Private Security Contractors: DOD Needs to Better Identify and Monitor Personnel and Contracts

GAO-21-255 Published: Jul 29, 2021. Publicly Released: Jul 29, 2021.
Jump To:
Fast Facts

The Department of Defense has made significant use of private security contractors in the wars in Afghanistan and Iraq. Contractors' involvement in the deaths of civilians and other incidents prompted a renewed call in 2008 for nations to ensure that contractors respect international humanitarian law.

DOD has worked to improve its monitoring of its security contractor use but can't readily or comprehensively identify these personnel and what they're doing. For example, it can't identify which contractors are armed.

We made 3 recommendations, including assigning responsibility to a single high-level official for monitoring contractors.

 

Aerial view of the Pentagon

 

Skip to Highlights
Highlights

What GAO Found

The Department of Defense (DOD) has been unable to comprehensively identify private security contractor (PSC) contracts and personnel supporting contingency, humanitarian, peace-keeping, or other similar operations, limiting DOD's ability to readily and accurately identify the use of PSCs. DOD uses PSCs, which include companies and their personnel, hired to provide security services for the U.S. government. However, neither DOD nor GAO was able to use DOD's three PSC data sources to readily determine the universe of PSCs, the type of operation or exercise they support, or their functions, activities, and armed or unarmed status. For example, queries of DOD databases using the term “security guard” to identify PSC personnel excluded eight other job titles that may also perform private security functions. DOD has not comprehensively determined and communicated the contracted activities that fall within its definition of private security functions. Further, DOD does not have a means of readily identifying the contracts and personnel performing those activities in data sources. Without better identifying and tracking its PSC contracts and personnel, DOD will not be able to accurately determine its use of PSCs.

Since 2009, DOD has established an oversight framework for its use of PSC contracts, but has not fully monitored the implementation of this framework. DOD's framework distributes oversight functions across the department as well as to organizations outside the department (see fig.).

Roles and Functions of Entities to Oversee DOD's Use of Private Security Contractor (PSC) Contracts and Personnel

Roles and Functions of Entities to Oversee DOD's Use of Private Security Contractor (PSC) Contracts and Personnel

However, DOD has not fully monitored whether and how it and the other entities have carried out their PSC oversight roles and functions. For example, GAO reviewed data for deployed contractor personnel with the job title of “security guard” and found that about 12 percent of those individuals were employed by companies not on a DOD list of certified PSC companies. Independent, third-party certification is a key oversight mechanism DOD relies on to ensure it contracts with companies that use approved personnel hiring, screening, training, and reporting practices. DOD lacks a single, senior-level position assigned to fully monitor whether DOD and various entities are carrying out their respective PSC oversight roles and functions. Without assigning this position, DOD increases the risk of incidents that its framework aims to prevent. 

Why GAO Did This Study

During Operation Enduring Freedom in 2001–2014 and Operation Iraqi Freedom in 2003–2011, DOD significantly increased its use of PSCs. In 2008, the Swiss Government and the Red Cross issued the Montreux Document, which generally reaffirmed the obligation nations have to ensure that their PSCs respect international humanitarian law. PSCs supporting DOD have faced international attention resulting from incidents allegedly involving their personnel.

The National Defense Authorization Act for Fiscal Year 2020 included a provision for GAO to review DOD's use of PSCs. GAO assessed the extent to which DOD has (1) identified PSC contracts and personnel used to support contingency operations and (2) established a framework to oversee the department's use of PSC contracts. GAO analyzed DOD contract and personnel data for PSCs from 2009 through 2019, reviewed DOD guidance on PSC use, and conducted interviews with DOD officials and representatives from standards organizations.

Skip to Recommendations

Recommendations

GAO is making three recommendations to improve PSC oversight, including identifying and communicating the activities that fall under DOD's definition of PSC functions, and assigning a senior-level position responsible for monitoring the implementation of DOD's PSC oversight framework. DOD partially concurred with the recommendations, agreeing in substance and planning several actions as a result. DOD's planned actions should address the intent of GAO's recommendations if implemented.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, Personnel and Readiness, and Intelligence and Security, in coordination with the Chairman of the Joint Chiefs of Staff, Commanders of the Combatant Commands, and the Secretaries of the military departments, comprehensively determine and designate which of DOD's contracted activities and services fall within the department's definition of private security functions and communicate this information to relevant parties. (Recommendation 1)
Open
DOD partially concurred, agreeing that it is important to identify and communicate which contracted activities and services are private security contractor functions to the relevant parties and to designate future contracted activities and services that fall within those functions. DOD also agreed to evaluate and assess potential courses of action to achieve better clarity in its definition and application of private security functions. Once completed, DOD's planned actions would fulfill the intent of our recommendation if DOD includes comprehensively determining and designating which of its contracted activities and services fall within the department's definition of private security functions. DOD's partial concurrence was because it took exception to GAO including the official replacing the Chief Management Officer as one of several DOD officials to participate in implementing the recommendation. GAO continues to believe that it is appropriate for the recommendation to refer to "the appropriate official replacing the Chief Management Officer," among other DOD offices and officials.
Department of Defense The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, in coordination with Commanders of the Combatant Commands, and the Secretaries of the military departments develop a means for identifying the contracts and personnel performing those activities in readily available data sources, such as by establishing a data code unique to PSCs for use in existing fields in DOD data sources. (Recommendation 2)
Open
DOD partially concurred, agreeing to evaluate and assess courses of action to improve capabilities in identifying future contracts requiring contractor personnel performing private security functions in one or more DOD data sources. We believe that DOD's planned action is an important step and once DOD identifies, adopts, and implements the resulting course of action, the intent of our recommendation should be met. Regarding DOD position that its SPOT-ES data source has the ability to identify contracts where personnel are performing private security functions, as noted in our report, we found that existing SPOT-ES mechanisms did not separately and comprehensively identify those personnel who meet DOD criteria for being private security contractor personnel. We therefore disagree with DOD's position on the adequacy of its SPOT-ES system in the current form to address the recommendation.
Department of Defense The Secretary of Defense should ensure that the Under Secretary of Defense for Acquisition and Sustainment updates Department of Defense Instruction 3020.50 and other guidance, as appropriate, to assign a senior-level DOD position the responsibility for monitoring the roles and functions of DOD and non-DOD entities under the department's PSC oversight framework, and require that the assigned position periodically document the results of its monitoring. (Recommendation 3)
Open
DOD partially concurred, stating that it is updating DOD Instruction 3020.50 and related guidance to designate the Deputy Assistant Secretary of Defense for Logistics as the senior DOD official responsible for policy on monitoring private security contracts and personnel. Further, DOD agreed with establishing periodic reporting requirements to capture the results of any monitoring activities that might be undertaken as a result. If the department intends for the Deputy Assistant Secretary of Defense for Logistics to be the official responsible for gathering and analyzing data to monitor the roles and functions of entities under the department's private security contractors' oversight framework, DOD's planned action would meet the intent of our recommendation. DOD disclaimed the authority to monitor roles and functions of non-DOD entities under its oversight framework. However, to the extent DOD's greater engagement with non-DOD entities through advice, collaboration, and enforcement of contractual requirements will afford the relevant DOD office with greater visibility into how and to what degree the non-DOD entities perform their respective roles, DOD's actions would meet the intent of our recommendation.

Full Report

GAO Contacts