Defined Contribution Plans: Federal Guidance Could Help Mitigate Cybersecurity Risks in 401(k) and Other Retirement Plans

What GAO Found

In their role administering private sector employer-sponsored defined contribution (DC) retirement plans, such as 401(k) plans, plan sponsors and their service providers—record keepers, third party administrators, custodians, and payroll providers—share a variety of personally identifiable information (PII) and plan asset data among them to assist with carrying out their respective functions (see figure). The PII exchanged for DC plans typically include participant name, Social Security number, date of birth, address, username/password; plan asset data typically includes numbers for both retirement and bank accounts. The sharing and storing of this information can lead to significant cybersecurity risks for plan sponsors and their service providers, as well as plan participants.

Data Sharing Among Plan Sponsors and Service Providers in Defined Contribution Plans

Federal requirements and industry guidance exist that could mitigate cybersecurity risks in DC plans, such as requirements that pertain to entities that directly engage in financial activities involving DC plans. However, not all entities involved in DC plans are considered to have such direct engagement, and other cybersecurity mitigation guidance is voluntary. Federal law nevertheless requires plan fiduciaries to act prudently when administering plans. However, the Department of Labor (DOL) has not clarified fiduciary responsibility for mitigating cybersecurity risks, even though 21 of 22 stakeholders GAO interviewed expressed the view that cybersecurity is a fiduciary duty. Further, DOL has not established minimum expectations for protecting PII and plan assets. DOL officials told GAO that the agency intends to issue guidance addressing cybersecurity-related issues, but they were unsure when it would be issued. Until DOL clarifies responsibilities for fiduciaries and provides minimum cybersecurity expectations, participants’ data and assets will remain at risk.

Why GAO Did This Study

Cyber attacks against information systems (IT) are perpetuated by individuals or groups with malicious intentions, from stealing identities to appropriating money from accounts. DC plans, which allow individuals to accumulate tax-advantaged retirement savings, increasingly rely on the internet and IT systems for their administration. Accordingly, the need to secure these systems has become paramount. Ineffective data security controls can result in significant risks to plan data and assets. In 2018, DC plans enrolled 106 million participants and held nearly $6.3 trillion in assets, according to DOL.

This report examines (1) the data that sponsors and providers exchange during the administration of DC plans and their associated cybersecurity risks, and (2) efforts to assist sponsors and providers to mitigate cybersecurity risks during the administration of DC plans. GAO interviewed key entities involved with DC plans, such as sponsors and record keepers, DOL officials and industry stakeholders; and reviewed relevant federal laws, regulations, and guidance.

More from:

Hits: 1

News Network

  • Owner of Seafood Processor Sentenced to Prison for Tax Evasion
    In Crime News
    A Rhode Island man was sentenced to three years in prison today for tax evasion, announced Principal Deputy Assistant Attorney General Richard E. Zuckerman of the Justice Department’s Tax Division, U.S. Attorney Aaron L. Weisman for the District of Rhode Island, and Special Agent in Charge Kristina O’Connell of IRS Criminal Investigation.
    [Read More…]
  • Request for Statements of Interest: DRL FY20 Iraq Programs
    In Human Health, Resources and Services
    Bureau of Democracy, [Read More…]
  • U.S. Special Envoy to Monitor and Combat Anti-Semitism Elan S. Carr On Recent Progress In the Fight Against Anti-Semitism
    In Crime Control and Security News
    Elan S. Carr, Special [Read More…]
  • Department Of Justice Acts To Stop Sale Of “Nano Silver” Product As Treatment For Covid-19
    In Crime News
    The United States filed suit to halt the sale by a New Jersey entity of an unapproved “nano silver” product previously touted as a COVID-19 treatment, the Department of Justice announced today.
    [Read More…]
  • Four sentenced for roles in ransom scheme
    In Justice News
    Four U.S. citizens have [Read More…]
  • Brazil’s Signing of the Artemis Accords
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Secretary Antony J. Blinken and UK Foreign Secretary Dominic Raab at a Joint Press Availability
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Secretary Antony J. Blinken, Greenlandic Premier Mute Egede, Greenlandic Foreign Minister Pele Broberg, And Danish Foreign Minister Jeppe Kofod At a Joint Press Availability
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Four California Residents Found Guilty of Scheming to Fraudulently Obtain Millions of Dollars in COVID-19 Relief Programs
    In Crime News
    A federal jury convicted four California residents on June 25, for scheming to submit fraudulent loan applications seeking millions of dollars in Paycheck Protection Program (PPP) and Economic Injury Disaster Loan (EIDL) COVID-19 relief funds.  
    [Read More…]
  • DHS and DOJ Announce Dedicated Docket Process for More Efficient Immigration Hearings
    In Crime News
    Today, Secretary of Homeland Security Alejandro N. Mayorkas and Attorney General Merrick B. Garland announced a new Dedicated Docket process to more expeditiously and fairly make decisions in immigration cases of families who arrive between ports of entry at the Southwest Border.  This new process should significantly decrease the amount of time it takes for migrants to have their cases adjudicated while still providing fair hearings for families seeking asylum at the border.
    [Read More…]
  • Covid-19: Data Quality and Considerations for Modeling and Analysis
    In U.S GAO News
    The rapid spread and magnitude of the COVID-19 pandemic have underscored the importance of having quality data, analyses, and models describing the potential trajectory of COVID-19 to help understand the effects of the disease in the U.S. The Centers for Disease Control and Prevention (CDC) is using multiple surveillance systems to collect data on COVID-19 in the U.S. in collaboration with state, local, and academic and other partners. The data from these surveillance systems can be useful for understanding the disease, but decision makers and analysts must understand their limitations in order to interpret them properly. For example, surveillance data on the number of reported COVID-19 cases are incomplete for a number of reasons, and they are an undercount the true number of cases, according to CDC and others. There are multiple approaches to analyzing COVID-19 data that yield different insights. For example, some approaches can help compare the effects of the disease across population groups. Additional analytical approaches can help to address incomplete and inconsistent reporting of COVID-19 deaths as well. For example, analysts can examine the number of deaths beyond what would normally be expected in the absence of the pandemic. Examining higher-than-expected deaths from all causes helps to address limitations in the reporting of COVID-19 deaths because the number of total deaths is likely more accurate than the numbers of deaths from specific causes. The figure below shows actual deaths from the weeks ending January 1 through June 27, 2020, based on data from CDC’s National Center for Health Statistics, compared with the expected deaths based on prior years’ data. Deaths that exceeded this threshold starting in late March are considered excess deaths that may be related to the COVID-19 pandemic. Higher-Than-Expected Weekly Mortality for 2020, as of July 14, 2020 Analysts have used several forecasting models to predict the spread of COVID-19, and understanding these models requires understanding their purpose and limitations. For example, some models attempt to predict the effects of various interventions, whereas other models attempt to forecast the number of cases based on current data. At the beginning of an outbreak, such predictions are less likely to be accurate, but accuracy can improve as the disease becomes better understood. The COVID-19 pandemic has resulted in significant loss of life and profoundly disrupted the U.S. economy and society, and the Congress has taken action to support a multifaceted federal response on an unprecedented scale. It is important for decision makers to understand the limitations of COVID-19 data, and the uses and limitations of various methods of analyzing and interpreting those data. The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) includes a provision for GAO to, in general, conduct monitoring and oversight of the authorities and funding provided to address the COVID-19 pandemic and the effect of the pandemic on the health, economy, and public and private institutions of the U.S. This technology assessment examines (1) collection methods and limitations of COVID-19 surveillance data reported by CDC, (2) approaches for analyzing COVID-19 data, and (3) uses and limitations of forecast modeling for understanding of COVID-19. In conducting this assessment, GAO obtained publicly available information from CDC and state health departments, among other sources, and reviewed relevant peer reviewed and preprint (non-peer-reviewed) literature, as well as published technical data on specific models. For more information, contact Timothy M. Persons, PhD at (202) 512-6888 or PersonsT@gao.gov, SaraAnn Moessbauer at (202) 512-4943, or MoessbauerS@gao.gov, or Mary Denigan-Macauley, PhD at (202) 512-7114 or DeniganMacauleyM@gao.gov.
    [Read More…]
  • Department Of Justice Is Combatting COVID-19 Fraud But Reminds The Public To Remain Vigilant
    In Crime News
    The Department of Justice is reminding members of the public to be vigilant against fraudsters who are using the COVID-19 pandemic to exploit American consumers and organizations and to cheat disaster relief programs.  In particular, the department is warning the public about scams perpetrated through websites, social media, emails, robocalls, and other means that peddle fake COVID-19 vaccines, tests, treatments, and protective equipment, and also about criminals that fabricate businesses and steal identities in order to defraud federal relief programs and state unemployment programs. 
    [Read More…]
  • South Carolina Man Sentenced for Making a Bomb Threat to a Clinic and Lying to the FBI
    In Crime News
    Rodney Allen, 43, of Beaufort, South Carolina, was sentenced today in federal court in Jacksonville, Florida, to 24 months in prison. Allen previously pleaded guilty to one count of intimidating and interfering with the employees of an abortion clinic by making a bomb threat and one count of making false statements to a Special Agent with the FBI.
    [Read More…]
  • DA investigator indicted on drug and money laundering charges
    In Justice News
    An investigator with the [Read More…]
  • U.S. Assistance for the Palestinian People
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Defense Contractors: Information on Violations of Safety, Health, and Fair Labor Standards
    In U.S GAO News
    GAO's analysis of federal data found that about 1 percent of companies with Department of Defense (DOD) contracts were cited for willful or repeated safety, health, or fair labor violations in fiscal years 2015 through 2019. However, these data do not indicate whether the violations occurred while performing work related to a defense contract. Companies with DOD Contracts Cited for Willful or Repeated Violations under the Fair Labor Standards Act of 1938 or the Occupational Safety and Health Act of 1970, Fiscal Years 2015 through 2019 Because of limitations in available data, GAO could not determine the total incidence of willful or repeated violations of safety, health, or fair labor standards among all companies with a defense contract in this 5-year time frame. Specifically, about 43 percent of the Department of Labor's (Labor) safety and health violation data did not include key company identification numbers. These numbers are necessary to match federal contracting data to violation data. GAO recommended in February 2019 that Labor explore ways to address this issue. While Labor neither agreed nor disagreed with the recommendation, it issued a memorandum in May 2019 directing its Occupational Safety and Health Administration staff to make every reasonable effort to collect this information during inspections and enter it into its database. About 1 percent of Labor's data on fair labor violations were missing these key company identification numbers. The nature of the willful or repeated violations for companies with DOD contracts during fiscal years 2015 through 2019 varied. According to GAO's analysis of Labor data, the most frequently found willful or repeated safety and health violations related to toxic substances and machinery. For that same time frame, the most frequently found willful or repeated fair labor violations related to failure to pay overtime. The National Defense Authorization Act for Fiscal Year 2020 included a provision for GAO to report on the number of DOD contractors that Labor found to have committed willful or repeated violations under the Occupational Safety and Health Act of 1970 (OSH Act) or the Fair Labor Standards Act of 1938 (FLSA) for fiscal years 2015 through 2019. This report examines the number of DOD contractors that were cited for willful or repeated safety, health, or fair labor standards violations under the OSH Act or FLSA, and the nature of those violations for fiscal years 2015 through 2019. GAO analyzed federal contracting data to identify companies that had defense contracts in fiscal years 2015 through 2019, and matched them to Labor data on companies cited for willful or repeated safety, health, or fair labor standards violations. In addition, GAO used the Labor data to identify information on the nature of the violations. GAO also reviewed relevant federal laws and regulations, and agency documents. For more information, contact William T. Woods at (202) 512-4841 or woodsw@gao.gov, or Thomas Costa at (202) 512-7215 or costat@gao.gov.
    [Read More…]
  • Now is the time: Catch-up to Get Ahead on Childhood Immunizations
    In Human Health, Resources and Services
    During National [Read More…]
  • Man Charged with $1.9 Million COVID-Relief Fraud
    In Crime News
    A Nevada man was charged in an indictment Wednesday for his alleged participation in a scheme to defraud multiple financial institutions by filing bank loan applications that fraudulently sought more than $1.9 million dollars in forgivable loans guaranteed by the Small Business Administration (SBA) under the Coronavirus Aid, Relief, and Economic Security (CARES) Act.
    [Read More…]
  • Fixed-Price-Incentive Contracts: DOD Has Increased Their Use but Should Assess Contributions to Outcomes
    In U.S GAO News
    The Department of Defense (DOD) has encouraged the use of fixed-price-incentive (FPI) contracts where appropriate. These contracts can provide defense contractors with a profit incentive for effective cost control and performance depending on how they are structured. Over the 10-year period from fiscal years 2010 through 2019, obligations on FPI contracts for major defense acquisition programs (MDAPs) grew to account for almost half of the $65 billion in obligations for fiscal year 2019. Percentage of Obligations by Contract Type for Major Defense Acquisition Programs from Fiscal Years 2010 through 2019 DOD guidance, including Better Buying Power initiatives, influenced DOD's use of FPI contracts over the last decade for the selected contracts GAO reviewed. In addition, when selecting a contract type, contracting officers also considered factors including the availability of cost or pricing data, previous experience with the contractor, and the previously used contract type. DOD has not assessed the extent to which use of FPI contracts has contributed to achieving desired cost and schedule performance outcomes. DOD spends billions of dollars annually using fixed-price type contracts to acquire its MDAPs, among other things. In 2010, DOD's Better Buying Power guidance encouraged the use of FPI contracts as a way to obtain greater efficiency and productivity in defense spending. Congress included a provision in statute for GAO to report on DOD's use of fixed-price type contracts, including FPI. This report examines (1) the extent to which DOD has awarded FPI contracts associated with MDAPs from fiscal years 2010 through 2019, and (2) the factors that influenced DOD's decision to use FPI contracts and the extent to which DOD assesses their use, among other objectives. GAO analyzed government contracting data by contract type for fiscal years 2010 through 2019 on contracts for 101 MDAPs. GAO further analyzed a non-generalizable sample of 12 contracts including six FPI and six firm-fixed-price (two of each type from each of the three military departments); conducted file reviews; reviewed policy documentation; and interviewed DOD officials. GAO recommends that DOD conduct an assessment of its use of FPI contracts for major defense acquisition programs, including the extent to which share lines and other contract elements contributed to achieving desired cost and schedule performance outcomes. DOD agreed with GAO's recommendation. For more information, contact W. William Russell at (202) 512-4841 or russellw@gao.gov.
    [Read More…]
  • Houthi Attacks on Saudi Arabia
    In Crime Control and Security News
    Ned Price, Department [Read More…]
  • Statement by Attorney General William P. Barr on Mexico’s Proposed Legislation
    In Crime News
    Attorney General William P. Barr gave the following statement in response to Mexico's proposed legislation:
    [Read More…]
  • Tuvalu Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Chile Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Kazakhstan Travel Advisory
    In Travel
    Do not travel to [Read More…]
  • LPR admits to smuggling fentanyl and heroin through Laredo
    In Justice News
    A 37-year-old legal [Read More…]
  • El Salvador Travel Advisory
    In Travel
    Reconsider travel to El [Read More…]
  • Cuba Travel Advisory
    In Travel
    Do not travel to Cuba [Read More…]
  • Financial Audit: Federal Deposit Insurance Corporation Funds’ 2020 and 2019 Financial Statements
    In U.S GAO News
    GAO found (1) the financial statements of the Deposit Insurance Fund (DIF) and of the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund (FRF) as of and for the years ended December 31, 2020, and 2019, are presented fairly, in all material respects, in accordance with U.S. generally accepted accounting principles; (2) although internal controls could be improved, the Federal Deposit Insurance Corporation (FDIC) maintained, in all material respects, effective internal control over financial reporting relevant to the DIF and to the FRF as of December 31, 2020; and (3) with respect to the DIF and to the FRF, no reportable instances of noncompliance for 2020 with provisions of applicable laws, regulations, contracts, and grant agreements GAO tested. In commenting on a draft of this report, FDIC stated that it was pleased to receive unmodified opinions on the DIF's and the FRF's financial statements. In regard to the significant deficiency in internal control over contract payment review processes, FDIC stated that it began taking steps to address this issue and will work to enhance control activities and expand monitoring capabilities in this area. Further, FDIC stated that it recognizes the essential role a strong internal control program plays in an agency achieving its mission. FDIC added that its commitment to sound financial management has been and will remain a top priority. Section 17 of the Federal Deposit Insurance Act, as amended, requires GAO to audit the financial statements of the DIF and of the FRF annually. In addition, the Government Corporation Control Act requires that FDIC annually prepare and submit audited financial statements to Congress and authorizes GAO to audit the statements. This report responds to these requirements. For more information, contact James R. Dalkin at (202) 512-3133 or dalkinj@gao.gov.
    [Read More…]
  • Southwest Border Security: Actions Are Needed to Address the Cost and Readiness Implications of Continued DOD Support to U.S. Customs and Border Protection
    In U.S GAO News
    Since April 2018, the Department of Homeland Security (DHS) has submitted 33 requests for assistance (RFA) to the Department of Defense (DOD) for support to U.S. Customs and Border Protection's (CBP) mission at the southwest border. DOD established six criteria for evaluating RFAs, which it documents in decision packages. When reviewing four selected decision packages, GAO found that DOD fully evaluated four of these six criteria. GAO found that DOD developed rough cost estimates that were not reliable. In addition, DOD did not fully evaluate the effect on military readiness of providing support at the time the Secretary of Defense considered DHS's requests. Without reliable cost estimates and a timely readiness analysis, DOD is limited in its ability to evaluate the effect of supporting DHS on its budget and readiness rebuilding efforts. DOD's Detection and Monitoring Support Mission DOD has not provided Congress with timely information on the full costs it has incurred since 2018 in supporting DHS. Specifically, during this review, DOD did not submit its statutory report to Congress for fiscal year 2019, which was due March 31, 2020. Additionally, GAO found that DOD's internal tracking of obligations excludes potentially significant costs of border support activities, such as installation support costs and the cost of benefits retroactively provided to members of the National Guard. By providing more timely and complete information to Congress, DOD would enhance Congress's ability to conduct oversight and make funding decisions for DOD and DHS. DOD and DHS employed several key interagency collaboration practices for DOD's support on the southwest border, but they have not agreed on a common outcome for DOD's support in fiscal year 2021 and beyond. DHS anticipates needing at least the current amount of DOD support for the next 3 to 5 years, possibly more, and officials stated that the desired outcome is for DOD to provide the capabilities requested in the RFAs. This differs from DOD's desired outcome, which is to provide temporary assistance until DHS can independently execute its border security mission. Defining and articulating a common outcome for DOD's support could enable DOD to more effectively plan for the resources it will need to support DHS and enable DHS to plan to manage its border security mission more effectively with its own assets. This is a public version of a sensitive report that GAO issued in February 2021. Information on force protection that DOD deemed sensitive has been omitted. For decades, the U.S. southwest border has been vulnerable to cross-border illegal activity such as illegal entries, smuggling of drugs and contraband, and terrorist activities. Since 2002, DOD has supported DHS's mission to secure the nation's borders and episodically supported its efforts to manage surges in foreign nationals without valid travel documents who are seeking entry—most recently since April 2018, when the President directed the Secretary of Defense to support DHS in securing the southwest border. GAO was asked to examine this support. This report assesses the extent to which (1) DOD has evaluated DHS's RFAs, (2) DOD has reported to Congress the full costs of its support, and (3) DOD and DHS have collaborated on border security operations. GAO reviewed RFAs that DHS submitted to DOD between April 2018 and March 2020 and a non-generalizable sample of decision packages that DOD prepared in response, and conducted four site visits to border locations where military personnel were stationed. GAO makes seven recommendations, five to DOD to improve its analysis and reporting of cost and unit-level readiness impacts of supporting southwest border operations and one each to DOD and DHS to define a common outcome for DOD's future support. DOD agreed with one recommendation and disagreed with five. GAO continues to believe the recommendations are warranted as discussed in the report. DHS agreed with the recommendation to it. For more information, contact Elizabeth A. Field at (202) 512-2775 or fielde1@gao.gov.
    [Read More…]
  • Over-The-Counter Drugs: Information on FDA’s Regulation of Most OTC Drugs
    In U.S GAO News
    The Food and Drug Administration (FDA) has regulated most over-the-counter (OTC) drugs—that is, drugs available without a prescription—through the OTC monograph process. FDA has described an OTC monograph as a "rulebook" for marketing safe and effective OTC drugs, such as aspirin, cough and cold medicine, and hand sanitizer. OTC monographs established conditions—such as active ingredients, indications for use, dosage forms, and product labeling—under which an OTC drug was generally recognized as safe and effective. According to FDA officials, before the CARES Act, which was enacted in March 2020, the agency's ability to update and finalize monographs in response to safety issues and to reflect new scientific information was limited by the rulemaking process the agency was required to follow, as well as insufficient resources. Agency officials estimated that it took at least 6 years to complete the required rulemaking process. Additionally, the agency reported it was critically under-resourced to regulate the estimated 100,000 OTC drugs marketed through the monograph process. However, the CARES Act provided for a new process to regulate these OTC drugs rather than the rulemaking process. FDA officials expect it will take less time to update and finalize requirements for OTC drugs using the new process. The CARES Act also authorized FDA to assess user fees to provide additional resources to regulate OTC drugs. Although FDA officials said this new process and user fees should improve its regulation of OTC drugs, the agency's analysis of the effect of the CARES Act is still ongoing. FDA officials told GAO that prior to the CARES Act, they used various methods to identify and respond to safety issues related to OTC drugs. For example, to identify these issues, FDA officials said they read medical literature related to safety issues and reviewed reports submitted to the agency's adverse event reporting system. To respond to these issues, FDA took steps such as issuing drug safety communications to consumers and requesting that manufacturers make changes to a drug's labeling. For example, in 2015, two FDA advisory committees recommended that cough and cold drugs with codeine be removed from the relevant OTC monograph for use in drugs in children. In 2018, FDA also issued a drug safety communication stating the risks outweighed the benefits for the use of these drugs in children. However, FDA officials said these methods were not a substitute for rulemaking because manufacturers could legally market their OTC drugs without making requested safety changes until the rulemaking process was completed. According to FDA officials, the new process for regulating OTC drugs included in the CARES Act could improve FDA's ability to address identified safety risks in a more timely and efficient manner in the future. The act established an expedited process to address safety issues that pose an imminent hazard to public health or to change a drug's labeling to mitigate a significant or unreasonable risk of a serious adverse event. OTC drugs prevent and treat a variety of conditions; for example, sunscreen is used to help prevent sunburn. FDA officials and stakeholders, such as industry representatives and patient and provider groups, have questioned whether the monograph process used to regulate most OTC drugs has been overly burdensome and has limited FDA's ability to quickly update and finalize monographs in response to potential safety issues for consumers. Enacted in March 2020, the CARES Act changed how FDA regulates OTC drugs. The Sunscreen Innovation Act included a provision for GAO to review FDA's regulation of OTC drugs. This report describes, among other issues, (1) the factors that affected FDA's ability to regulate OTC drugs and (2) how FDA identified and responded to safety issues associated with these drugs. GAO reviewed federal statutes and agency documents and interviewed FDA officials and stakeholders familiar with the monograph process. These stakeholders included representatives from the OTC drug industry, health care provider and consumer groups, and researchers. The Department of Health and Human Services provided technical comments on this report, which GAO incorporated as appropriate. For more information, contact John E. Dicken at (202) 512-7114 or dickenj@gao.gov.
    [Read More…]
  • Seventh U.S.-Thailand Strategic Dialogue
    In Crime Control and Security News
    Office of the [Read More…]
  • The United States Takes Actions Against Supporters of the Illegitimate Maduro Regime’s Fraudulent Elections
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Seven North Carolina Tax Preparers Plead Guilty to Conspiring to Defraud the IRS
    In Crime News
    Seven Charlotte, North Carolina tax return preparers pleaded guilty to conspiracy to defraud the United States by preparing and filing false tax returns, announced Principal Deputy Assistant General Richard E. Zuckerman of the Justice Department’s Tax Division, U.S. Attorney R. Andrew Murray for the Western District of North Carolina, and Special Agent in Charge Matthew D. Line of the Internal Revenue Service-Criminal Investigation (IRS-CI).
    [Read More…]
  • Man Arrested in Connection with Alleged Role in Twitter Hack
    In Crime News
    A citizen of the United Kingdom was arrested today in Estepona, Spain, by Spanish National Police pursuant to a U.S. request for his arrest on multiple charges in connection with the July 2020 hack of Twitter that resulted in the compromise of over 130 Twitter accounts, including those belonging to politicians, celebrities and companies.
    [Read More…]
  • Secretary Antony J. Blinken on Release of the 2020 International Religious Freedom Report
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Cote d’Ivoire Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Information Technology: DOD Software Development Approaches and Cybersecurity Practices May Impact Cost and Schedule
    In U.S GAO News
    GAO reported in June 2020 that, of the 15 major Department of Defense (DOD) information technology (IT) programs selected for review, 11 had decreased their cost estimates as of December 2019. The decreases in cost estimates ranged from a .03 percent decrease to a 33.8 percent decrease. In contrast, the remaining four programs experienced increases in their life-cycle cost estimates—--two with increases exceeding 20 percent. Program officials reported several reasons for the increases, including testing delays and development challenges. Ten of the 15 programs had schedule delays when compared to their original acquisition program baselines. Schedule delays ranged from a delay of 1 month to a delay of 5 years. Program officials reported a variety of reasons for significant delays (delays of over 1 year) in their planned schedules, including cyber and performance issues. Regarding software development, officials from the 15 selected major IT programs that GAO reviewed reported using software development approaches that may help to limit risks to cost and schedule outcomes. For example, 10 of the 15 programs reported using commercial off-the-shelf software, which is consistent with DOD guidance to use this software to the extent practicable. Such software can help reduce software development time, allow for faster delivery, and lower life-cycle costs. In addition, 14 of the 15 programs reported using an iterative software development approach which, according to leading practices, may help reduce cost growth and deliver better results to the customer. However, programs also reported using an older approach to software development, known as waterfall, which could introduce risk for program cost growth because of its linear and sequential phases of development that may be implemented over a longer period of time. Specifically, two programs reported using a waterfall approach in conjunction with an iterative approach, while one was solely using a waterfall approach. With respect to cybersecurity, programs reported mixed implementation of specific practices, contributing to program risks that might impact cost and schedule outcomes. For example, all 15 programs reported developing cybersecurity strategies, which are intended to help ensure that programs are planning for and documenting cybersecurity risk management efforts. In contrast, only eight of the 15 programs reported conducting cybersecurity vulnerability assessments—systematic examinations of an information system or product intended to, among other things, determine the adequacy of security measures and identify security deficiencies. These eight programs experienced fewer increases in planned program costs and fewer schedule delays relative to the programs that did not report using cybersecurity vulnerability assessments. For fiscal year 2020, DOD requested approximately $36.1 billion for IT investments. Those investments included major IT programs, which are intended to help the department sustain key operations. The National Defense Authorization Act for Fiscal Year 2019 included a provision for GAO to assess selected IT programs annually through March 2023. GAO's objectives for this review were to, among other things, (1) describe the extent to which selected major IT programs have changed their planned costs and schedules since the programs' initial baselines; and (2) describe what selected software development and cybersecurity risks or challenges, if any, may impact major IT programs' acquisition outcomes. GAO selected programs based on DOD's list of major IT programs, as of April 10, 2019. From this list, GAO identified 15 major IT programs that had established an initial acquisition program baseline and that were not fully deployed by December 31, 2019. GAO compared the 15 programs' initial cost and schedule baselines to current acquisition program estimates. In addition, GAO aggregated DOD program office responses to a GAO questionnaire about software development approaches and cybersecurity practices used by the 15 programs. GAO compared this information to leading practices to identify risks and challenges affecting cost, schedule, and performance outcomes. This report is a public version of a “for official use only” report issued in June 2020. For more information, contact Kevin Walsh at (202) 512-6151 or walshk@gao.gov.
    [Read More…]
  • This Week in Iran Policy
    In Crime Control and Security News
    Office of the [Read More…]
  • Secretary Michael R. Pompeo’s Call with Indian External Affairs Minister S. Jaishankar
    In Crime Control and Security News
    Office of the [Read More…]
  • COVID-19: Federal Efforts Accelerate Vaccine and Therapeutic Development, but More Transparency Needed on Emergency Use Authorizations
    In U.S GAO News
    Through Operation Warp Speed—a partnership between the Department of Health and Human Services (HHS) and the Department of Defense (DOD)—the federal government is accelerating efforts to develop vaccines and therapeutics for COVID-19. A typical vaccine development process can take approximately 10 years or longer, but efforts under Operation Warp Speed seek to greatly accelerate this process by completing key steps simultaneously (see figure). As of October 15, 2020, Operation Warp Speed publicly announced financial support for the development or manufacturing of six COVID-19 vaccine candidates totaling more than $10 billion in obligations. It has also announced financial support for the development of therapeutics, such as a $450 million award to manufacture a monoclonal antibody treatment (a treatment that uses laboratory-made antibodies, which also may be able to serve as a prevention option). Operation Warp Speed Timeline for a Potential Vaccine Candidate Note: An Emergency Use Authorization allows for emergency use of medical products without FDA approval or licensure during a declared emergency, provided certain statutory criteria are met. The Food and Drug Administration (FDA) may temporarily allow the use of unlicensed or unapproved COVID-19 vaccines and therapeutics through emergency use authorizations (EUA), provided there is evidence that the products may be effective and that known and potential benefits outweigh known and potential risks. For vaccines, FDA issued guidance in October 2020 to provide vaccine sponsors with recommendations regarding the evidence FDA needed to support issuance of an EUA. For therapeutics, FDA has issued four EUAs as of November 9, 2020. The evidence to support FDA's COVID-19 therapeutic authorization decisions has not always been transparent, in part because FDA does not uniformly disclose its scientific review of safety and effectiveness data for EUAs, as it does for approvals for new drugs and biologics. Given the gravity of the pandemic, it is important that FDA identify ways to uniformly disclose this information to the public. By doing so, FDA could help improve the transparency of, and ensure public trust in, its EUA decisions. The U.S. had about 10.3 million cumulative reported cases of COVID-19 and about 224,000 reported deaths as of November 12, 2020. Given this catastrophic loss of life as well as the pandemic's effects on the U.S. economy, effective and safe vaccines and therapeutics are more important than ever. The CARES Act includes a provision for GAO to report on its ongoing monitoring and oversight efforts related to the COVID-19 pandemic. This report examines, (1) efforts of Operation Warp Speed to accelerate COVID-19 vaccine and therapeutic development; and (2) FDA's use of EUAs for COVID-19 therapeutics and vaccines, among other objectives. GAO reviewed federal laws and agency documents, including HHS and DOD information on vaccine and therapeutic development and EUAs as of November 2020. GAO interviewed or received written responses from HHS and DOD officials, and interviewed representatives from vaccine developers and manufacturers, as well as select public health stakeholders and provider groups covering a range of provider types. FDA should identify ways to uniformly disclose to the public the information from its scientific review of safety and effectiveness data when issuing EUAs for therapeutics and vaccines. HHS neither agreed nor disagreed with the recommendation, but said it shared GAO's goal of transparency and would explore approaches to achieve this goal. For more information, contact Mary Denigan-Macauley at (202) 512-7114 or deniganmacauleym@gao.gov, or Alyssa M. Hundrup at (202) 512-7114 or hundrupa@gao.gov.
    [Read More…]
  • Lao People’s Democratic Republic National Day
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Mexico Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Department of Justice’s COPS Office Invests More Than $536.7 Million in Grants to Improve Public Safety, Reduce Crime and Advance Community Policing
    In Crime News
    The Department of Justice’s Office of Community Oriented Policing Services (COPS Office) awarded more than $536.7 million in Fiscal Year 2020 to increase law enforcement hiring and to improve school safety, combat opioids and methamphetamine, advance community policing efforts, provide training to the law enforcement field, and protect the health of our nation’s officers and deputies.
    [Read More…]
  • Bonaire, Sint Eustatius and Saba Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Acting Attorney General Monty Wilkinson Issues Statement on the Shootings of FBI Special Agents in Florida
    In Crime News
    This morning FBI Special Agent Daniel Alfin and Special Agent Laura Schwartzenberger were killed in the line of duty and three other agents were wounded while executing a federal court-ordered search warrant in a crimes against children investigation in Sunrise, Florida.  Acting Attorney General Monty Wilkinson issued the following statement:
    [Read More…]
  • South Korea Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Secretary Pompeo’s Meeting with the Taliban
    In Crime Control and Security News
    Office of the [Read More…]
  • Justice Department Files Race Discrimination Lawsuit Against Housing Authority in Oklahoma
    In Crime News
    The Justice Department announced today that it has filed a lawsuit alleging that the Housing Authority of the Town of Lone Wolf, Oklahoma, along with its former employees, David Haynes and Myrna Hess, violated the Fair Housing Act and Title VI of the Civil Rights Act of 1964 when they denied housing to an African-American applicant and her young child because of their race. 
    [Read More…]
  • Brazil Travel Advisory
    In Travel
    Do not travel to Brazil [Read More…]
  • Secretary Antony J. Blinken with Johannes Langkilde of DR-TV
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Federal Prison Industries: Actions Needed to Evaluate Program Effectiveness
    In U.S GAO News
    The First Step Act of 2018 made new, nonfederal markets and potential buyers available to Federal Prison Industries (FPI), a government corporation organized within the Bureau of Prisons (BOP); however, various challenges could limit FPI's ability to sell to customers in these markets. FPI makes apparel, personal protective equipment, and furniture, among other products. FPI may now sell to the District of Columbia government, including, for example, to its firefighters; nonfederal, governmental entities for use in correctional settings or in response to a disaster or emergency, such as local jails and first responders; and nonprofit organizations, such as universities. However, a lack of information makes it difficult to estimate the dollar value of these new markets. The following figure depicts the new markets made available to FPI. New Markets for Federal Prison Industries' Products under the First Step Act Data on the size of most of the new markets are very limited. For example, GAO found no existing national information to help estimate the size and scope of relevant spending by nonfederal entities on disaster relief and emergencies. Also, challenges related to state and local government operations, for example, could limit FPI's ability to sell products in the new markets made available under the First Step Act. Specifically, state-level prison industries and in-state vendors often have preferential access to many of the procurement markets now available to FPI. FPI and the private sector share some similar operating requirements, such as those related to keeping workers safe. They also face different requirements and business practices, such as those related to the legal framework, security, and costs. Available data indicate that buyers are generally satisfied with the delivery and quality of FPI products. GAO analyzed 231 performance reports on FPI in the federal government's database for contractor performance, as of August 2019. Customers rated FPI's performance in the delivery schedule and quality categories as exceptional, very good, or satisfactory on about 80 and 90 percent, respectively, of performance reports. There were too few ratings on cost to analyze them. FPI aims to assist inmates in their reentry into society by providing marketable job skills, but BOP has not reviewed FPI's impact on recidivism in over 2 decades. BOP relies on outdated studies that assessed the impact of FPI on inmates released in the 1980s. In January 2020, BOP cited a 1992 study as the basis for the Attorney General's designation of FPI as an Evidence-Based Recidivism Reduction Program under the First Step Act 0f 2018 . BOP made a plan to evaluate FPI but the plan's timeline passed and the BOP has not set a new one. Without an updated plan for evaluating FPI, BOP continues to rely on outdated evaluations of FPI and has limited information about FPI's effectiveness amidst changes to its inmate population Additionally, while BOP has reported some descriptive statistics on recidivism rates, it has not developed a goal. Without a timeline for evaluation and a goal for reducing recidivism, BOP's ability to assess the effectiveness of FPI will be limited. FPI is a government owned corporation that, as a national reentry program, manages, trains, and rehabilitates inmates through employment. FPI sells inmate-produced goods and services primarily to federal government agencies. The First Step Act of 2018 authorized FPI to sell its products to new markets. A provision in the First Step Act of 2018 required GAO to review various aspects of FPI. This report addresses (1) the potential size and scope of the additional markets made available to FPI under the First Step Act; (2) the similarities and differences in selected requirements and business practices of FPI and private sector sellers of products and services; (3) customers' satisfaction with FPI regarding quality, price, and timely delivery of its products and services; and (4) the extent to which BOP has evaluated the effectiveness of FPI and other vocational programs in reducing recidivism and the results. GAO examined recidivism studies and data, analyzed performance data, conducted fieldwork at four FPI facilities selected based on security level and type of products produced, met with industry associations, and interviewed agency officials and employed inmates. GAO is making two recommendations: (1) BOP should update its evaluation plan for FPI by setting a new timeline for evaluation and (2) BOP should set a goal to reduce recidivism. DOJ concurred with the recommendations. For more information, contact Gretta L. Goodwin at (202) 512-8777 or goodwing@gao.gov or William T. Woods at (202) 512-4841 or woodsw@gao.gov.
    [Read More…]
  • Justice Department Calls on San Francisco Mayor to End “One Congregant” Rule for Places of Worship to Comply with the Constitution
    In Crime News
    The Justice Department today sent a letter to the San Francisco mayor explaining that the city’s policy of only allowing a single worshiper in places of worship regardless of their size, while allowing multiple patrons in other indoor settings including gyms, tattoo parlors, hair salons, massage studios, and daycares, is contrary to the Constitution and the nation’s best tradition of religious freedom.
    [Read More…]
  • Department Of Justice Applauds President Trump’s Authorization Of The Antitrust Criminal Penalty Enhancement And Reform Permanent Extension Act
    In Crime News
    On October 1, President Donald J. Trump signed into law a continuing resolution that contains the Antitrust Criminal Penalty Enhancement and Reform Permanent Extension Act (the “Act”).  The Act reauthorizes the Antitrust Criminal Penalty Enhancement and Reform Act (ACPERA) and repeals the sunset provision therein.
    [Read More…]
  • Two Former Tennessee Correctional Officers Sentenced for Civil Rights Offenses
    In Crime News
    Two former Tennessee Department of Corrections (TDOC) Correctional Officers were sentenced today for assaulting an inmate in violation of a federal civil rights statute. 
    [Read More…]
  • Justice Department Files Civil Action to Shut Down Chicago-Area Tax Return Preparer
    In Crime News
    The United States has filed a complaint seeking to bar a Chicago-area tax return preparer from preparing federal income tax returns for others, the Justice Department announced today. The civil complaint against Lavon Boyd was filed in the U.S. District Court for the Northern District of Illinois and alleges that Boyd prepared federal income tax returns for Chicago-area taxpayers that significantly understated his customers’ tax liabilities by fabricating business losses. The suit alleges that Boyd fabricated or exaggerated his customers’ business expenses. The suit also charges that Boyd allegedly fabricated childcare expenses on at least one of his customers’ tax returns.
    [Read More…]
  • Secretary Antony J. Blinken Before Virtual Meeting with Kenyan President Uhuru Kenyatta
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Judiciary Launches Redesigned PACER Website
    In U.S Courts
    The Administrative Office of the U.S Courts on June 28 will launch a redesigned informational website for the Judiciary’s electronic court records system, known as PACER (Public Access to Court Electronic Records).
    [Read More…]
  • Political Donor Sentenced to 12 Years in Prison for Lobbying and Campaign Contribution Crimes, Tax Evasion, and Obstruction of Justice
    In Crime News
    A venture capitalist and political fundraiser was sentenced today to 144 months in federal prison for falsifying records to conceal his work as a foreign agent while lobbying high-level U.S. government officials, evading the payment of millions of dollars in taxes, making illegal campaign contributions, and obstructing a federal investigation into the source of donations to a presidential inauguration committee. Imaad Shah Zuberi, 50, of Arcadia, California, was sentenced by U.S. District Judge Virginia A. Phillips, who also ordered him to pay $15,705,080 in restitution and a criminal fine of $1.75 million.
    [Read More…]
  • Maryland Tax Preparer Indicted for Preparing False Returns
    In Crime News
    A federal grand jury in Greenbelt, Maryland, returned an indictment today charging an Upper Marlboro tax return preparer with conspiracy to defraud the United States and aiding and assisting in the preparation of false tax returns, announced Principal Deputy Assistant Attorney General Richard E. Zuckerman of the Justice Department’s Tax Division and U.S. Attorney for the District of Maryland Robert K. Hur.
    [Read More…]
  • Accelerating Innovation in Diagnostic Testing for Lyme Disease: HHS Request for Information (RFI)
    In Human Health, Resources and Services
    March 4, 2021 By: [Read More…]