The Department of Defense has made significant use of private security contractors in the wars in Afghanistan and Iraq. Contractors' involvement in the deaths of civilians and other incidents prompted a renewed call in 2008 for nations to ensure that contractors respect international humanitarian law.
DOD has worked to improve its monitoring of its security contractor use but can't readily or comprehensively identify these personnel and what they're doing. For example, it can't identify which contractors are armed.
We made 3 recommendations, including assigning responsibility to a single high-level official for monitoring contractors.
What GAO Found
The Department of Defense (DOD) has been unable to comprehensively identify private security contractor (PSC) contracts and personnel supporting contingency, humanitarian, peace-keeping, or other similar operations, limiting DOD's ability to readily and accurately identify the use of PSCs. DOD uses PSCs, which include companies and their personnel, hired to provide security services for the U.S. government. However, neither DOD nor GAO was able to use DOD's three PSC data sources to readily determine the universe of PSCs, the type of operation or exercise they support, or their functions, activities, and armed or unarmed status. For example, queries of DOD databases using the term “security guard” to identify PSC personnel excluded eight other job titles that may also perform private security functions. DOD has not comprehensively determined and communicated the contracted activities that fall within its definition of private security functions. Further, DOD does not have a means of readily identifying the contracts and personnel performing those activities in data sources. Without better identifying and tracking its PSC contracts and personnel, DOD will not be able to accurately determine its use of PSCs.
Since 2009, DOD has established an oversight framework for its use of PSC contracts, but has not fully monitored the implementation of this framework. DOD's framework distributes oversight functions across the department as well as to organizations outside the department (see fig.).
Roles and Functions of Entities to Oversee DOD's Use of Private Security Contractor (PSC) Contracts and Personnel
However, DOD has not fully monitored whether and how it and the other entities have carried out their PSC oversight roles and functions. For example, GAO reviewed data for deployed contractor personnel with the job title of “security guard” and found that about 12 percent of those individuals were employed by companies not on a DOD list of certified PSC companies. Independent, third-party certification is a key oversight mechanism DOD relies on to ensure it contracts with companies that use approved personnel hiring, screening, training, and reporting practices. DOD lacks a single, senior-level position assigned to fully monitor whether DOD and various entities are carrying out their respective PSC oversight roles and functions. Without assigning this position, DOD increases the risk of incidents that its framework aims to prevent.
Why GAO Did This Study
During Operation Enduring Freedom in 2001–2014 and Operation Iraqi Freedom in 2003–2011, DOD significantly increased its use of PSCs. In 2008, the Swiss Government and the Red Cross issued the Montreux Document, which generally reaffirmed the obligation nations have to ensure that their PSCs respect international humanitarian law. PSCs supporting DOD have faced international attention resulting from incidents allegedly involving their personnel.
The National Defense Authorization Act for Fiscal Year 2020 included a provision for GAO to review DOD's use of PSCs. GAO assessed the extent to which DOD has (1) identified PSC contracts and personnel used to support contingency operations and (2) established a framework to oversee the department's use of PSC contracts. GAO analyzed DOD contract and personnel data for PSCs from 2009 through 2019, reviewed DOD guidance on PSC use, and conducted interviews with DOD officials and representatives from standards organizations.
GAO is making three recommendations to improve PSC oversight, including identifying and communicating the activities that fall under DOD's definition of PSC functions, and assigning a senior-level position responsible for monitoring the implementation of DOD's PSC oversight framework. DOD partially concurred with the recommendations, agreeing in substance and planning several actions as a result. DOD's planned actions should address the intent of GAO's recommendations if implemented.
Recommendations for Executive Action
|Department of Defense||The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, Personnel and Readiness, and Intelligence and Security, in coordination with the Chairman of the Joint Chiefs of Staff, Commanders of the Combatant Commands, and the Secretaries of the military departments, comprehensively determine and designate which of DOD's contracted activities and services fall within the department's definition of private security functions and communicate this information to relevant parties. (Recommendation 1)|
|Department of Defense||The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, in coordination with Commanders of the Combatant Commands, and the Secretaries of the military departments develop a means for identifying the contracts and personnel performing those activities in readily available data sources, such as by establishing a data code unique to PSCs for use in existing fields in DOD data sources. (Recommendation 2)|
|Department of Defense||The Secretary of Defense should ensure that the Under Secretary of Defense for Acquisition and Sustainment updates Department of Defense Instruction 3020.50 and other guidance, as appropriate, to assign a senior-level DOD position the responsibility for monitoring the roles and functions of DOD and non-DOD entities under the department's PSC oversight framework, and require that the assigned position periodically document the results of its monitoring. (Recommendation 3)|