– Executive Summary –

The Homeland Security Act of 2002 provided the legislation to establish the Department of Homeland Security (DHS), which married all federal agencies involved in such security under one umbrella.[1] Various legacy immigration and customs agencies merged to create the U.S. Customs and Border Protection (CBP) within this DHS umbrella. CBP’s mission is to protect and secure the U.S. border against terrorist attacks, the importation of dangerous contraband, and illegal entry of criminals, terrorists, foreign intelligence officers, and undocumented aliens. CBP employs more than 60,000 personnel and has over 45,000 sworn law enforcement officers, the largest of any U.S. law enforcement entity.[2] In this way, CBP serves a vital defense function.

Like many organizations, CBP is vulnerable to employee misconduct and corruption;[3] however, border agency vulnerabilities extend beyond these known and expected improprieties. A 2012 Government Accountability Office study reported arrests of CBP employees for misconduct, such as domestic violence or driving under the influence from fiscal years 2005 to 2012, and 144 former or current CBP employee arrests or indictments for corruption-related activities, such as smuggling of aliens or drugs.[4]

Literature regarding insider-threat mitigation mainly deals with these risks in the cyber realm, but a corrupt CBP officer or agent working at a port of entry (POE) would not necessarily gain access to classified databases or generate intelligence reports, as approximately only 22% of the CBP workforce has a security clearance.[5] Most CBP employees with a security clearance work in management, intelligence units, or special operations. Instead, the corrupt CBP officers would more likely allow persons or items to enter the country without inspection. To do so, they would likely inspect either the driver but not the vehicle or passengers. This tactic obviously does not require access to classified databases nor does it leave a cyber-trail; therefore, a computer algorithm tracking access to unauthorized databases will fail to identify the act.

The CBP Office of Professional Responsibility (OPR), or internal affairs (IA), investigates and fights employee corruption and misconduct, but it does not have a policy either to identify or mitigate insider threats proactively. Rather, OPR manages insider threats reactively through two methods: (1) OPR waits until a source of information provides intelligence regarding criminal activity or misconduct, and (2) OPR waits until an employee triggers an information technology (IT) mechanism that reveals criminal activity or misconduct. The flaw with a reactive approach is that the incident, and thus the damage, has already occurred. A proactive approach mitigates insider threats by identifying cues, actions, or triggers associated with corruption before a crime is committed.

Effective solutions to mitigate corruption are those that incentivize employees to report crimes and programs that recruit employees as surreptitious “eyes and ears” within an organization. The New York Police Department (NYPD) Voluntary Assistance Program (VAP) is an exceptional program in which employees act as an Internal Affairs Bureau (IAB) force multiplier. The VAP recruits employees who volunteer to act as the “eyes and ears” within the organization. VAP participants work their regularly assigned posts but also report findings of corruption to their assigned handlers. All VAP participants’ identities are kept confidential, even to other VAP participants and IAB staff. Only the VAP participants’ handlers and IAB management know their identities. Maintaining the participants’ identities confidential is important for the safety of the participants, as well as to ensure operational viability for continued operational deployments.

Crime Stoppers is also a unique program that provides financial incentives to report crimes while protecting the identity of the reporting party. The program is exceptional because it provides anonymity and a monetary incentive for persons who might otherwise not feel the moral obligation to provide information or who might fear reprisal for cooperating with law enforcement.

CBP will benefit from the adoption of incentive programs. The challenge is to determine whether existing approaches are scalable and how much modification they would require for the unique CBP environment. CBP is a federal law enforcement organization composed of approximately 60,000 employees with jurisdiction throughout the United States. CBP employees are represented by three different labor unions with whom negotiations to enact such approaches would be necessary. Labor unions do not affect the CBP mission or the integrity of CBP personnel. However, any change identified as a change in work environment or established past practice typically requires labor contract re-negotiation. Lastly, CBP has employees stationed throughout the world where U.S. laws may not apply. CBP employees stationed abroad must still follow CBP’s policies and procedures, but criminal statutes vary from country to country that can possibly hamper criminal prosecution or extradition for criminal acts committed outside the United States.

[1] U.S. Customs and Border Protection, Vision and Strategy 2020, CBP Publication Number 0215-0315 (Washington, DC: Department of Homeland Security, 2015), 6, https://www.cbp.gov/sites/default/files/documents/CBP-Vision-Strategy-2020.pdf.

[2] Homeland Security Advisory Council, Final Report of the CBP Integrity Advisory Panel (Washington, DC: Department of Homeland Security, 2016), 12, https://www.dhs.gov/sites/default/files/publications/HSAC%20CBP%20IAP_Final%20Report_FINAL%20(accessible)_0.pdf.

[3] Merriam-Webster defines misconduct as “intentional wrongdoing; specifically: deliberate violation of law or standard especially by a government official.” Merriam-Webster, s.v. “misconduct,” accessed September 5, 2017, https://www.merriam-webster.com/dictionary/misconduct. Cornell Law School defines corruption as “a government official, whether elected, appointed, or hired, who asks, demands, solicits, accepts, or agrees to receive anything of value in return for being influenced in the performance of their official duties.” “Public Corruption,” Information Institute, accessed April 12, 2018, https://www.law.cornell.edu/wex/public_corruption.

[4] Government Accountability Office, Border Security: Additional Actions Needed to Strengthen CBP Efforts to Mitigate Risk of Employee Corruption and Misconduct, GAO-13-59 (Washington, DC: Government Accountability Office, 2012), 2, http://www.gao.gov/assets/660/650505.pdf.

[5] Information obtained through the researcher’s duties and operational knowledge of CBP.

Leave a Comment

Your email address will not be published.

Scroll to Top