Capitol Attack: Federal Agencies Identified Some Threats, but Did Not Fully Process and Share Information Prior to January 6, 2021

What GAO Found

In the weeks leading up to January 6, 2021, agencies obtained information on potential threats from various sources including investigations, open sources, and social media tips. All 10 federal agencies GAO reviewed identified potential threats of violence, and two—the FBI and the Capitol Police—identified credible threats.

However, some agencies did not fully process information or share it, preventing critical information from reaching key federal entities responsible for securing the National Capital Region against threats. For example,

• The FBI and the Department of Homeland Security (DHS) Office of Intelligence and Analysis (I&A) did not consistently follow agency policies or procedures for processing tips or potential threats because they did not have controls to ensure compliance with policies. Identifying and remediating internal control deficiencies (reasons why staff did not consistently follow policies) will help FBI and DHS I&A ensure policies are consistently followed and help ensure potential threats are developed and investigated, as appropriate.
• DHS I&A, Capitol Police, and Park Police did not consistently share all fully developed threat information with relevant stakeholders. For example, DHS I&A did not share threat products based on open sources with certain law enforcement partners. Capitol Police did not share threat products with its frontline officers. GAO found that DHS I&A did not have internal controls, and other agencies did not have policies to enable sharing of threat information.

Capitol Police photo above the Capitol Building on January 6, 2021

Most agencies generally used the same methods to identify threats related to January 6 as they did for other demonstrations in D.C., such as the racial justice demonstrations in summer 2020 and the Make America Great Again (MAGA) I and MAGA II demonstrations in fall 2020. DHS I&A officials said they were hesitant to report on January 6 threats due to scrutiny of reporting of other events in 2020.

Why GAO Did This Study

Prior to and during the events of January 6, 2021, federal, state, and local entities were responsible for identifying and sharing information on potential threats to inform security measures and ensure the safety of the U.S. Capitol.

GAO was asked to review the January 6, 2021 attack. This is the seventh in a series of reports and addresses (1) how federal agencies identified threats related to the events of January 6, 2021; (2) the extent to which federal agencies took steps to process and share threat information prior to the events of January 6, 2021; and (3) how federal agencies identified threat information for the events of January 6, 2021 compared to other large demonstrations in Washington, D.C.

To conduct this work, GAO compared agency actions to process and share threat information with policies and procedures for conducting these activities. GAO interviewed officials and reviewed agency threat products. GAO did not review certain threat information that was subject to ongoing investigations or prosecutions. GAO also interviewed officials from the social media platforms Facebook, Parler, and Twitter about information they shared with federal agencies. This report is a public version of a sensitive report issued in January 2023. Information that agencies deemed sensitive has been omitted.