The U.S. Agency for Global Media, formerly known as the Broadcasting Board of Governors, has lost its authority to conduct and adjudicate its own background investigations for its employees, following a long saga of mismanagement within the organization’s personnel security program.
A lengthy report, which USAGM released last week, details the many attempts the Office of Personnel Management made to compel the broadcasting agency to bring its security and suitability program in order.
Insight by Carahsoft: Learn from IT experts as they outline the significant impacts cloud and 5G have on implementing zero trust architecture in this exclusive executive briefing.
It describes longstanding practices at USAGM, where the broadcasting agency routinely used outdated security clearance forms and refused to deploy new ones, took too long to initiate background investigations for new hires and regularly designated positions at the wrong clearance levels, meaning employees often had access to classified or sensitive information they shouldn’t have.
Years of inaction and mismanagement recently prompted OPM to take rare action. The agency is revoking USAGM’s delegated authorities until it addresses a series of recommendations, many of which have been pending for eight years.
“OPM has revoked delegated investigative authority in the past; however, it is exceedingly rare,” Lauren Ehrsam Gorey, an OPM spokeswoman, said in an email to Federal News Network. “Delegated authority has been revoked from an agency at least one other time, and this has not occurred in more than 20 years.”
The U.S. Agency for Global Media did not respond to multiple requests for further comment. The agency released a statement on July 23, before CEO Michael Pack released OPM’s findings in full last week. The statement simply described a “long-term security failure” at the agency.
“Multiple in-depth assessments of USAGM have been conducted by other federal agencies,” Pack said. “These assessments reveal systemic, severe and fundamental security failures, many of which have persisted for years. We are working closely with our federal partners to ensure that findings are addressed swiftly and appropriately.”
“I also ordered a comprehensive investigation of USAGM operations because I am concerned that the failures identified compromise the agency’s ability to fulfill its mission, undermine the efficiency and effectiveness of the federal workforce and pose a threat to U.S. national security,” Pack added.
USAGM did not elaborate on what its investigation would entail.
The vast majority of agencies use the Defense Counterintelligence and Security Agency, and OPM’s National Background Investigations Bureau previously, as their security clearance provider. About 20 agencies or agency subcomponents have received their own designated authority to conduct background investigations and other security services, OPM said. Most are agencies in the intelligence community, but USAGM had its own delegated authority as well.
Agencies with their own investigative and adjudicative authority are subject to regular audits from OPM, which reviews their personnel suitability and vetting programs.
OPM first detected problems with USAGM’s programs back in 2010, offering up 14 recommendations later in 2012 to improve.
OPM and the Office of the Director of National Intelligence reviewed USAGM’s suitability and security program again in 2014. The agencies again alerted USAGM to a series of critical recommendations, including several repeat findings it hadn’t addressed from the previous years.
Two subsequent reviews of the USAGM program revealed similar findings. By 2019, OPM gave the agency 37 separate recommendations, warning that if USAGM could lose its adjudicative authority if it failed to act.
Though USAGM did address 18 of OPM’s 37 recommendations, it failed to act on 19 of them. In a 2020 review, OPM identified six more suggestions and announced steps to revoke USAGM’s adjudicative and other delegated authorities.
USAGM technically lost authority to conduct its own background investigations several years ago after a memorandum of understanding between the agency and OPM expired back in 2012.
But USAGM continued to conduct its own background investigations for years, despite multiple attempts by OPM to inform the agency of the expired delegated authority.
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
“Despite receiving our prior reports and our discussion of USAGM’s lack of authority to act as its own investigative service provider, the director of security and the chief of the adjudications branch claimed ‘nobody knew’ of the expired MOU during our 2018 onsite activities,” OPM said. “The director of security stated he discovered the expired MOU in July of 2017 and tried to contact OPM to resolve the issue, with no results.”
It wasn’t until 2019 that USAGM confirmed it had stopped conducting background investigations of its employees and had transferred the work to DCSA.
The background investigations themselves were also often faulty, OPM said. All investigative files that OPM reviewed were missing at least some piece of crucial information.
“The quality of USAGM’s background investigations posed a serious risk to both the agency and the federal government as a whole, as USAGM employees had not been appropriately or thoroughly vetted before being granted access to federal systems, facilities, and, in many instances, sensitive or classified information,” OPM said.
Though USAGM has since transferred security clearance work to DCSA, the agency must still initiate new investigations for the 1,527 employees who were investigated since 2012.
According to OPM, USAGM is still in the process of identifying, prioritizing and re-initiating those investigations. The work is a priority, the agency told OPM, but it was still waiting on its HR director to redesignate all agency positions. It had no timeline for when investigations would be complete, and since OPM visited USAGM for its on-site review, the agency had scheduled investigations for 314 employees.
“USAGM’s failure to schedule new investigations as required poses a serious risk to the agency and the federal government as a whole. USAGM employees have not been properly vetted, yet currently have access to government systems, facilities, and, in some cases, sensitive or classified information,” OPM said. “More importantly, USAGM employees wishing to change jobs could have their investigations reciprocally accepted by a new agency, which would not know the investigations (and subsequent favorable adjudication) were invalid.”
USAGM also failed to properly designate positions at the correct security levels, meaning employees were often cleared at investigation tiers that were too high or low for the work they did for the agency. It also meant employees often received access to classified information when they hadn’t received the proper clearance to work with secret or top-secret data, OPM said.
Hiring managers and other human resources professionals often used their own personal judgment, rather than OPM’s own system, to designate positions at various security levels.
“Failure to consistently designate agency positions at the proper level using established standards may result in investigating employees at a higher level than required, subjecting them to unnecessary scrutiny and placing undue financial burden on the agency,” OPM said. “It may also allow individuals access to information they are not properly vetted for, placing the agency and the federal government at risk.”