Analysis

Audit Faults State Dept’s Kabul Embassy Security Management

A federal audit has found problems with the State Department’s oversight of security at the U.S. embassy in Afghanistan.

The audit, issued November 3, showed that, years after the deadly attack on the U.S. consulate in Benghazi, Libya, and long after Washington policymakers pledged to bolster protection for diplomats in danger zones, the State Department has failed to properly manage a security contract for one of the nation’s largest and most threatened embassies.

The lapses could waste taxpayer money and place U.S. personnel at risk, according to the audit by the Department’s Office of Inspector General (OIG).

Kabul embassy guards have warned of security weaknesses and management problems in a series of reports by the Project On Government Oversight.

The federal audit’s findings contrast with congressional testimony by Under Secretary of State for Management Patrick F. Kennedy, who last year told lawmakers: “Currently in Kabul we have a well-managed, effectively functioning contract that provides security to protect our people and facilities.”

The government has outsourced security for diplomatic posts in dangerous parts of the world to private contractors, and the State Department is responsible for making sure the contractors comply with requirements. The Department in 2010 selected a firm called Aegis Defense Services to protect the embassy compound in Kabul under a contract that began in 2012 and is potentially worth $723 million over five years.

However, the recently completed audit report by the OIG said the Department “did not ensure that Aegis maintained records documenting contract-required training and security screening for all employees” working on Kabul embassy security.

“[I]ncomplete documentation that guards are properly vetted places embassies and personnel at risk,” the OIG wrote.

The audit questioned millions of dollars of State Department payments to Aegis, saying certain labor charges for Aegis employees were not supported by the required time and attendance records, and that Department contracting officers approved certain Aegis invoices without adequately checking them.

The audit also said the Department had not done what it was supposed to do to uphold standards related to “Trafficking in Persons,” which are meant “to reduce the risk of abusive labor practices.”

Employees from Nepal make up much of Aegis’s security force in Kabul. Nepalese guards told auditors that their passports were being held by Aegis, in some instances for as long as four months for every six-month visa, the report said.

“Individuals who have their identity or travel documents forcibly removed from their person are rendered highly vulnerable,” the OIG report said. “Although OIG found no evidence that Aegis intended to prevent TCN [third-country national] workers from leaving Afghanistan by holding passports, holding them for such extended periods of time could negatively affect TCNs,” the report said.

The goal of the OIG audit was to determine how well the State Department was managing and overseeing Aegis’s contract. It focused mainly on administrative processes and paperwork—for example, how well certain matters were documented. As a result, it only indirectly addressed the actual security of the embassy. It did not get to the bottom of some basic questions such as whether Aegis personnel lacked security clearances, or whether the documentation of their clearances was merely missing from the files.

“We are not in a position to state with certainty why documentation was missing as we did not explore that specific question,” OIG spokesman Douglas Welty said in a statement to POGO.

Nor did the audit report address a variety of problems that POGO has documented and that guards have described since Aegis took over security at the Kabul embassy.

Guards have complained of working long hours for days on end with inadequate training. Records obtained by POGO have shown staffing shortfalls on certain shifts. Guards have sued Aegis, alleging that the firm has at times edited their time sheets and directed them to underreport the number of hours they worked to avoid revealing that they were on the job up to 18 hours per day. In addition, a State Department document published by POGO last year described a “mutiny” within the guard force that “undermined the chain of command” and “put the security of the Embassy at risk.”

Aegis spokesman Michael Gulino declined to comment when contacted by POGO, and he referred questions to the State Department. A State Department spokesman provided this statement by email, complete with anonymous attribution:

“’The department is on track toward strengthening security abroad and the inspector general’s report offers useful guidance for continuing that work. This is a timely snapshot of the progress being made, and we welcome and agree with the IG’s further recommendations for diplomatic security,’ said a department spokesman on background.”

As of February 2014, the State Department had expended about $224 million under the Aegis contract, the audit report said. As of April, Aegis was required to have 933 workers providing security for the embassy and other U.S. diplomatic facilities in Kabul, including 880 on “static security” (in other words, guard duty), the OIG report said

The report raised questions about the qualifications of people Aegis has hired to provide security. According to the report, the State Department had issued a “deficiency notice” to Aegis in November 2012, requiring remedial action to address “issues with Aegis’s candidate screening and recordkeeping.”

Among the problems the OIG identified in the files it reviewed, seven U.S. citizens employed by Aegis in Kabul “had no documented security clearance investigations.” In addition, fourteen Aegis explosive detection dog handlers “did not have documents showing they had completed required training.” The OIG reported that nine of the fourteen dog handlers with missing documents were “still active.”

The report said a deputy regional security officer at the State Department told the OIG that he had conducted a qualification and training checklist review of all contractor personnel before they began work on the contract. In written response to the OIG, the State Department’s Bureau of Administration said that Aegis “states that they are prohibited from sending clearance data to post and that is why it is stored separately.”

The OIG also examined a random sample of time and attendance data for Aegis workers from June 15, 2012, to December 31, 2013. It found that 6.5 percent of billable hours and 7.9 percent of billable days “were not supported.” The OIG said the State Department’s Bureau of Diplomatic Security told it that a time and attendance tracking system was not always working during the first five months of the contract.

The OIG said documentation of those matters improved significantly after the first six months of Aegis’s contract. In its response, State’s Bureau of Administration said early personnel musters “did have issues,” and it said it had reached a financial settlement with Aegis over those.

Based on its review of Aegis invoices, the OIG said that $8.6 million, about 4 percent of costs, were “possibly unallowable or not supported.” The Department “approved the invoices without adequately verifying the contractor’s invoices against the supporting documentation,” the report said. The questionable invoices included charges for training and travel.

In its response, State’s Bureau of Administration said Aegis invoices reflected acceptable travel agent costs. “A comprehensive review is not required because invoices are scrutinized routinely and our review of those invoices did not yield any discrepancies,” the Bureau of Administration added.

Lost or incomplete contracting files are nothing new at State. There are repeated examples of poor contract file administration. The result could be "substantial financial losses," according to a March 20, 2014 “Management Alert” from the OIG. Over the past six years, the management alert said, the OIG has identified State Department contracts with a total value of more than $6 billion in which contract files were incomplete or could not be located at all, the OIG reported. According to the OIG report on the Kabul embassy security contract, the State Department’s Bureau of Administration disagreed with some of the audit’s findings. In some instances, the OIG said the Bureau of Administration “did not identify any corrective actions to address the intent of the recommendation.”

The audit serves as another argument for the government to focus on the concerns of people who have served on the Kabul embassy guard force. The questions the Department and its congressional overseers should investigate run deeper than the paperwork in the files. Is the embassy at undue risk? Are taxpayer dollars being wasted? Is the contractor fulfilling its obligations? And is the State Department holding the contractor accountable?

Adam Zagorin and Scott Amey contributed.