrorist Attacks Act 
     of 2014, the Secretary shall establish, and provide 
     information to the public regarding, a procedure under which 
     any employee or contractor of a chemical facility of interest 
     may submit a report to the Secretary regarding a violation of 
     a requirement under this title.
       ``(2) Confidentiality.--The Secretary shall keep 
     confidential the identity of an individual who submits a 
     report under paragraph (1) and any such report shall be 
     treated as a record containing protected information to the 
     extent that the report does not consist of publicly available 
     information.
       ``(3) Acknowledgment of receipt.--If a report submitted 
     under paragraph (1) identifies the individual making the 
     report, the Secretary shall promptly respond to the 
     individual directly and shall promptly acknowledge receipt of 
     the report.
       ``(4) Steps to address problems.--The Secretary--
       ``(A) shall review and consider the information provided in 
     any report submitted under paragraph (1); and
       ``(B) may take action under section 2104 of this title if 
     necessary to address any substantiated violation of a 
     requirement under this title identified in the report.
       ``(5) Due process for facility owner or operator.--
       ``(A) In general.--If, upon the review described in 
     paragraph (4), the Secretary determines that a violation of a 
     provision of this title, or a regulation prescribed under 
     this title, has occurred, the Secretary may--
       ``(i) institute a civil enforcement under section 2104(a) 
     of this title; or
       ``(ii) if the Secretary makes the determination under 
     section 2104(c), issue an emergency order.
       ``(B) Written orders.--The action of the Secretary under 
     paragraph (4) shall be in a written form that--
       ``(i) describes the violation;
       ``(ii) states the authority under which the Secretary is 
     proceeding; and
       ``(iii) describes the standards and procedures for 
     obtaining relief from the order.
       ``(C) Opportunity for review.--After taking action under 
     paragraph (4), the Secretary shall provide for review of the 
     action if a petition for review is filed within 20 calendar 
     days of the date of issuance of the order for the action.
       ``(D) Expiration of effectiveness of order.--If a petition 
     for review of an action is filed under subparagraph (C) and 
     the review under that subparagraph is not completed by the 
     end of the 30-day period beginning on the date the petition 
     is filed, the action shall cease to be effective at the end 
     of such period unless the Secretary determines, in writing, 
     that the violation providing a basis for the action continues 
     to exist.
       ``(6) Retaliation prohibited.--
       ``(A) In general.--An owner or operator of a chemical 
     facility of interest or agent thereof may not discharge an 
     employee or otherwise discriminate against an employee with 
     respect to the compensation provided to, or terms, 
     conditions, or privileges of the employment of, the employee 
     because the employee (or an individual acting pursuant to a 
     request of the employee) submitted a report under paragraph 
     (1).
       ``(B) Exception.--An employee shall not be entitled to the 
     protections under this section if the employee--
       ``(i) knowingly and willfully makes any false, fictitious, 
     or fraudulent statement or representation; or
       ``(ii) uses any false writing or document knowing the 
     writing or document contains any false, fictitious, or 
     fraudulent statement or entry.
       ``(b) Protected Disclosures.--Nothing in this title shall 
     be construed to limit the right of an individual to make any 
     disclosure--
       ``(1) protected or authorized under section 2302(b)(8) or 
     7211 of title 5, United States Code;
       ``(2) protected under any other Federal or State law that 
     shields the disclosing individual against retaliation or 
     discrimination for having made the disclosure in the public 
     interest; or
       ``(3) to the Special Counsel of an agency, the inspector 
     general of an agency, or any other employee designated by the 
     head of an agency to

[[Page 17785]]

     receive disclosures similar to the disclosures described in 
     paragraphs (1) and (2).
       ``(c) Publication of Rights.--The Secretary, in partnership 
     with industry associations and labor organizations, shall 
     make publicly available both physically and online the rights 
     that an individual who discloses information, including 
     security-sensitive information, regarding problems, 
     deficiencies, or vulnerabilities at a covered chemical 
     facility would have under Federal whistleblower protection 
     laws or this title.
       ``(d) Protected Information.--All information contained in 
     a report made under this subsection (a) shall be protected in 
     accordance with section 2103.

     ``SEC. 2106. RELATIONSHIP TO OTHER LAWS.

       ``(a) Other Federal Laws.--Nothing in this title shall be 
     construed to supersede, amend, alter, or affect any Federal 
     law that--
       ``(1) regulates (including by requiring information to be 
     submitted or made available) the manufacture, distribution in 
     commerce, use, handling, sale, other treatment, or disposal 
     of chemical substances or mixtures; or
       ``(2) authorizes or requires the disclosure of any record 
     or information obtained from a chemical facility under any 
     law other than this title.
       ``(b) States and Political Subdivisions.--This title shall 
     not preclude or deny any right of any State or political 
     subdivision thereof to adopt or enforce any regulation, 
     requirement, or standard of performance with respect to 
     chemical facility security that is more stringent than a 
     regulation, requirement, or standard of performance issued 
     under this section, or otherwise impair any right or 
     jurisdiction of any State with respect to chemical facilities 
     within that State, unless there is an actual conflict between 
     this section and the law of that State.

     ``SEC. 2107. CFATS REGULATIONS.

       ``(a) General Authority.--The Secretary may, in accordance 
     with chapter 5 of title 5, United States Code, promulgate 
     regulations or amend existing CFATS regulations to implement 
     the provisions under this title.
       ``(b) Existing CFATS Regulations.--
       ``(1) In general.--Notwithstanding section 4(b) of the 
     Protecting and Securing Chemical Facilities from Terrorist 
     Attacks Act of 2014, each existing CFATS regulation shall 
     remain in effect unless the Secretary amends, consolidates, 
     or repeals the regulation.
       ``(2) Repeal.--Not later than 30 days after the date of 
     enactment of the Protecting and Securing Chemical Facilities 
     from Terrorist Attacks Act of 2014, the Secretary shall 
     repeal any existing CFATS regulation that the Secretary 
     determines is duplicative of, or conflicts with, this title.
       ``(c) Authority.--The Secretary shall exclusively rely upon 
     authority provided under this title in--
       ``(1) determining compliance with this title;
       ``(2) identifying chemicals of interest; and
       ``(3) determining security risk associated with a chemical 
     facility.

     ``SEC. 2108. SMALL COVERED CHEMICAL FACILITIES.

       ``(a) Definition.--In this section, the term `small covered 
     chemical facility' means a covered chemical facility that--
       ``(1) has fewer than 100 employees employed at the covered 
     chemical facility; and
       ``(2) is owned and operated by a small business concern (as 
     defined in section 3 of the Small Business Act (15 U.S.C. 
     632)).
       ``(b) Assistance to Facilities.--The Secretary may provide 
     guidance and, as appropriate, tools, methodologies, or 
     computer software, to assist small covered chemical 
     facilities in developing the physical security, 
     cybersecurity, recordkeeping, and reporting procedures 
     required under this title.
       ``(c) Report.--The Secretary shall submit to the Committee 
     on Homeland Security and Governmental Affairs of the Senate 
     and the Committee on Homeland Security and the Committee on 
     Energy and Commerce of the House of Representatives a report 
     on best practices that may assist small covered chemical 
     facilities in development of physical security best 
     practices.

     ``SEC. 2109. OUTREACH TO CHEMICAL FACILITIES OF INTEREST.

       ``Not later than 90 days after the date of enactment of the 
     Protecting and Securing Chemical Facilities from Terrorist 
     Attacks Act of 2014, the Secretary shall establish an 
     outreach implementation plan, in coordination with the heads 
     of other appropriate Federal and State agencies, relevant 
     business associations, and public and private labor 
     organizations, to--
       ``(1) identify chemical facilities of interest; and
       ``(2) make available compliance assistance materials and 
     information on education and training.''.
       (b) Clerical Amendment.--The table of contents in section 
     1(b) of the Homeland Security Act of 2002 (Public Law 107-
     196; 116 Stat. 2135) is amended by adding at the end the 
     following:

        ``TITLE XXI--CHEMICAL FACILITY ANTI-TERRORISM STANDARDS

``Sec. 2101. Definitions.
``Sec. 2102. Chemical Facility Anti-Terrorism Standards Program.
``Sec. 2103. Protection and sharing of information.-
``Sec. 2104. Civil enforcement.
``Sec. 2105. Whistleblower protections.
``Sec. 2106. Relationship to other laws.
``Sec. 2107. CFATS regulations.
``Sec. 2108. Small covered chemical facilities.
``Sec. 2109. Outreach to chemical facilities of interest.''.

     SEC. 3. ASSESSMENT; REPORTS.

       (a) Definitions.--In this section--
       (1) the term ``Chemical Facility Anti-Terrorism Standards 
     Program'' means--
       (A) the Chemical Facility Anti-Terrorism Standards program 
     initially authorized under section 550 of the Department of 
     Homeland Security Appropriations Act, 2007 (Public Law 109-
     295; 6 U.S.C. 121 note); and
       (B) the Chemical Facility Anti-Terrorism Standards Program 
     subsequently authorized under section 2102(a) of the Homeland 
     Security Act of 2002, as added by section 2;
       (2) the term ``Department'' means the Department of 
     Homeland Security; and
       (3) the term ``Secretary'' means the Secretary of Homeland 
     Security.
       (b) Third-party Assessment.--Using amounts appropriated to 
     the Department before the date of enactment of this Act, the 
     Secretary shall commission a third-party study to assess 
     vulnerabilities of covered chemical facilities, as defined in 
     section 2101 of the Homeland Security Act of 2002 (as added 
     by section 2), to acts of terrorism.
       (c) Reports.--
       (1) Report to congress.--Not later than 18 months after the 
     date of enactment of this Act, the Secretary shall submit to 
     the Committee on Homeland Security and Governmental Affairs 
     of the Senate and the Committee on Homeland Security and the 
     Committee on Energy and Commerce of the House of 
     Representatives a report on the Chemical Facility Anti-
     Terrorism Standards Program that includes--
       (A) a certification by the Secretary that the Secretary has 
     made significant progress in the identification of all 
     chemical facilities of interest under section 2102(e)(1) of 
     the Homeland Security Act of 2002, as added by section 2, 
     including--
       (i) a description of the steps taken to achieve that 
     progress and the metrics used to measure the progress;
       (ii) information on whether facilities that submitted Top-
     Screens as a result of the identification of chemical 
     facilities of interest were tiered and in what tiers those 
     facilities were placed; and
       (iii) an action plan to better identify chemical facilities 
     of interest and bring those facilities into compliance with 
     title XXI of the Homeland Security Act of 2002, as added by 
     section 2;
       (B) a certification by the Secretary that the Secretary has 
     developed a risk assessment approach and corresponding 
     tiering methodology under section 2102(e)(2) of the Homeland 
     Security Act of 2002, as added by section 2;
       (C) an assessment by the Secretary of the implementation by 
     the Department of the recommendations made by the Homeland 
     Security Studies and Analysis Institute as outlined in the 
     Institute's Tiering Methodology Peer Review (Publication 
     Number: RP12-22-02); and
       (D) a description of best practices that may assist small 
     covered chemical facilities, as defined in section 2108(a) of 
     the Homeland Security Act of 2002, as added by section 2, in 
     the development of physical security best practices.
       (2) Annual gao report.--
       (A) In general.--During the 3-year period beginning on the 
     date of enactment of this Act, the Comptroller General of the 
     United States shall submit to Congress an annual report that 
     assesses the implementation of this Act and the amendments 
     made by this Act.
       (B) Initial report.--Not later than 180 days after the date 
     of enactment of this Act, the Comptroller General shall 
     submit to Congress the first report under subparagraph (A).
       (C) Second annual report.--Not later than 1 year after the 
     date of the initial report required under subparagraph (B), 
     the Comptroller General shall submit to Congress the second 
     report under subparagraph (A), which shall include an 
     assessment of the whistleblower protections provided under 
     section 2105 of the Homeland Security Act of 2002, as added 
     by section 2, and--
       (i) describes the number and type of problems, 
     deficiencies, and vulnerabilities with respect to which 
     reports have been submitted under such section 2105;
       (ii) evaluates the efforts of the Secretary in addressing 
     the problems, deficiencies, and vulnerabilities described in 
     subsection (a)(1) of such section 2105; and
       (iii) evaluates the efforts of the Secretary to inform 
     individuals of their rights, as required under subsection (c) 
     of such section 2105.
       (D) Third annual report.--Not later than 1 year after the 
     date on which the Comptroller General submits the second 
     report required under subparagraph (A), the Comptroller 
     General shall submit to Congress the third report under 
     subparagraph (A), which shall include an assessment of--
       (i) the expedited approval program authorized under section 
     2102(c)(4) of the Homeland Security Act of 2002, as added by 
     section 2; and
       (ii) the report on the expedited approval program submitted 
     by the Secretary under subparagraph (I)(ii) of such section 
     2102(c)(4).

     SEC. 4. EFFECTIVE DATE; CONFORMING REPEAL.

       (a) Effective Date.--This Act, and the amendments made by 
     this Act, shall take effect on the date that is 30 days after 
     the date of enactment of this Act.
       (b) Conforming Repeal.--Section 550 of the Department of 
     Homeland Security Appropriations Act, 2007 (Public Law 109-
     295; 120 Stat. 1388), is repealed as of the effective date of 
     this Act.

     SEC. 5. TERMINATION.

       The authority provided under title XXI of the Homeland 
     Security Act of 2002, as added by section 2(a), shall 
     terminate on the date that is 4 years after the effective 
     date of this Act.

  The SPEAKER pro tempore. Pursuant to the rule, the gentleman from

[[Page 17786]]

Pennsylvania (Mr. Meehan) and the gentleman from Mississippi (Mr. 
Thompson) each will control 20 minutes.
  The Chair recognizes the gentleman from Pennsylvania.


                             General Leave

  Mr. MEEHAN. Mr. Speaker, I ask unanimous consent that all Members 
have 5 legislative days within which to revise and extend their remarks 
and insert any extraneous material on the bill under consideration.
  The SPEAKER pro tempore. Is there objection to the request of the 
gentleman from Pennsylvania?
  There was no objection.
  Mr. MEEHAN. Mr. Speaker, I yield myself such time as I may consume.
  Mr. Speaker, I rise in support of H.R. 4007, which is the Protecting 
and Securing Chemical Facilities From Terrorist Attacks Act of 2014. 
This bipartisan legislation went through regular order, and it passed 
the House in July by voice vote.
  It now returns to us from the Senate where, yesterday, it passed by 
unanimous consent. H.R. 4007 is enthusiastically supported by the 
industry stakeholders it most directly impacts, as well as the 
Department of Homeland Security which is responsible for its 
implementation.
  While it was in the Senate, the Homeland Security and Governmental 
Affairs Committee of the Senate made improvements to the House-passed 
version of the bill that take into account the interests of the labor 
unions who staff many facilities while, at the same time, strengthening 
the program overall and making it more workable and more effective for 
all parties involved. These changes were thoroughly vetted with 
industry, labor, and the Department itself, and they are widely 
endorsed.
  As a result, Mr. Speaker, H.R. 4007 represents the culmination of a 
productive collaboration between my colleagues on the other side of the 
aisle and those in my conference, the House and the Senate, industry, 
labor, and the Federal Government.
  Over the course of the past year, through multiple hearings and 
countless meetings, all of us have worked in partnership to take an 
honest look at the CFATS program to look at its strengths and 
shortcomings and to develop a straightforward, practically-minded piece 
of legislation to improve the program overall.
  Mr. Speaker, prior to the attacks of September 11, Congress had 
established an array of laws aimed at preventing environmental 
disasters at facilities that produce or store potentially dangerous 
chemicals.
  While those laws remain, Congress and the Department of Homeland 
Security developed CFATS specifically to prevent an intentional attack 
on chemical facilities. The CFATS program requires DHS to develop a set 
of vulnerability assessment standards for chemical plants and to 
implement a corresponding set of regulations to protect the highest-
risk facilities from a physical attack.
  Despite what we would all agree are the best intentions, it is no 
secret that CFATS struggled in its earlier years from implementation 
problems to management flaws to insufficient feedback from the 
facilities. These were highlighted in the aftermath of the devastating 
explosion at a chemical facility in West, Texas. CFATS had a rocky 
start.
  To make matters worse, for the past 4 years, CFATS has relied on 
appropriations for its existence with no authorization from Congress 
and no official guidance. This bill is a major breakthrough; CFATS will 
be reauthorized for the very first time.
  With that authorization, both Chambers of Congress are finally able 
to provide smart, binding guidelines to improve the operation of the 
program, measure progress, and enhance security.
  Mr. Speaker, I am proud of this legislation. I am particularly 
grateful for the bipartisan support. I know that there have been 
moments of disagreement, and there may continue to be points in which 
there are some modicum of issues of disagreement, but the overall 
collective bipartisan work on this issue, taking into account the 
efforts of management, labor, government, and industry, has resulted in 
what I believe to be a very substantial and important piece of 
legislation.
  I urge my colleagues on both sides of the aisle to send H.R. 4007 to 
the President's desk so we can ensure that proper measures are in place 
to secure the Nation's vast network of chemical facilities and to keep 
our facilities safe from harm.
  With that, Mr. Speaker, I reserve the balance of my time.
  Mr. THOMPSON of Mississippi. Mr. Speaker, I rise in very reluctant 
support of the Senate amendment to H.R. 4007 and yield myself such time 
as I may consume.
  Mr. Speaker, H.R. 4007 authorizes the Chemical Facility Anti-
Terrorism Standards, or CFATS, program through 2017 and came through 
regular order.
  As a lead author of the original legislation to establish DHS' 
chemical security program, I have consistently supported efforts for 
this committee to advance freestanding authorizing legislation to 
ensure that the program, which was stood up pursuant to a paragraph in 
the 2007 appropriations bill, was fully authorized.
  Until today, the closest Congress has come to replacing that 
appropriations language with a more detailed and comprehensive bill was 
in 2010, when the House unanimously approved legislation I authored 
with then-Energy and Commerce Chairman Henry Waxman.

                              {time}  0945

  H.R. 4007 bears little resemblance to that measure. However, there 
are a few provisions that are in the spirit of the prior bill, such as 
worker participation in the development of security plans and the 
provision of basic whistleblower protections to workers who risk their 
jobs to come forward to report security issues.
  I appreciate the contributions made to the legislation by the 
chairman of the Senate Homeland Security Committee, particularly with 
respect to whistleblower rights and the personnel surety program, two 
areas championed by subcommittee Ranking Member Clarke and committee 
Democrats.
  I am pleased that Democratic efforts to prevent regulatory overreach 
by DHS with respect to personnel surety ultimately prevailed so that 
under this bill facilities would have a range of options for how to 
ensure that individuals accessing their facilities are vetted.
  The bill also grants DHS new authorities to identify and bring into 
compliance facilities that willfully ignore this Federal regulatory 
program, putting their workers and surrounding communities at risk. 
This so-called outlier provision is in direct response to Chemical 
Safety Board findings regarding the deadly fire and damaging explosions 
at the West Fertilizer Company in Texas in April 2013. The board 
determined that they were preventable and that it was due in part to 
the ``inability of Federal, State, and local regulatory agencies to 
identify a serious hazard and correct it.''
  Though I support a multiyear authorization for CFATS and there are a 
number of provisions in the bill that I fully support, there is one in 
the bill, as considered today, that could very well undermine the 
effectiveness of the entire program. I am, of course, speaking of the 
language authored by the ranking member of the Senate Homeland Security 
Committee that directs DHS to establish a so-called expedited approval 
program, or, as I have come to see it, a self-certification program.
  Yes, you heard me right. Under this bill, some facilities would be 
able to self-certify that they are in compliance with the risk-based 
performance standards under the program. The population of facilities 
that would be eligible for this scheme represents about 70 percent of 
all facilities subject to this regulatory program.
  The inclusion of this provision which requires DHS within 180 days to 
issue guidance to facilities on how to access self-certification has 
not gone through the rigor of intensive and balanced bicameral 
legislative debate or discussions. It lacks a legislative history. 
Allowing certain CFATS-covered facilities to independently certify that 
the

[[Page 17787]]

security plans they developed meet statutory requirements is an 
inherently risky approach that leaves DHS with few options.
  Given the resource challenges and chronic backlog challenges in the 
CFATS program, I have trouble believing that self-certified facilities 
would receive timely inspections where misrepresentations, omissions, 
and inadequacies with the plan could be identified. Defenders of this 
provision have argued that my concerns about turning back the clock on 
security are misplaced. I certainly hope so.
  If this measure is enacted into law, as I expect will occur, we will 
know within a very short period of time if the CFATS office can 
effectively design and launch a new program within its program that is 
consistent with risk-based and performance-based standards.
  H.R. 4007 certainly has the potential to be an oversight gold mine, 
giving the Committee on Homeland Security plenty to dig into during the 
next Congress. Despite my deep concerns with the self-certification 
program, I will be voting in favor of H.R. 4007. I will be casting an 
``aye'' vote to get the CFATS program off the erratic appropriations 
cycle and give some predictability to the facilities that are regulated 
under the program and the men and women that look to DHS to partner 
effectively with the facilities to help keep them secure.
  Mr. Speaker, as I mentioned before, I plan to vote in favor of H.R. 
4007, but will do so with deep reservations. By including the self-
certification program, I am troubled by the message that this measure 
may send to the American public about how serious we are about ensuring 
that facilities comply with the CFATS security program. If a company 
misrepresents its size in a self-certification to the Small Business 
Administration to improperly access small business set asides, truly 
eligible small businesses could be harmed.
  If a company misrepresents its chemical holdings and how it is 
protecting them against sabotage in a self-certification to the 
Department of Homeland Security to secure CFATS compliance 
certification, the results could be dangerous, even deadly. I certainly 
hope that DHS runs all the traps to reduce the likelihood that the 
program will be exploited.
  I plan to vote for this bill to put the CFATS program on a more 
stable and secure footing, to ensure that chemical workers have 
whistleblower rights, and to stop DHS from putting in place onerous and 
unnecessarily burdensome personnel surety vetting requirements. Again, 
Mr. Speaker, I plan to vote for this bill even with my reservations. It 
is a good start, and I compliment the chairman of the subcommittee for 
his work on it. It has been a labor of love. I wish we could have done 
more, but in the interest of getting us moving, I will support this 
bill.
  I yield back the balance of my time.
  Mr. MEEHAN. Mr. Speaker, I yield myself such time as I may consume.
  I want to express my deep appreciation to my colleagues on the other 
side of the aisle, the gentleman from Mississippi (Mr. Thompson) and 
the gentlewoman from New York, whom I had the good privilege to serve 
with on the subcommittee which originally authored this important 
legislation.
  I appreciate the leadership that the ranking member had initiated in 
this area prior to my tenure on the committee. It was during the 
bipartisan effort to look at this when both sides of our committee 
realized that we would not write the perfect bill, but it was 
critically important that collectively we could get to a very good bill 
which would do the most important thing, which is to authorize the 
capacity for DHS to have this meaningful role in this very, very 
important area.
  I do appreciate the issue with respect to self-certification. We 
recognized as we were dealing with this issue, as well, that one of the 
real problems in the beginning was the heightened expectations that 
were created, particularly with those smaller facilities, about 
responsiveness from DHS. And so responsible entities would go through 
the work and the steps of creating site security plans, awaiting and 
awaiting and awaiting DHS to get there to help approve the work that 
they were doing. By creating that unrealistic expectation, we also 
created not just the appearance but the reality of looking like an 
underperforming Department of Homeland Security in this critical area.
  I think that the work that has been done has been focused on trying 
to get this right. This will require that any self-certification be 
done with templates that are being put together by Homeland Security, 
and there will be strict deadlines for conformance, and the failure to 
conform will put them right back into oversight. But I respect and 
genuinely appreciate the points made by the gentleman from Mississippi 
(Mr. Thompson).
  This is significant because passage of this bill will allow us to 
know where these chemicals are, and that, in and of itself, is 
significant. To be a firefighter and to not know what might be in the 
building that you are responding to is inexcusable. That was the 
circumstance in which those brave firefighters found themselves in 
West, Texas. This begins to create the kinds of protections to avoid 
that kind of uncertainty. We owe it to our brave firefighters and 
others on the front lines.
  Most significantly, this has been a program in which there have been 
a number of responsible companies that have taken it upon themselves to 
ensure that they are doing the right thing in terms of identifying the 
chemicals they have and securing them appropriately to protect against 
any kind of misapplication.
  Without this kind of legislation, what it does is rewards the 
outliers who are not taking those responsible steps. This will give DHS 
the authority to ensure that there is oversight over the entirety of 
the chemical stock. It is important, it is timely, and it will allow us 
to have appropriate oversight over DHS as well, who I have confidence 
can step up to the job.
  So in light of all of those points, I urge all Members to join me in 
supporting this bipartisan bill, H.R. 4007.
  I yield back the balance of my time.
  Mr. GENE GREEN of Texas. Mr. Speaker, I rise in support of the Senate 
amendments to H.R. 4007, the Protecting and Securing Chemical 
Facilities from Terrorist Attacks Act.
  I am an original co-sponsor of this important legislation which will 
finally authorize the CFATS program in federal code and not through the 
appropriations process.
  Last October, during the government shutdown, the American people saw 
that without authorization of the CFATS program, there were no legally 
binding regulations in place to protect our nation's chemical 
facilities from criminal and terrorist attacks once appropriations 
expired.
  I have the honor of representing north and east Harris County and the 
Houston Ship Channel, at the heart of our nation's petro-chemical 
industry. The expiration of the CFATS program puts the safety of my 
constituents who work in and live in the communities that surround 
these facilities in danger and it is obligation, as the people's 
elected representatives, to do everything we can to protect them from 
harm's way.
  This measure passed the House in July by voice vote.
  I backed the House-version of this measure because the bill will 
solve the personnel surety issue by allowing workers who have TWIC or 
HME cards to have access to chemical facilities without having to get 
another federal credential.
  This is important to my constituents who already have TWIC cards and 
work in our petrochemical plants and drive the trucks to deliver raw 
materials and products they produce.
  I am supportive of some of the changes the Senate made to this 
legislation. In particular, I am supportive of measures that will add 
greater worker participation into plant security plans and provide 
greater whistleblower protections for plant employees who want to 
report unsafe conditions at a plant.
  I do have some concerns with allowing smaller facilities to self-
certify, as added in by the Senate, because even smaller facilities, as 
we have unfortunately seen in Texas in recent years, can be dangerous 
and the American people deserve full assurance that facilities near 
them are safe.
  Nonetheless, the underlining legislation is still sound and needs to 
be enacted. I urge my colleagues to join DHS Secretary Jeh Johnson, and 
impacted stakeholders and vote in support of the Senate amendments to 
H.R. 4007.

[[Page 17788]]


  Mr. WAXMAN. Mr. Speaker, since before the terrorist attacks of 
September 11, 2001, experts have been concerned about the vulnerability 
of chemical plants to attack. These facilities hold large stores of 
industrial chemicals which pose a safety and security risk to the 
American people if they are released or detonated. A recent report 
found that more than 134 million Americans live in the vulnerability 
zones around chemical facilities. I have such a facility in my 
district, which is a very serious concern for the surrounding 
community.
  These risks have not been adequately addressed, and this bill falls 
short of what is needed. The version of the bill before us now also 
includes a significant and unvetted change to the program that could 
make many high risk chemical facilities less secure. The self-
certification provisions have not been evaluated in hearings or 
piloted. I am concerned about these provisions and I caution my 
colleagues that their implementation will require close oversight from 
Congress.
  But this bill is a step forward. For far too long, this important 
program has been authorized in the appropriations process for the 
Department of Homeland Security. During last year's government 
shutdown, the authority for this program lapsed. Looking ahead to next 
Congress, the risk of another lapse is too great. When we voted on a 
previous version of this bill in July, I expressed my hope that the 
Senate could improve the legislation to strengthen this important 
program.
  On some issues, the Senate was successful. The bill now includes an 
expanded role for workers and labor unions in developing site security 
plans and some important whistleblower protections.
  However, this bill would leave significant problems in the underlying 
program in place.
  The Chemical Facility Anti-Terrorism Standards program at the 
Department of Homeland Security has not been successful. The original 
rider that created the program blocked effective enforcement, leading 
to a lack of compliance. We saw the dangers of noncompliance when the 
West Fertilizer Company facility in West, Texas, exploded. 
Unfortunately, those limitations on enforcement would be preserved by 
this bill.
  The original statute blocked the Department from requiring measures 
to reduce the consequences of a terrorist attack, and in the process 
created serious obstacles to disapproving site security plans that 
failed to meet the program's standards. This led to an approval process 
so complicated that it took more than five years for the Department to 
complete its review of the first facility. This bill preserves those 
obstacles.
  Both of these challenges may be complicated further by the new self-
certification program.
  I expect this bill to pass today, and I welcome this step forward. 
But I call upon all of my colleagues who will be here in the next 
Congress to continue the important oversight of this program to provide 
the American people with the protection they expect and deserve.
  The SPEAKER pro tempore. The question is on the motion offered by the 
gentleman from Pennsylvania (Mr. Meehan) that the House suspend the 
rules and concur in the Senate amendment to the bill, H.R. 4007.
  The question was taken; and (two-thirds being in the affirmative) the 
rules were suspended and the Senate amendment was concurred in.
  A motion to reconsider was laid on the table.

                          ____________________