Skip to Highlights
Highlights

What GAO Found

The agencies responsible for eight programs designed to protect critical technologies have implemented several initiatives since 2007, but face some implementation challenges. Agencies have made progress addressing previously identified weaknesses in response to changes in law, GAO recommendations, or agencies' own internal identification of them. For instance, the area of export controls has seen significant action for reform, based on an April 2010 framework announced by the administration. Other programs, such as the Committee on Foreign Investment in the United States, have undergone reform through legislative requirements. As shown in the table below, multiple agencies have responsibility for these eight programs designed to protect critical technologies.

Selected U.S. Government Programs for the Identification and Protection of Critical Technologies

Program

Lead agencies and stakeholders agencies

International Traffic in Arms Regulations export controls

State (lead), Defense, Homeland Security, and Justice

Export Administration Regulations export controls

Commerce (lead), State, Central Intelligence Agency, Defense, Energy, Homeland Security, and Justice

Anti-Tamper Policy

Defense

Foreign Military Sales Program

State (lead), Defense, and Homeland Security

National Disclosure Policy Committee

Defense (lead), State, and intelligence community

Militarily Critical Technologies Program

Defense

National Industrial Security Program

Defense (lead), applicable to other departments and agencies

Committee on Foreign Investment in the United States

Treasury (lead), Commerce, Defense, Energy, Homeland Security, Justice, State, and others

Source: GAO | GAO-15-288

However, some of these eight programs have additional challenges that remain to be addressed. For example, the Department of Defense (DOD) has not yet completed an evaluation of the Militarily Critical Technologies List or potential alternatives in response to GAO recommendations regarding the need to determine the best approach for meeting users' requirements for a technical reference. Further, DOD and the Department of Homeland Security still need to take additional actions to improve shipment tracking and verification procedures of arms sales to foreign allies for the Foreign Military Sales program.

Both existing mechanisms and some new initiatives among the critical technologies programs support collaboration, but collaboration among lead and stakeholder agencies remains a challenge. GAO's September 2012 work on interagency collaboration mechanisms notes that many of the meaningful results the federal government seeks to achieve require the coordinated efforts of more than one federal agency. Recent initiatives have resulted in improved interagency collaboration. For example, DOD offices now communicate with non-DOD agencies through a formally instituted group to discuss potential technology transfers to foreign governments. However, current collaboration mechanisms do not involve direct communication among all the programs in the protection of critical technologies portfolio. Improved collaboration among the programs and agencies involved in the protection of critical technologies could help increase their efficiency and effectiveness.

Why GAO Did This Study

Each year, the federal government spends billions of dollars to develop and acquire advanced technologies in order to maintain U.S. superiority in military technology. The U.S. government permits and facilitates the sale and transfer of its technologies to allies in order to promote U.S. national security, foreign policy, and economic interests. However, these technologies can be targets for theft, espionage, reverse engineering, illegal export, and other forms of unauthorized transfer. Accordingly, the U.S. government administers programs to identify and protect its critical technologies.

GAO (1) assessed the progress of the various agencies' efforts and identified implementation challenges, if any, to reform programs and processes to protect critical technologies; and (2) determined the extent to which cognizant agencies are coordinating with stakeholder agencies on their respective reform efforts to ensure effective collaboration. GAO reviewed laws, regulations, and guidance, as well as documentation of agency initiatives to reform programs that protect critical technologies and interviewed officials from lead and stakeholder agencies.

Skip to Recommendations

Recommendations

To ensure a consistent and collaborative approach to the protection of critical technologies, GAO recommends that agencies with lead and stakeholder responsibilities take steps to promote and strengthen collaboration mechanisms among their respective programs.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security 1. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
In providing comments on this report, DHS concurred with this recommendation and relevant efforts by DHS to finalize memoranda of understanding with other agencies and by the Export Enforcement Coordination Center to share information and data across the export control enforcement community are ongoing. However, as of June 2020, we have no information to indicate that any high-level interagency coordination on critical technologies is ongoing among the larger group of agencies, which includes the Department of Homeland Security. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.
Department of Commerce 2. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
Commerce concurred with this recommendation and has identified various efforts to collaborate across multiple agencies within individual critical technologies programs, but consistent with our findings in the report, these are all efforts to collaborate across agencies within individual critical technologies programs, but offer very little in the way of collaboration across the portfolio. As of June 2020, we have no information to indicate that any high-level interagency coordination on critical technologies is ongoing among the larger group of agencies, which includes the Commerce Department. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.
Department of Defense 3. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
DOD agreed with this recommendation. DOD has identified numerous activities within DOD to coordinate across the critical technologies portfolio, in particular the Arms Transfer and Technology Release Senior Steering Group. In some cases, these activities include other departments, most commonly State. However, as of June 2020, we have no information that any high-level coordination on critical technologies is ongoing among the larger group of agencies, which includes the Department of Defense. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.
Office of the Attorney General 4. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
Justice concurred with this recommendation. Justice has collaboration mechanisms within individual programs, but not collectively across the portfolio. The agency has identified coordination actions being taken across the agencies with export control responsibilities--including through the Export Control Enforcement Center--and through the Committee on Foreign Investment in the United States. However, as of June 2020, we have no information to indicate that any high-level interagency coordination on critical technologies is ongoing among the larger group of agencies, which includes the Department of Justice. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.
Department of the Treasury 5. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
Treasury concurred with this recommendation. Treasury has collaboration mechanisms within individual programs and has identified actions it has taken across agencies with export control responsibilities and through the Committee on Foreign Investment in the United States. However, as of June 2020, we have no information to indicate that any high-level interagency coordination on critical technologies is ongoing among the larger group of agencies, which includes the Department of the Treasury. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.
Department of State 6. To ensure a consistent and more collaborative approach to the protection of critical technologies, the Secretaries of Commerce, Defense, Homeland Security, State, and the Treasury; as well as the Attorney General of the United States, who have lead and stakeholder responsibilities for the eight programs within the critical technologies portfolio, should take steps to promote and strengthen collaboration mechanisms among their respective programs while ongoing initiatives are implemented and assessed. These steps need not be onerous; for example, they could include conducting an annual meeting to discuss their programs, including the technologies they are protecting, their programs' intent, any new developments or changes planned for their programs, as well as defining consistent critical technologies terminology and sharing important updates.
Closed - Not Implemented
The State Department concurred with this recommendation. State has collaboration mechanisms within individual programs and, in May 2018, provided information on additional actions taken within the department. However, as of June 2020, we have no information to indicate that any high-level interagency coordination on critical technologies is ongoing among the larger group of agencies, which includes the State Department. Given that over 5 years has passed since we made the recommendation and no action has been taken, we are closing the recommendation as not implemented.

Full Report

GAO Contacts