This is the accessible text file for GAO report number GAO-11-146 
entitled 'Employment Verification: Federal Agencies Have Taken Steps 
to Improve E-Verify, but Significant Challenges Remain' which was 
released on January 18, 2010. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as 
part of a longer term project to improve GAO products' accessibility. 
Every attempt has been made to maintain the structural and data 
integrity of the original printed product. Accessibility features, 
such as text descriptions of tables, consecutively numbered footnotes 
placed at the end of the file, and the text of agency comment letters, 
are provided but may not exactly duplicate the presentation or format 
of the printed version. The portable document format (PDF) file is an 
exact electronic replica of the printed version. We welcome your 
feedback. Please E-mail your comments regarding the contents or 
accessibility features of this document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

United States Government Accountability Office: 
GAO: 

Report to the Subcommittee on Social Security, Committee on Ways and 
Means, House of Representatives: 

December 2010: 

Employment Verification: 

Federal Agencies Have Taken Steps to Improve E-Verify, but Significant 
Challenges Remain: 

GAO-11-146: 

GAO Highlights: 

Highlights of GAO-11-146, a report to the Subcommittee on Social 
Security, Committee on Ways and Means, House of Representatives. 

Why GAO Did This Study: 

E-Verify is a system to electronically verify work eligibility and 
operated by the Department of Homeland Security’s (DHS) U.S. 
Citizenship and Immigration Services (USCIS) and the Social Security 
Administration (SSA). GAO testified in June 2008 that ensuring 
accuracy and combating fraud were challenges facing E-Verify. As 
requested, GAO examined the extent to which USCIS and SSA took efforts 
to (1) reduce tentative nonconfirmations (TNC) and E-Verify’s 
vulnerability to fraud, (2) safeguard employee personal information, 
and (3) prepare for possible mandatory use by all employers 
nationwide. GAO reviewed key policy and procedural documents, 
interviewed relevant DHS and SSA officials, and conducted site visits 
to three states selected, in part, based on employer types. 

What GAO Found: 

Since GAO last testified in June 2008, USCIS has taken several steps 
to improve the accuracy of the E-Verify system, including expanding 
the number of databases queried through E-Verify and instituting 
quality control procedures. As a result, USCIS data indicate that E-
Verify immediately confirmed about 97.4 percent of almost 8.2 million 
newly hired employees as work authorized during fiscal year 2009, 
compared to 92 percent from fiscal year 2006 to the second quarter of 
fiscal year 2007. However, E-Verify errors persist. Also, if an 
authorized employee’s name is recorded differently on various 
authorizing documents, the E-Verify system is to issue a TNC for the 
employee. Because such TNCs are more likely to affect foreign-born 
employees, they can lead to the appearance of discrimination. USCIS 
has not disseminated information to employees advising them of the 
importance of consistently recording their names on documentation 
provided to employers, and doing so could help USCIS reach its goal to 
ensure data accuracy. Furthermore, E-Verify remains vulnerable to 
identity theft and employer fraud. Resolving these issues will be 
important in combating fraud in the employment verification process. 

USCIS has taken steps to minimize risks to the privacy of personal 
information for new employees who are processed through E-Verify by, 
among other things, publishing privacy notices for the E-Verify 
program. However, employees are limited in their ability to identify 
the source of and how to correct information in DHS databases that may 
have led to an erroneous TNC. To identify and access the source of the 
incorrect data, employees must use methods such as Privacy Act 
requests, which, in fiscal year 2009, took on average 104 days. DHS 
officials acknowledged that the current process for employees to 
correct their personal records could be improved and said they are 
discussing ways to provide employees with better access to relevant 
information. By developing procedures that could enable employees to 
effectively correct any inaccurate personal information, DHS 
components could help employees avoid receiving erroneous TNCs. 

USCIS and SSA have taken actions to prepare for possible mandatory 
implementation of E-Verify for all employers nationwide by addressing 
key practices for effectively managing E-Verify system capacity and 
availability and coordinating with each other in operating E-Verify. 
However, USCIS’s lifecycle cost estimates for E-Verify do not reliably 
depict current costs (i.e., do not include all costs associated with 
maintaining and operating E-Verify) and SSA’s estimates do not 
consider the risk associated with changes in SSA’s E-Verify workload. 
Without DHS developing reliable life cycle cost estimates for E-
Verify, and SSA assessing the risk associated with its E-Verify 
workload, the agencies are at increased risk of not securing 
sufficient resources to effectively execute program plans in the 
future. 

What GAO Recommends: 

GAO recommends, among other things, that USCIS disseminate information 
to employees on the importance of consistently recording their names, 
DHS components develop procedures to help employees correct inaccurate 
personal information, USCIS develop reliable cost estimates for E-
Verify, and SSA assess risks associated with its E-Verify workload 
costs. DHS and SSA generally agreed with most of GAO’s 
recommendations. SSA disagreed that it should assess risks associated 
with its workload costs because it believes it already does so. GAO 
believes the recommendation is valid because SSA’s risk estimate has 
limitations as discussed in the report. 

View [hyperlink, http://www.gao.gov/products/GAO-11-146] or key 
components. For more information, contact Richard M. Stana at (202) 
512-8777 or stanar@gao.gov. 

[End of section] 

[Refer to PDF for image] 

[End of figure] 

Contents: 

Letter: 

Background: 

USCIS and SSA Reduced TNCs, but the Accuracy of E-Verify Continues to 
Be Limited by Inconsistent Recording of Both Employees' Names and 
Fraud: 

USCIS Has Taken Several Actions to Address Employer Noncompliance but 
Remains Limited in Its Ability to Identify and Prevent Employer Misuse: 

DHS Has Instituted Employee Privacy Protections for E-Verify, but 
Resolving Erroneous TNCs and FNCs and Combating Discrimination Can Be 
Challenging: 

USCIS and SSA Have Taken Actions to Prepare for Mandatory 
Implementation of E-Verify by Adopting Practices for Effectively 
Managing E-Verify System Capacity, but They Face Challenges in 
Estimating Costs: 

Conclusions: 

Recommendations for Executive Action: 

Agency Comments and Our Evaluation: 

Appendix I: Objectives, Scope, and Methodology: 

Appendix II: The Fair Information Practice Principles: 

Appendix III: Comments from the Department of Homeland Security: 

Appendix IV: Comments from the Social Security Administration: 

Appendix V: GAO Contact and Staff Acknowledgments: 

Tables: 

Table 1: USCIS Initiatives to Reduce TNCs: 

Table 2: Effective Practices for Capacity Management and Planning and 
the Extent to Which USCIS and SSA Have Addressed Each Practice: 

Table 3: GAO's Characteristics of a Reliable Cost Estimate: 

Table 4: Fair Information Practice Principles: 

Figures: 

Figure 1: The E-Verify Process for Employees Attesting to Be U.S. 
Citizens on the Form I-9: 

Figure 2: The E-Verify Process for Employees Attesting to Be Non-U.S. 
Citizens on the Form I-9: 

Figure 3: E-Verify Results for Fiscal Year 2009: 

Abbreviations: 

CBP: U.S. Customs and Border Protection: 

CRCL: Office for Civil Rights and Civil Liberties: 

DHS: Department of Homeland Security: 

FNC: final nonconfirmation: 

ICE: U.S. Immigrations and Customs Enforcement: 

IRCA: Immigration Reform and Control Act of 1986: 

IT: information technology: 

MOU: memorandum of understanding: 

Numident: Numerical Identification File: 

OIG: Office of the Inspector General: 

OMB: Office of Management and Budget: 

OSC: Office of Special Counsel for Immigration-Related Unfair 
Employment Practices: 

SSA: Social Security Administration: 

TNC: tentative nonconfirmation: 

USCIS: U.S. Citizenship and Immigration Services: 

VIS: Verification Information System: 

[End of section] 

United States Government Accountability Office: 
Washington, DC 20548: 

December 17, 2010: 

The Honorable Earl Pomeroy: 
Acting Chairman: 
The Honorable Sam Johnson: 
Ranking Member: 
Subcommittee on Social Security: 
Committee on Ways and Means: 
House of Representatives: 

The opportunity for employment is one of the most powerful magnets 
attracting immigrants to the United States. There were approximately 
an estimated 11 million unauthorized immigrants living in the country 
in early 2009, and an estimated 7.8 million of them, or about 70 
percent, were in the labor force, according to the Pew Hispanic 
Center. Congress, the administration, and states have taken various 
actions to better ensure that those who work here have appropriate 
work authorization and to safeguard jobs for authorized employees. 
Nonetheless, opportunities remain for unscrupulous employers to hire 
unauthorized workers and for unauthorized workers to fraudulently 
obtain employment even when employers seek to hire an authorized 
workforce. Immigration experts believe that as long as opportunities 
for employment exist, the incentive to enter the United States 
illegally or to overstay visas will persist and efforts to prevent 
illegal entry at U.S. borders will be undermined. Immigration experts 
have noted that deterring illegal immigration requires, among other 
things, a more reliable employment eligibility verification process 
and a more robust worksite enforcement capacity. 

To enhance efforts to verify employment eligibility, an electronic 
employment authorization system now known as E-Verify was created in 
1997 by the former U.S. Immigration and Naturalization Service as the 
result of statutory direction. E-Verify is a free, largely voluntary, 
Internet-based system operated by the Verification Division of U.S. 
Citizenship and Immigration Services (USCIS), a component within the 
Department of Homeland Security (DHS), in conjunction with the Social 
Security Administration (SSA).[Footnote 1] E-Verify provides employers 
a tool for detecting common types of fraudulent identity documents. 
The goals of E-Verify are to (1) reduce the employment of individuals 
unauthorized to work, (2) reduce discrimination, (3) protect employee 
civil liberties and privacy, and (4) prevent undue burden on 
employers. Pursuant to a 2007 Office of Management Budget (OMB) 
directive, all federal agencies are required to use E-Verify on their 
new hires and, as of September 8, 2009, certain federal contractors 
and subcontractors are required to use E-Verify for both newly hired 
employees working in the United States as well as existing employees 
working directly under the contract.[Footnote 2] In addition, a number 
of states have enacted laws or issued executive orders mandating that 
some or all employers within the state use E-Verify on new hires. From 
October 2009 through August 2010, E-Verify processed approximately 
14.9 million queries from nearly 222,000 participating employers. 

In August 2005, we reported that E-Verify was unable to detect 
identity fraud and ensure employer compliance with the program's 
rules.[Footnote 3] In June 2008, we testified that USCIS and SSA had 
taken actions to enhance the E-Verify program but continued to face 
challenges.[Footnote 4] One challenge was related to USCIS's ability 
to reduce instances in which work authorized employees are not 
automatically confirmed by E-Verify. This situation could occur for 
several reasons, such as employees not updating their naturalization 
status in SSA databases in a timely manner or not informing SSA of a 
change in name. For the purposes of this report, we collectively refer 
to these situations--as well as those in which employers inadvertently 
make errors in data entry when making E-Verify queries, in which 
employees provide inconsistent personal information to government 
agencies, and in which government databases contain errors unrelated 
to an employer's or employee's action--as erroneous tentative 
nonconfirmations (TNC).[Footnote 5] Another challenge was related to 
USCIS's ability to detect the use of fraudulent and stolen identity 
documents, and identify and curb employer fraud and misuse of the 
program. We also testified that mandatory implementation of E-Verify 
would place increased demands on USCIS's and SSA's resources. An 
evaluation report issued by the Westat Corporation (Westat) in 
December 2009 stated, among other things, that E-Verify could not 
detect identity fraud in the majority of cases where unauthorized 
workers presented their employers with valid documents that were 
stolen or borrowed.[Footnote 6] To address these and other issues, 
legislators and immigration experts have proposed a variety of 
potential solutions, including the creation and implementation of an 
alternative employment eligibility system to replace E-Verify. Other 
proposals have included adding biometric information or personal 
identity numbers to E-Verify to prevent identity fraud, and creating a 
database that would enable individuals to self-verify their employment 
eligibility prior to obtaining or changing employment. 

In response to your request that we review the E-Verify program, we 
examined the progress that USCIS and SSA have made since we testified 
in June 2008. Specifically, we examined the extent to which: 

* USCIS has reduced the incidence of TNCs and E-Verify's vulnerability 
to fraud, 

* USCIS has improved its ability to monitor and ensure employer 
compliance with E-Verify program policies and procedures, 

* USCIS has provided safeguards for employees' personal information in 
E-Verify and enabled employees to correct inaccurate information, and: 

* USCIS and SSA have taken steps to prepare for mandatory E-Verify 
implementation. 

To address our first objective, we analyzed our previous reports on E-
Verify, as well as reports by other federal agencies and immigration 
policy organizations. We interviewed senior officials at the State 
Department and the American Association of Motor Vehicle 
Administrators regarding sharing information with USCIS. We reviewed 
videos developed by USCIS's Verification Division, the division 
overseeing the E-Verify program, and DHS's Office for Civil Rights and 
Civil Liberties (CRCL) that explain how to resolve TNCs, and SSA 
documentation intended to assist employees with name and citizenship 
changes. We analyzed data on the results of E-Verify cases for fiscal 
year 2009. We interviewed senior E-Verify program officials at USCIS's 
Verification Division and SSA officials about their procedures for 
ensuring data quality in the E-Verify transaction database and 
Numerical Identification File (Numident), respectively.[Footnote 7] 
Based on our analysis, we determined that these data were sufficiently 
reliable for the purposes of our report. We also reviewed an E-Verify 
evaluation released by Westat in December 2009. Although the data were 
subject to various sources of error, which Westat acknowledged, we 
believe Westat's approach was appropriate and produced credible 
estimates of the accuracy of E-Verify. 

To address our second objective, we analyzed E-Verify standard 
operating procedures, the E-Verify tutorial and mastery test, 
documentation on E-Verify educational activities, and USCIS's staffing 
model and training plan for its Monitoring and Compliance Branch. We 
conducted interviews with senior DHS officials in USCIS, U.S. 
Immigration and Customs Enforcement (ICE), and CRCL, as well as in the 
Office of Special Counsel for Immigration-Related Unfair Employment 
Practices (OSC) within the Department of Justice's Civil Rights 
Division to determine what procedures were in place to address and 
sanction employer noncompliance with E-Verify program rules, and the 
extent to which the agencies were coordinating with one another to 
address employer noncompliance. We also analyzed an interagency 
agreement between USCIS and ICE, and reviewed previous GAO reports 
that discussed practices for evaluating the effectiveness of training 
and development programs. 

To address our third objective, we analyzed documentation from USCIS, 
including procedures for resolving DHS-related TNCs. We conducted 
interviews with privacy officials at USCIS to determine what, if any, 
challenges exist in resolving these TNCs. We assessed the extent to 
which USCIS's privacy policies and documents for the E-Verify program 
were consistent with DHS's Fair Information Practice Principles. We 
reviewed SSA's processes for resolving TNCs and SSA staff's use of the 
automated response system for TNCs (EV-STAR) to determine how they 
affect employment authorization decisions. We also analyzed an 
interagency agreement between USCIS and OSC to determine the extent to 
which the agencies are coordinating to address discrimination issues 
related to employer use of E-Verify. We interviewed officials from 
DHS's Privacy Office and CRCL and from OSC to discuss their roles and 
responsibilities for assisting employees in dealing with issues 
related to civil rights and civil liberties, specifically privacy and 
discrimination, and their efforts to coordinate with USCIS on E-Verify 
issues. We also interviewed senior officials at SSA to discuss SSA's 
processes for resolving TNCs and recording decisions into E-Verify. 

To address our fourth objective, we assessed USCIS's and SSA's 
existing system capacity requirements and life cycle cost estimates 
and SSA's workload estimates. We compared documentation on the 
agencies' processes and procedures for managing and planning system 
capacity and availability with widely accepted industry practices. 
[Footnote 8] To determine the reliability of USCIS's and SSA's cost 
estimates, and their ability to predict future costs in the case of 
mandatory implementation, we interviewed senior program officials at 
both agencies and analyzed the derivation of the cost estimates 
relative to four characteristics of a reliable cost estimate as 
defined in our Cost Estimating and Assessment Guide.[Footnote 9] For 
each characteristic, we computed an average score that indicated the 
extent to which the agencies met that characteristic of a reliable 
cost estimate. We also performed analyses on SSA's TNC database to 
determine the validity of SSA's calculations for its workload 
estimates, and determined that the calculations were valid. 

To gain a better understanding of how E-Verify is implemented in some 
states and of users' experiences with E-Verify, we conducted site 
visits to three states with E-Verify laws--Colorado, North Carolina, 
and Arizona. We selected these states based on the length of time each 
state's E-Verify law had been in effect, the range of employer types 
covered by the law, and geographic dispersion. On these site visits, 
we interviewed state officials responsible for overseeing 
implementation of the state E-Verify law, representatives and 
employers from eight industry associations and four state and local 
chambers of commerce, representatives from eight immigrant advocacy 
groups, and E-Verify users from two state universities[Footnote 10]. 
While the views provided are not generalizable, they provided us with 
additional perspectives on the benefits and challenges associated with 
the E-Verify program. In each state, we also interviewed selected (1) 
SSA regional and field office representatives to obtain information on 
the effect of use of E-Verify in that state on SSA field office 
workloads and (2) ICE regional and field office representatives to 
determine ICE's role in assisting USCIS with E-Verify education, 
outreach, and employer compliance. (See appendix I for additional 
details on our scope and methodology.) 

We conducted this performance audit from June 2009 through December 
2010 in accordance with generally accepted government auditing 
standards. Those standards require that we plan and perform the audit 
to obtain sufficient, appropriate evidence to provide a reasonable 
basis for our findings and conclusions based on our audit objectives. 
We believe that the evidence obtained provides a reasonable basis for 
our findings and conclusions based on our audit objectives. 

Background: 

Legislative History: 

The Immigration Reform and Control Act of 1986 (IRCA) made it illegal 
for employers to knowingly hire immigrants who were unauthorized to 
work in the United States.[Footnote 11] IRCA established an employment 
verification process--the Form I-9 process--that required employers to 
review documents presented by new employees to establish their 
identity and employment eligibility.[Footnote 12] Employers are 
required to certify that they have reviewed the documents presented by 
their employees and that the documents reasonably appear genuine and 
relate to the individual presenting them. Like all employers, 
employers participating in E-Verify are required to retain Form I-9s 
for all newly hired employees in accordance with IRCA. IRCA provides 
penalties or sanctions against employers that knowingly violate the 
law. ICE is responsible for enforcing IRCA's employer sanctions 
provisions. IRCA also prohibits employers from discriminating against 
employees based on their citizenship or immigration status or national 
origin. OSC is responsible for enforcing IRCA's antidiscrimination 
provisions. 

Employer Use of E-Verify: 

To participate in E-Verify, employers are required to have access to 
basic office equipment, including a computer and printer, as well as 
Internet access with a secure Web browser. To use E-Verify, an 
employer is required to register as a user and sign a Memorandum of 
Understanding (MOU) with DHS agreeing to follow the program's rules. 
[Footnote 13] By signing the MOU, the employer agrees, among other 
things, to use the system only for new hires--or, in the case of 
federal contractors, to use the system both for new hires and for 
existing employees assigned to a federal contract--post a notification 
that the employer is an E-Verify participant, and verify the 
employment eligibility of new hires within 3 business days after the 
employee begins work.[Footnote 14] The MOU also requires employers to 
comply with antidiscrimination requirements and prohibits employers 
from prescreening job applicants through E-Verify prior to hiring 
them, selectively choosing to verify or not verify new hires based on 
their citizenship status or national origin, or taking any adverse 
action against employees who choose to contest a TNC. Employers who 
register with E-Verify are required to take the E-Verify tutorial and 
pass the mastery test before submitting information into the system. 
Employers participating in E-Verify are required to enter information 
from the employee's Form I-9 into E-Verify, which is a secure, USCIS-
run Web-based interface. E-Verify is then to route the information to 
the appropriate data sources to determine employment eligibility. All 
information related to E-Verify transactions is stored in the 
Verification Information System (VIS), USCIS's centralized database 
for E-Verify. 

For citizens, information from the employee's Form I-9 is first 
checked against SSA's Numident database.[Footnote 15] If there is a 
match, the system is to instantly notify the employer that the 
employee is eligible to work. If there is no match, the system is 
designed to instantly request that the employer check for possible 
input errors and, if the employer makes no changes, the system is to 
automatically check USCIS's naturalization databases to verify the 
employee's citizenship status. For employees who present a United 
States passport as identification for the Form I-9, E-Verify is to 
automatically check the TECS database, which is operated by DHS's U.S. 
Customs and Border Protection (CBP).[Footnote 16] TECS is a law 
enforcement database that among other things, stores information on 
U.S. passport holders. If the passport data in TECS and the 
information recorded on the employee's passport do not match, the 
system is to issue a TNC for the employee. If the employee provides 
identity information other than that from a passport--such as a 
driver's license--and this information does not match either SSA's or 
DHS's data, then the system is also to issue a TNC. In both instances, 
the system is to transmit the TNC finding to the employer, which 
notifies the employee of the TNC. An employer is required to inform 
the employee of the TNC in writing by providing a system-generated 
notice of the finding and the employee's right to contest it. 
Employees can choose whether to contest a TNC, and if an employee 
decides to contest it, the employer must electronically refer the TNC 
case in E-Verify to either SSA or DHS and provide the employee with an 
additional system-generated referral letter, indicating the specific 
agency--SSA or DHS---the employee should contact to contest the TNC. 
Once the employer refers the case to the appropriate agency, the 
employee has 8 federal working days to initiate contact with the 
agency. Employees who do not initiate contact with SSA or DHS to 
resolve their TNC within 8 federal business days are to receive a 
final nonconfirmation (FNC). The E-Verify process for those attesting 
to be U.S. citizens on their Form I-9s is depicted in figure 1. 

Figure 1: The E-Verify Process for Employees Attesting to Be U.S. 
Citizens on the Form I-9: 

[Refer to PDF for image: illustration] 

1) Employer enters new employee information from the Form I-9 into the 
E-Verify Web interface. 

2) System attempts to match Form I-9 data with SSA database. Is there 
a match? 
If yes, go to #4; 
If no, go to #3. 

3) SSA Pre-TNC check conducted. Is there a match? 
If yes, go to #4; 
If no, go to #7. 

4) Based on Form I-9 data, can citizenship status be verified? 
If yes, go to #6; 
If no, go to #5. 

5) USCIS naturalization databases automatically checked. Is 
citizenship status verified? 
If yes, go to #6; 
If no, and passport is not presented with Form I-9, go to #8. 
If no, and passport is presented with Form I-9 and pastport data, go 
to #7. 

6) Confirmed work authorized. 

7) CBP database with U.S. passport information is automatically 
checked. Is citizenship status verified? 
If yes, go to #6. 
If no, go to #8. 

8) TNC issued. Does employee resolve TNC with SSA? 
If yes, go to #6. 
If no, go to #9. 

9) If U.S. citizenship status is not confirmed, employee given option 
to call DHS. Does employee contact DHS? 
If yes, go to #10; 
If no, go to #12. 

10) USCIS management program analyst compares employee data with 
various data sources. Is citizenship status verified? 
If yes, go to #6; 
If no, go to #11. 

11) Case referred back to SSA. 
Go to #8. 

12) SSA final nonconfirmation. 

Sources: GAO analysis of E-Verify’s procedures for verifying work 
authorization for U.S. citizens; and Art Explosion (clipart). 

[End of figure] 

For noncitizens, information from the employee's Form I-9 is first 
checked against SSA's Numident database and, if there is a match, E- 
Verify is to route the information to DHS databases to determine if 
DHS granted employment authorization to the employee.[Footnote 17] If 
DHS data verify the employee's information, then E-Verify is to 
instantly notify the employer that the employee is eligible to work. 
For noncitizens who show a Permanent Resident ("green") card or 
employment authorization document as proof of identity and employment 
eligibility, the system is to transmit a digitally stored photograph 
of the employee to the employer.[Footnote 18] It is the employer's 
responsibility to determine whether the photograph provided by the 
employee matches the electronic photograph provided by E-Verify. If 
the employer determines that the photograph on the document provided 
by the employee matches the electronic photograph transmitted by E-
Verify, then the employer is to input this decision into E-Verify, and 
E-Verify is to issue an employment authorized finding. If the employer 
determines that the photographs do not match, the employer is to input 
this decision into E-Verify, and the system is to issue a TNC. If 
DHS's data (for example, the employee's name) do not match the 
employee information that the employer entered into E-Verify, E-Verify 
is to instantly request that the employer check for possible input 
errors. If the employer makes no changes to the information previously 
submitted, the information is sent to a USCIS management program 
analyst to manually query other DHS databases and determine if the 
employee is eligible to work. If the analyst cannot confirm the 
employee's work eligibility, E-Verify is to issue a TNC and transmit 
the TNC finding to the employer. An employer is required to inform the 
employee in writing by providing a system-generated notice of the TNC 
finding and the employee's right to contest it. As stated above, 
employees can choose whether to contest the TNC, and if an employee 
decides to contest it, the employer must electronically refer the TNC 
case in E-Verify to SSA or DHS and provide the employee with an 
additional system-generated referral letter that indicates the 
specific agency the employee should contact to contest the TNC. Once 
the employer electronically refers the case to the appropriate agency 
in E-Verify, employees have 8 federal working days to initiate contact 
with either agency. Employees who do not initiate contact with either 
SSA or DHS to resolve their TNC with SSA within 8 business days are to 
receive a FNC.[Footnote 19] The E-Verify process for those attesting 
to be non-U.S. citizens on Form I-9 is depicted in figure 2. 

Figure 2: The E-Verify Process for Employees Attesting to Be Non-U.S. 
Citizens on the Form I-9: 

[Refer to PDF for image: illustration] 

1) Employer enters new employee information from the Form I-9 into the 
E-Verify Web interface. 

2) SSA: System attempts to match Form I-9 data with SSA database. Is 
there a match? 
If yes, go to #3; 
If no, go to #7. 

3) UCSIS: System compares Form I-9 data with DHS databases. Is there a 
match? 
If yes, go to #4; 
If no, go to #9. 

4) USCIS: Eligible for photo matching. 
If yes, go to #5; 
If no, go to #6. 

5) USCIS: Is there a photo match? 
If yes, go to #6; 
If no, go to #11. 

6) USCIS: Confirmed work authorized. 

7) SSA: SSA pre-TNC check conducted. Is there a match? 
If yes, go to #3; 
If no, ho to #8. 

8) SSA: SSA TNC issued. Does employee resolve TNC with SSA? 
If yes, go to #3; 
If no, go to #12. 

9) USCIS: DHS Pre-TNC check conducted. Is there a match? 
If yes, go to #4; 
If no, go to #10. 

10) USCIS: USCIS management program analyst checks other DHS 
databases. Is there a match? 
If yes, go to #6; 
If no, go to #11. 

11) USCIS: DHS TNC issued. Does employee resolve TNC with USCIS? 
If yes, go to #6; 
If no go to #12. 

12) Final nonconfirmation. 

Sources: GAO analysis of E-Verify’s procedures for verifying work 
authorization for non-U.S. citizens; Art Explosion (clipart). 

[End of figure] 

For an employee who does not initiate contact with SSA or DHS within 
the 8 federal working days allowed for resolving a TNC, the system is 
to issue a FNC and the employer is expected to promptly terminate the 
employee's employment. Employers may not take any adverse action 
against an employee on the basis of a TNC, such as limiting work 
assignments or pay or terminating the employee while the employee is 
attempting to resolve any inaccuracies in his or her records. 

USCIS and SSA Coordination for E-Verify Operation: 

The fiscal year 2010 DHS Appropriations Act reauthorized the E-Verify 
program through September 30, 2012, and provided USCIS $137 million 
for program operations.[Footnote 20] Pursuant to a reimbursable 
agreement, at the beginning of each fiscal year, USCIS pays SSA the 
costs for maintaining its system operations, as well as the projected 
costs for assisting employees with resolving TNCs. At the end of each 
fiscal year, SSA and USCIS reconcile any differences between actual 
costs and estimates, and SSA is to return any unspent funds to USCIS. 
USCIS provides SSA estimates of anticipated transaction volumes to 
help SSA estimate its future costs for operating E-Verify. In fiscal 
year 2009, USCIS reimbursed SSA approximately $21.6 million for 
operating E-Verify, $14 million of which was for SSA developing a new 
operating environment specifically designed for use by E-Verify. This 
system, known as the Isolated Environment, processes E-Verify 
transactions against a copy of SSA's Numident database, and allows SSA 
to isolate its processing of E-Verify cases from its mission-critical 
workloads, such as processing disability or retirement claims. 

Recent Studies on E-Verify: 

Since our June 2008 testimony, USCIS contracted with Westat for an 
independent evaluation of E-Verify, which was issued in December 2009. 
[Footnote 21] Westat analyzed E-Verify transaction data for April 
through June 2008 to determine how many employees were authorized to 
work, received a TNC, or received an FNC. Westat concluded that USCIS 
had decreased the time for employers to process cases through E-Verify 
and reduced the percentage of erroneous TNCs.[Footnote 22] However, 
USCIS continued to face challenges in detecting most cases of identity 
fraud, especially for unauthorized employees who used the legitimate 
documentation of employment-authorized persons, and in ensuring 
employer compliance with E-Verify procedures. 

In January 2010, the SSA Office of the Inspector General (OIG) 
reported on SSA's use of E-Verify.[Footnote 23] Based on 9,311 new 
hires for fiscal year 2008 through March 31, 2009, the OIG reported 
that SSA did not use E-Verify to confirm the employment eligibility of 
1,767 (19 percent) of the new hires, 54 of which were new hires who 
transferred from other federal agencies with no break in federal 
employment, and according to SSA staff, were not required to be 
verified through E-Verify. Of the 7,544 new hires processed through E- 
Verify, SSA did not comply with the 3-day time requirement for 
verifying all new hires' employment eligibility. The OIG also reported 
that SSA verified the employment eligibility of 26 employees who were 
not new hires but had applied for new positions within the agency, 31 
volunteers who were not federal employees, and 18 job applicants who 
SSA did not hire. All of these practices are prohibited by the MOU 
that employers sign when registering for E-Verify. To help SSA better 
comply with E-Verify procedures, the OIG recommended, among other 
things, that SSA confirm the employment eligibility of the 1,713 new 
hires through E-Verify and establish guidance to remind staff of the 
requirements of the E-Verify MOU. SSA told us that the agency has 
taken steps to address the OIG's recommendations. First, SSA personnel 
offices verified those employees not initially verified under E-Verify 
to ensure that the agency was in compliance with applicable policies 
[Footnote 24]. In March 2010, SSA also sent guidance to each regional 
SSA field office to remind staff to follow E-Verify policy regarding 
verifying all new hires, conducting verification queries within 3 
business days, and prohibiting the verification of existing SSA 
employees and SSA volunteers. SSA also provided its regional field 
offices with two E-Verify videos developed by DHS to provide a variety 
of scenarios regarding information on employer responsibilities and 
workers' rights related to the Form I-9 and the use of E-Verify. 

USCIS and SSA Reduced TNCs, but the Accuracy of E-Verify Continues to 
Be Limited by Inconsistent Recording of Both Employees' Names and 
Fraud: 

USCIS has reduced TNCs from 8 percent during the time period June 2004 
through March 2007 to almost 2.6 percent in fiscal year 2009 by 
expanding the number of databases queried through E-Verify and 
instituting quality control procedures to address data entry errors. 
However, erroneous TNCs related to name inconsistencies, such as 
employees' names recorded differently on various authorizing 
documents, remain an issue. Erroneous TNCs resulting from such 
inconsistencies can create the appearance of discrimination because of 
their disparate impact on certain cultural groups. USCIS has taken 
some actions to address cases of document fraud, but E-Verify 
continues to remain vulnerable to identity theft and employer fraud. 

USCIS Has Reduced the Number of TNCs and Enhanced System Efficiencies 
to Better Allow Employees to Resolve TNCs: 

USCIS has reduced TNCs from 8 percent during the time period June 2004 
through March 2007 to almost 2.6 percent in fiscal year 2009. USCIS 
data indicate that about 97.4 percent of almost 8.2 million newly 
hired employees were immediately confirmed as work authorized by E- 
Verify during fiscal year 2009, compared to 92 percent during June 
2004 through March 2007. This represents a 5.4 percentage point 
increase in immediate confirmations and, in turn, a 5.4 percentage 
point decrease in TNCs. As shown in figure 3, in fiscal year 2009, 
about 2.6 percent or over 211,000 of newly hired employees received 
either a SSA or USCIS TNC, including about 0.3 percent who were 
determined to be work eligible after they contested a TNC and resolved 
errors or inaccuracies in their records, and about 2.3 percent, or 
about 189,000, received an FNC because their employment eligibility 
status remained unresolved. The approximately 2.3 percent who received 
an FNC consisted of both unauthorized employees and authorized 
employees who chose not to contest their TNCs, among others. However, 
USCIS was unable to determine how many of these employees (1) were 
authorized employees who did not take action to resolve a TNC because 
they were not informed by their employers of their right to contest 
the TNC, (2) independently decided not to contest the TNC, or (3) were 
not eligible to work. 

Figure 3: E-Verify Results for Fiscal Year 2009: 

[Refer to PDF for image: pie-chart] 

Percentage of employees automatically confirmed as work authorized: 
97.4%; 
Percentage of employees receiving final nonconfirmations: 2.3%; 
Percentage of employees who receive TNCs later confirmed as work 
authorized: 0.3%. 

Source: GAO analysis of DHS data. 

[End of figure] 

USCIS has reduced TNCs and increased E-Verify accuracy by expanding 
the number of databases that E-Verify can query and instituting 
quality control procedures to screen for data entry errors. For 
example, as we testified in June 2008, USCIS implemented the 
Naturalization Phase I enhancement, which automatically checks USCIS 
naturalization databases before E-Verify issues an SSA TNC because of 
a citizenship status mismatch. According to USCIS, this reduced the 
number of SSA TNCs for naturalized citizens by about 35 percent in 
fiscal year 2009.[Footnote 25] In addition to what we reported in our 
June 2008 testimony, USCIS has undertaken three other initiatives to 
reduce the number of erroneous TNCs. Table 1 presents information on 
the nature and the results of these initiatives. 

Table 1: USCIS Initiatives to Reduce TNCs: 

Initiative: Pre-TNC check; 
Description: In September 2007, USCIS released an enhancement to E-
Verify that automatically requires employers to double check their 
entry of employee information into E-Verify if the system determines 
that the employee is not work authorized; 
Results reported by USCIS[A]: Reduced TNCs by 36 percent from October 
2007 to August 2010. 

Initiative: Passport data; 
Description: In December 2008, USCIS and the State Department signed 
an MOU to reduce SSA mismatches because of citizenship status for 
employees who present their U.S. passports as evidence of employment 
eligibility. If employees present their passport as identification for 
the Form I-9, E-Verify will automatically check their passports 
against passport records to determine citizenship status. USCIS began 
using passport data to reduce citizenship mismatches in February 2009; 
Results reported by USCIS[A]: Prevented about 65,426 erroneous TNCs 
from occurring from February 2009 through August 2010. 

Initiative: Record matching initiative; 
Description: In December 2009, USCIS added a quality control 
capability that enables E-Verify to recognize European date format and 
common clerical errors of transposed visa and passport numbers; 
Results reported by USCIS[A]: Prevented about 1,914 erroneous TNCs 
from occurring from December 2009 through August 2010. 

Source: USCIS. 

[A] We reviewed USCIS's E-Verify transaction database from which USCIS 
generated these statistics and found the data sufficiently reliable 
for reporting purposes. 

[End of table] 

USCIS and SSA have taken additional actions to try to increase the 
accuracy of the E-Verify system. For example: 

* In fiscal year 2009, working with USCIS, SSA added language to 
USCIS's A Guide to Naturalization, a booklet that is given to 
individuals at the naturalization ceremony, to emphasize the 
importance of visiting the local SSA office to report a change in 
citizenship status. Among other things, the booklet notes the 
importance of updating citizenship status for employment authorization 
purposes, as well as updating any name changes.[Footnote 26] 

* DHS is in the planning stages of developing a data-sharing 
initiative, called DHS Autocards, to update SSA's Numident database 
with information from DHS databases on foreign-born individuals who 
change citizenship status. Through DHS Autocards, it is anticipated 
that USCIS will electronically transmit data (including immigration 
status updates) to SSA for individuals who apply for immigration 
benefits at offices within the United States. This transmittal is to 
be done only with an individual's consent. According to SSA, DHS 
Autocards should reduce visits to SSA field offices and improve the 
integrity of SSA's replacement card process by sending information 
directly to SSA from USCIS. 

Inaccuracies and Inconsistencies in Recording Employees' Names 
Continue to Produce Erroneous TNCs: 

Erroneous TNCs occur, in part, because of inaccuracies and 
inconsistencies in how personal information is recorded on employee 
documents, in government databases, or both. For example, personal 
information in employee documents may differ from that in government 
databases if, for example, employees naturalize or marry or divorce 
and change their names without informing SSA or DHS of the name 
change. Additionally, employees' personal information may be 
inaccurate if the first or last name is incorrectly spelled in 
government databases or on identification documents. Further, 
individuals from certain cultural groups, such as those of Hispanic or 
Arab origin, may have multiple surnames that are recorded differently 
on their naturalization documents than on their Social Security cards. 
Such names could be recorded in a different order on the two 
documents, or one document may contain all the surnames while the 
other document may contain an abbreviated version of the surnames. 
Erroneous TNCs resulting from such inconsistencies can create the 
appearance of discrimination because of their disparate impact on 
certain cultural groups. According to USCIS, of 22,512 TNCs resulting 
from name mismatches in fiscal year 2009, approximately 76 percent, or 
17,098, were for citizens, and approximately 24 percent, or 5,414, 
were for noncitizens. Using USCIS's and SSA's estimates that about 60 
million queries would be generated annually under E-Verify if the 
program were made mandatory for new hires nationwide, about 164,000 
citizens and noncitizens would receive a name-related TNC each year. 
However, this number would greatly increase if E-Verify were made 
mandatory for all employees nationwide and not just new hires[Footnote 
27]. USCIS reported that it has contracted with Westat to conduct a 
study on the effect of complex names, name order, and hyphenated names 
on E-Verify TNCs. [Footnote 28] 

In our site visits, 5 of 25 employers commented that TNCs are more 
likely to occur in situations where Hispanic employees have hyphenated 
or multiple surnames.[Footnote 29] In these situations, employers are 
sometimes uncertain which name to enter into the E-Verify fields 
calling for an employee's first name, last name, and maiden name. 
USCIS has included information on its Web site to help employers enter 
hyphenated names to reduce the incidence of erroneous TNCs. 

Senior E-Verify program officials stated that providing information to 
employees about how name-related TNCs occur and how to prevent them 
may help decrease the incidence of these types of erroneous TNCs. They 
stated that they may consider addressing this issue as they move 
forward with the E-Verify program, but did not specify how they would 
do this. USCIS has some mechanisms in place to help employees with the 
work authorization process, such as guidance on the E-Verify Web site, 
but the agency does not provide information on how to prevent a name- 
related TNC. USCIS and DHS's CRCL, the organization responsible for 
providing policy advice to DHS leadership on civil rights and civil 
liberties issues, developed a video that provides information to 
employees about how to resolve a name-related TNC. The video also 
provides viewers with some reasons for why TNCs occur, such as a name 
change due to marriage or errors in government databases, but does not 
specifically discuss ways to prevent them.[Footnote 30] In addition, 
DHS's A Guide to Naturalization makes clear that name changes have an 
effect on employment authorization, but it does not specify how name 
changes specifically relate to the E-Verify process. Furthermore, 
according to SSA officials, some SSA field office staff attend 
naturalization ceremonies to help newly naturalized citizens update 
their information in SSA databases, including citizenship status or 
name changes, but presence at these ceremonies is not required. 
Standards for Internal Control in the Federal Government states that 
agency management should ensure that there are adequate means of 
communicating with external stakeholders that may have a significant 
impact on the agency's goals.[Footnote 31] USCIS could better position 
employees to avoid an erroneous TNC if USCIS disseminated information 
to employees on the importance of providing consistent name 
information to employers, SSA, and DHS and on how to record their 
names consistently. Information could be disseminated, for example, 
through efforts such as (1) conducting outreach through CRCL's 
instructional video for employees, (2) incorporating language into 
DHS's A Guide to Naturalization, and (3) disseminating information at 
naturalization ceremonies. Disseminating information could also help 
to increase system accuracy consistent with USCIS's goal, by reducing 
erroneous TNCs.[Footnote 32] 

E-Verify Remains Vulnerable to Fraud, but USCIS Has Taken Steps to 
Reduce It: 

Despite USCIS and SSA's efforts to reduce erroneous TNCs, identity 
fraud remains a challenge in part because employers may not be able to 
determine if employees are presenting genuine identity and employment 
eligibility documents that are borrowed or stolen.[Footnote 33] E- 
Verify is to confirm all employees as employment authorized as long as 
the information entered into E-Verify matches DHS and SSA records. E- 
Verify also cannot detect cases in which an unscrupulous employer 
assists unauthorized employees by, for example, providing them with 
legitimate documents or ignoring a mismatch between the photograph 
that appears on the employee's permanent resident card and DHS's 
digital photograph of that individual. Of the 97.4 percent of 
employees who were confirmed as work authorized by E-Verify in fiscal 
year 2009, USCIS is unable to determine how many employees E-Verify 
incorrectly confirmed as authorized to work in the United States. 
Based on statistical models of E-Verify data for the period covering 
April through June 2008, Westat estimated that 6.2 percent of 
employees were not authorized to work in the United States, and that 
slightly over half of these employees were incorrectly confirmed by E-
Verify. This may indicate identity theft, employer fraud, or both. 

USCIS has taken actions to address fraud, most notably with the fiscal 
year 2007 implementation of the photo matching tool, which seeks to 
reduce fraud associated with the use of genuine documents in which the 
original photograph is substituted for another. The photo matching 
tool places the burden on employers to determine whether the 
photograph on the employee's permanent resident card or employment 
authorization document matches the digitally stored photograph within 
DHS databases. If the employer determines that the photos do not 
match, E-Verify rules require that the employer indicate in the system 
that the photographs do not match, the employee is to receive a TNC, 
and the employee is to be provided with an opportunity to contest the 
TNC. According to USCIS, from October 2009 to August 2010, there were 
393,574 cases that initiated E-Verify's photo matching tool. Of these 
cases, employers indicated that 1,569 employees' photos did not match. 
These nonmatch cases resulted in one contested TNC. USCIS told us that 
it is unable to determine what percentage of the 1,569 cases involves 
identity fraud because some individuals may not contest their TNC and 
USCIS does not have additional information on these cases. 

However, ICE officials in Arizona told us that unscrupulous employers 
have learned that the photo matching tool accepts only two documents-- 
permanent resident cards and employment authorization documents, which 
are heavily protected from tampering and counterfeiting--and, 
therefore, employers ask employees whom they believe are not work 
authorized to provide other identity documents that will not trigger 
the photo matching tool. Senior ICE officials told us that while ICE 
does not track statistics on documents used to satisfy the Form I-9 
requirements, they believe because of the small number of security 
features on most state driver's licenses, they are becoming 
increasingly popular for use as documentation for the Form I-9. While 
employers are not permitted to ask employees to provide specific types 
of documents for E-Verify under federal law, the ICE officials said 
that they know of instances in which employers directed employees to 
provide driver's licenses or other acceptable forms of identification. 
They said this has led to an increase in the fraudulent use of other 
documents, which are not part of the photo matching tool. Based on 
site visit data for October 2007 through June 2008, Westat's 2009 
report indicated that driver's licenses were presented as one form of 
identification in 53 percent of the cases resulting in TNCs. 

USCIS incorporated passport photographs and seeks to incorporate 
driver's licenses into the E-Verify database to help address the issue 
of identity fraud. In September 2010, pursuant to a signed agreement 
with the State Department, USCIS gained access to photographs of 
passport holders in State Department records and incorporated these 
into E-Verify. USCIS has also been negotiating with the Motor Vehicle 
Association in one state to pilot the use of driver's license data for 
E-Verify. USCIS reported that this pilot will begin in 2011.[Footnote 
34] Because of individual state privacy laws, USCIS said that it has 
been unable to negotiate with additional states to share driver's 
license data or photographs. USCIS has also identified additional 
tools to help combat identity theft. For example, USCIS is planning to 
develop a program that would allow victims of identity theft to "lock" 
their Social Security numbers within E-Verify until they need them to 
obtain employment authorization.[Footnote 35] According to USCIS, this 
program remains in the planning stages and is expected to be completed 
from fiscal years 2011 through 2012. 

Despite these efforts, identity fraud continues to be a challenge for 
E-Verify as well as for current employment verification processes. We 
have previously reported that weaknesses in the Form I-9 system, such 
as difficulty in detecting document and identity fraud and the large 
number of acceptable documents for proving work eligibility, have 
undermined the effectiveness of the employment verification process. 
[Footnote 36] Because E-Verify is an automated system based on the 
Form I-9, it possesses the same inherent weaknesses. One example of 
this was demonstrated in an enforcement action taken in December 2006 
by ICE against a meat processing plant that participated in E-Verify. 
During this investigation, ICE found that approximately 1,340 
employees--all of whom ICE believes were processed through E-Verify-- 
were not authorized to work in the United States. Of the 1,340 
unauthorized workers, 274 were charged with identity theft, including 
the use of valid Social Security numbers belonging to others to get 
jobs. ICE arrested one individual with immigration violation charges 
related to document fraud through this investigation. 

To help combat identity fraud, the use of biometrics has been included 
in proposed legislation before Congress as an element of comprehensive 
immigration reform. Leading biometric technologies include facial 
recognition, fingerprint recognition, hand geometry, and iris 
recognition. These technologies help to create a verifiable link 
between identity and authorizing documents and supplement the 
employer's review of documents on the Form I-9. However, implementing 
a biometric system has its own set of challenges. For example, the 
costs of biometric technology include the engineering efforts to 
design, develop, test, and implement the system, as well as the costs 
to employers for purchasing and maintaining the hardware and software. 
In some cases employers might not have access to the necessary office 
equipment to use such technology. In addition, according to CRCL, 
representatives of civil liberties groups, privacy experts, and 
government agencies have expressed concerns about issues such as the 
adequacy of protections for the use of biometric data. These are 
important issues that policymakers are currently considering. 
Resolving these issues will be important if this technology is to be 
effectively implemented in combating identity fraud in the employment 
verification process. 

USCIS Has Taken Several Actions to Address Employer Noncompliance but 
Remains Limited in Its Ability to Identify and Prevent Employer Misuse: 

Since our June 2008 testimony, USCIS has increased the number of staff 
for conducting monitoring and compliance activities, but does not yet 
have the technology to analyze the E-Verify transaction data in a way 
that would enable USCIS to discern complex patterns in the data that 
could be indicative of employer misuse. The Monitoring and Compliance 
Branch expects to implement an advanced data analysis system to 
support program activities in fiscal year 2012. USCIS's compliance 
efforts include educational activities designed to assist employers in 
complying with E-Verify policies and procedures; however, USCIS could 
take additional actions to determine whether its efforts are effective 
in reducing employer noncompliance. Furthermore, USCIS does not have 
the authority to sanction employers for intentional misuse of E-
Verify, other than terminating their participation in the program. 
USCIS is therefore limited in its ability to ensure compliance with E-
Verify policies and procedures. 

Monitoring and Compliance Staffing Has Increased, but the Branch's 
Data Analytic Capability Is Limited: 

Since our June 2008 testimony, USCIS has more than doubled the number 
of monitoring and compliance staff overseeing employers' use of E- 
Verify. USCIS increased E-Verify monitoring and compliance staff from 
21 in April 2008 to 52 in November 2009, and opened a regional office 
in Buffalo, New York, to house the additional staff. Of this total, 20 
staff in headquarters are responsible for identifying behaviors and 
activities that could be indicative of employer misuse, and 32 staff 
in the field are responsible for monitoring employers and conducting 
compliance activities. USCIS's fiscal year 2010 budget provided 
funding for USCIS to hire an additional 44 E-Verify monitoring and 
compliance analyst staff during fiscal years 2010 and 2011 to monitor 
employer use and help ensure employer compliance with E-Verify. 
According to USCIS's Verification Division Deputy Division Chief, 
USCIS hired 22 of the 44 analyst staff budgeted for in fiscal year 
2010 and plans to hire the additional 22 staff in fiscal year 2011. 
According to senior E-Verify program officials, plans are underway to 
open a second regional office in Lincoln, Nebraska, to house the 22 
staff budgeted for in fiscal year 2011, as well an additional 58 staff 
to provide outreach and customer support for E-Verify's monitoring and 
compliance activities. USCIS has begun to interview candidates for 
these positions in anticipation of opening the office this fiscal year. 

Staff in the Monitoring and Compliance Branch's monitoring section are 
tasked with identifying trends in employer use of E-Verify that may 
indicate noncompliance with E-Verify. They examine employer behavior 
by manually reviewing E-Verify transaction data stored in VIS. To 
identify incidents of noncompliance, monitoring analysts are to look 
for six employer behaviors.[Footnote 37] Staff in the branch's 
compliance section are tasked with, among other things, educating 
noncompliant employers about proper E-Verify use and addressing this 
noncompliance by sending employers a letter, calling employers, 
auditing employers' E-Verify documentation, or making visits to 
employers' worksites. USCIS's fiscal year 2010 goal was to contact 2 
percent (or 15,874) of the 793,706 worksites participating in E-Verify 
to address issues related to employer noncompliance.[Footnote 38] 
According to senior E-Verify program officials, compliance staff have 
contacted 16,125 employers in fiscal year 2010, exceeding USCIS's 
target by 251 contacts. E-Verify program officials reported that the 
agency has started to measure the number of employers that have 
adjusted their behavior after receiving a compliance letter or 
telephone call. They told us that as of August 2010, about 80 percent 
of these employers had adjusted their behavior in response to a 
compliance letter or telephone call. However, USCIS was not able to 
provide us with data to support the estimate. USCIS expects E-Verify 
compliance activities to increase as USCIS augments its technology for 
the Monitoring and Compliance Branch because the majority of the 
monitoring workload will be automated, allowing staff to focus their 
attention on addressing employer noncompliance. 

Because the transaction data currently require manual review by 
monitoring staff, senior E-Verify program officials reported that the 
Monitoring and Compliance Branch is limited in its ability to fully 
identify patterns and trends in the data that could signal employers' 
noncompliance with all of the E-Verify rules. According to senior E- 
Verify program officials, the branch will have the technical 
infrastructure to support intended program activities by fiscal year 
2012, when improved technology enabling automated analysis of E-Verify 
transaction data is expected to be implemented.[Footnote 39] 
Specifically, USCIS is depending on the implementation of an estimated 
$6 million advanced data system to gain the capability to conduct 
complex analyses of E-Verify data. USCIS expects this system, known as 
the Data Analysis System, to automate about 80 percent of the 
Monitoring and Compliance Branch's workload. USCIS's plans state that 
the Data Analysis System is to employ algorithms and statistical 
techniques to identify complex patterns of employer behaviors, such as 
discrimination and fraud, while automating the detection of simple 
behaviors. The plans also indicate that the system is to automatically 
generate contacts with employers, such as e-mails and letters, and 
record and store these contacts in a central database to maintain 
auditable data on instances of system misuse. 

USCIS's Compliance Efforts Include Employer Education, but the 
Effectiveness of the Efforts Has Not Been Fully Assessed: 

USCIS conducts educational activities to facilitate employers' 
compliance with the E-Verify program. However, the agency has not 
fully assessed the effectiveness of its efforts and therefore is not 
in the position to know if they have achieved their intended purpose. 
E-Verify compliance activities are designed to assist employers in 
better understanding E-Verify procedures and deter them from improper 
system use and protect employees against related discriminatory 
practices. The E-Verify tutorial, which all new E-Verify users are 
required to complete prior to performing any verification, is USCIS's 
primary educational tool for registered users of E-Verify. Other USCIS 
mechanisms for educating employers include presentations to interested 
groups around the country, webinars (online educational sessions), a 
customer service line to assist employers, publications, and guidance 
posted on the E-Verify Web site.[Footnote 40] In addition, as noted 
earlier, USCIS considers compliance actions, such as placing phone 
calls and sending letters to noncompliant employers, to be educational 
efforts. 

USCIS has taken some actions to collect and use information about its 
E-Verify educational activities. For example, as stated above, USCIS 
has started to measure the number of employers that have adjusted 
their behavior after receiving a compliance letter or telephone call. 
Senior E-Verify program officials also noted that among other things, 
USCIS's policy branch collects data from E-Verify users by conducting 
surveys and uses the feedback to make updates, such as editing E-
Verify hotline call scripts and modifying E-Verify messages on the Web 
site. They said that USCIS also tracks the number and types of calls 
related to the tutorial, and adjusts information posted on the E-
Verify Web site to address the questions raised in these calls. Such 
efforts to collect information can help USCIS improve its approach to 
educating users about E-Verify and help users become more compliant 
with E-Verify rules. 

However, USCIS has not evaluated the extent to which employers 
understand the information provided in the E-Verify tutorial and 
therefore is not in the position to make improvements to the tutorial 
based on systematic information.[Footnote 41] USCIS administers the 
mastery test to newly registered users who have completed the E-Verify 
tutorial and stores data on each correct and incorrect response on the 
test. However, USCIS has not analyzed the test data to determine if 
there are patterns in the data indicating that users did not 
understand certain topics in the tutorial. The tutorial provides 
information on a variety of topics, including how to initiate and 
close a case, protect employees' personal information, and properly 
verify employee eligibility through E-Verify, and on the potential 
consequences associated with discriminatory behavior and other misuse 
of E-Verify. Users who fail to achieve a passing grade of 70 percent 
on the multiple choice mastery test are required to review the 
tutorial and retake the test until they pass. According to senior E-
Verify program officials, as of October 2010, USCIS had not analyzed 
the responses to the mastery test to determine if there were any 
questions or topic areas that may be consistently problematic to test 
takers, and whether the tutorial, the mastery test, or both may 
benefit from revision. USCIS has not done this because, according to 
senior E-Verify program officials, the computer program used to 
analyze responses to the test was not able to generate retrievable 
information on how test takers responded to individual questions. 

We previously reported that evaluation is an integral part of training 
and development efforts, and that agencies need to systematically plan 
for and evaluate the effectiveness of training.[Footnote 42] Employing 
systematic monitoring and feedback processes can help determine if 
there are areas in the E-Verify training or the mastery test that 
warrant revision. Senior E-Verify program officials told us that in 
response to our raising this issue, they have met with and directed 
contractor staff to take steps to ensure that information on each 
response to each test question is retained and analyzed. According to 
senior E-Verify program officials, USCIS expects analysis of E-Verify 
test data to begin in fiscal year 2011 because, by then, there will be 
sufficient historical data for analysis. However, E-Verify program 
officials reported that they have not yet identified an approach for 
analyzing the test data or using the analysis results, for example, 
what statistical analyses will be conducted on the test data and how 
will USCIS determine what, if any, test questions and tutorial content 
should be revised. By developing an analysis plan for the mastery 
test, and using the analysis results to make fact-based decisions 
about whether and how to revise the test, the tutorial, or both, USCIS 
would be able to better target its education efforts and ensure 
employer compliance with the E-Verify program. 

Agencies Are Likely to Continue to Face Challenges in Ensuring E- 
Verify Compliance, Including Challenges in Investigating and 
Sanctioning Noncompliant Employers: 

Several factors could continue to make it challenging for USCIS to 
attain its goal of ensuring employer compliance with E-Verify 
requirements even after USCIS implements the planned improvements to 
its monitoring and compliance capability. First, although USCIS has 
instituted measures to validate the authenticity of registered E-
Verify users, the E-Verify transaction data do not allow USCIS to 
determine whether the individuals who process queries through E-Verify 
are the same individuals as those certified as E-Verify users. 
[Footnote 43] This is because individuals who have not completed the 
tutorial and mastery test are able to borrow the user names and 
passwords of certified coworkers to gain access to the system. 
[Footnote 44] These individuals may use the system incorrectly, in a 
manner that leads to wrongful adverse action against authorized 
workers who receive erroneous TNCs, or for fraudulent purposes such as 
running different Social Security numbers and names to see what 
combinations generate a work authorized decision. 

Second, USCIS cannot monitor the extent to which employers follow 
certain program rules as required by the E-Verify MOU because 
interactions between employers and employees generally occur privately 
in workplaces where USCIS does not have a presence. For example, USCIS 
is generally not in the position to determine whether employers carry 
out activities required by E-Verify, such as posting notice of their 
participation in the E-Verify program, providing employees the letter 
informing them of TNC findings, or referring employees to the 
appropriate agency to resolve the TNC. Similarly, USCIS is generally 
not in the position to determine whether employers engage in 
activities prohibited by E-Verify, such as limiting the pay of or 
terminating employees who receive TNCs, using E-Verify to prescreen 
job applicants, or screening employees who are not new hires. USCIS 
may be able to detect some of these noncompliant behaviors in visits 
to worksites.[Footnote 45] However, workers who are wrongly terminated 
or suffer other adverse employment consequences because employers fail 
to follow the MOU receive no protection or remedies under federal law. 

Third, if employers do not respond or remedy noncompliant behavior 
after a contact from USCIS compliance staff, USCIS has minimal avenue 
for recourse because it has limited authority to investigate employer 
misuse and no authority to impose penalties against such employers. 
USCIS can terminate an employer's access to E-Verify if USCIS 
determines that the employer knowingly used the system for an 
unauthorized purpose. However, this does not ensure that employers are 
hiring legal workforces. To date, USCIS has not terminated any 
employers for misuse of E-Verify. For enforcement action for 
violations of immigration laws, USCIS must rely on ICE to investigate, 
sanction, and prosecute employers.[Footnote 46] 

However, ICE has reported that it has limited resources for 
investigating and sanctioning employers that knowingly hire 
unauthorized workers or those that knowingly violate E-Verify program 
rules, and overall, ICE has expended relatively few resources on 
carrying out such activities. To maximize the impact of limited 
resources against the most significant threats and violators, senior 
ICE officials reported that ICE agents apply risk assessment 
principles to worksite enforcement cases by focusing on detecting and 
removing unauthorized workers from critical infrastructure sites, such 
as airports and nuclear power plants, and targeting egregious 
employers that violate criminal statutes. In fiscal year 2009, ICE 
spent 5.2 percent of its 10.4 million agent reported workload hours on 
worksite enforcement, issued 52 fines as a result of Form I-9 audits, 
and made 444 criminal and 1,654 administrative worksite enforcement 
arrests.[Footnote 47] We reported in 2005 that worksite enforcement 
was a relatively low priority under both the U.S. Immigration and 
Naturalization Service and ICE, and that since fiscal year 1999, a 
relatively small portion of overall agent resources have been 
dedicated to the worksite enforcement program. In response, senior ICE 
officials cited the need to devote their limited resources to what 
they believe to be higher priorities. In addition to worksite 
enforcement, ICE is responsible for investigating potential violations 
of a wide range of federal criminal laws, including international drug 
smuggling, illegal import and export of drugs and weapons, alien 
smuggling, intellectual property violations, and money laundering. 

In December 2008, ICE and USCIS signed a memorandum of agreement that 
outlined the processes that the agencies are to use for sharing E- 
Verify program information. Under the agreement, USCIS is to refer 
significant E-Verify cases to ICE for investigative consideration, 
with significant cases being those in which USCIS suspects employers 
of (1) misuse, abuse, and fraudulent use of E-Verify at critical 
infrastructure sites; (2) violations regarding the employment of 
unauthorized aliens; (3) criminal activity; (4) failing to use E-
Verify for all employees as required by the E-Verify MOU; and (5) 
retaining employees after receiving FNCs. The agreement also specifies 
procedures for ICE to request E-Verify transaction data in support of 
ongoing investigations. 

Out of the employers that USCIS identified from December 2008 to 
August 2010 as not complying with E-Verify rules and requiring further 
action from ICE, USCIS referred 3 cases to ICE for investigation and 
responded to 19 requests for E-Verify transaction data from ICE. 
According to senior ICE officials, the cases referred by USCIS were 
not significant threats or egregious violations and therefore did not 
warrant a full investigation.[Footnote 48] They stated that referrals 
from USCIS could be of more assistance if they were more closely 
aligned with ICE's worksite enforcement priorities. Senior E-Verify 
program officials told us that USCIS plans to start applying risk 
assessment principles to its monitoring and compliance activities 
after USCIS completes developing its technology for the Monitoring and 
Compliance Branch. Both senior USCIS and ICE officials reported that 
they are currently coordinating to help USCIS better target its 
monitoring efforts. Specifically, senior E-Verify program officials 
said that USCIS is part of a monitoring and compliance task force-- 
which includes other agencies and subject matter experts--to develop 
and build requirements for how to use E-Verify transaction data to 
better target and address the needs of stakeholders, including ICE. 

An effective employment authorization system requires a credible 
worksite enforcement program to ensure employer compliance with 
applicable immigration laws. However, given ICE's existing priorities 
and resource constraints, ICE is limited in its ability to investigate 
and sanction employer noncompliance with immigration laws. Senior ICE 
officials acknowledged that the same limitations would exist if E- 
Verify became mandatory nationwide. Policy decisions about how to 
effect a credible worksite enforcement program using E-Verify, 
including the resources required for it, have yet to be made. The 
success of the E-Verify program will ultimately be affected by these 
decisions. 

DHS Has Instituted Employee Privacy Protections for E-Verify, but 
Resolving Erroneous TNCs and FNCs and Combating Discrimination Can Be 
Challenging: 

USCIS has taken actions to institute safeguards for the privacy of 
personal information for employees who are processed through E-Verify, 
but has not established mechanisms for employees to identify and 
access personal information maintained by DHS that may lead to an 
erroneous TNC or FNC, or for E-Verify staff to correct such 
information. USCIS has also not developed policies and procedures for 
E-Verify management program analysts to document the basis for their 
work authorization decisions. USCIS has taken actions to mitigate the 
civil rights and civil liberties risks associated with E-Verify by 
holding interagency meetings with SSA, CRCL, and OSC. USCIS is 
coordinating with OSC and CRCL to help reduce incidents of 
discrimination by helping employees better understand their rights and 
educating employers about their responsibilities under E-Verify. 

USCIS Has Taken Actions to Protect the Privacy of Personal Information 
of Employees Processed through E-Verify: 

USCIS has taken actions to minimize risks to the privacy of personal 
information of employees who are processed through E-Verify. The Fair 
Information Practice Principles, adopted in a 2008 memorandum from 
DHS's Chief Privacy Officer, are the basis for DHS's privacy policy. 
These principles include Transparency, Individual Participation, 
Purpose Specification, Data Minimization, Use Limitation, Data Quality 
and Integrity, Security, and Accountability and Auditing (see appendix 
II for additional information on these principles).[Footnote 49] USCIS 
has generally addressed these principles within the E-Verify program. 
For example, USCIS has addressed the Transparency principle by 
publishing privacy notices in 2009 and 2010 that defined parameters, 
including setting limits on DHS's collection and use of personal 
information, for the E-Verify program and the Compliance Tracking and 
Monitoring System.[Footnote 50] These privacy notices defined 
parameters, including setting limits on DHS's collection and use of 
personal information residing within E-Verify. USCIS has also 
published public notices regarding privacy protections on the E-Verify 
Web site. In addition, the USCIS Verification Division created a 
Privacy Branch Chief position in January 2007, which DHS Privacy 
Office officials stated has improved communication between the two 
offices. USCIS has addressed the data minimization principle by 
designing E-Verify to collect and share very little personal 
information about individual employees. Specifically, E-Verify does 
not require employers to collect any more information on employees 
than has already been recorded on the Form I-9, and employers do not 
have access to any of the underlying personal information used by E-
Verify to determine an employee's work eligibility. As a result, USCIS 
has limited the amount of personally identifiable information 
available to employers through the design of E-Verify. USCIS has 
addressed the use limitation principle by limiting how management 
program analysts can access and use information when searching the 
available databases to confirm citizenship or work authorization 
status. For example, management program analysts' access is limited to 
the information that is applicable to the cases that are assigned to 
them. 

Employees and E-Verify Staff Face Challenges Resolving Erroneous TNCs 
and FNCs: 

Employees Have Limited Ability to Identify, Access, and Correct 
Information That Causes Erroneous TNCs: 

Employees are limited in their ability to identify, access, and 
correct personal information maintained by DHS that may have led to an 
erroneous TNC. If an employee chooses to contest a TNC, the employer 
is required to provide the employee a referral letter that identifies 
which agency an employee needs to visit or call to resolve the TNC and 
close the case. 

The process for resolving DHS-related TNCs can be difficult because 
the E-Verify program does not have a process in place for employees to 
identify and access personal information that was the source of the 
erroneous TNCs. Currently, employees are not informed of which 
specific records are the sources of an erroneous TNC. To identify and 
access these records, employees must use a Privacy Act request. 
Privacy Act requests allow individuals to gain access to their 
personal records (unless the requested records are exempted from 
disclosure) and to seek correction or amendment of federally 
maintained records that are inaccurate, incomplete, untimely, or 
irrelevant. An employee wishing to determine which specific records 
led to the erroneous TNC may need to make separate Privacy Act 
requests to several DHS components that may have been the source of 
information involved in making the determination, because each DHS 
component maintains its own data and has an independent office in 
charge of responding to Privacy Act requests. According to senior 
officials in DHS's Privacy Office, if there is an error in a DHS 
database, individuals face formidable challenges in getting the 
inaccuracy or inconsistency corrected because, among other things, 
they have little information about what database led to the decision. 
DHS processes Privacy Act and Freedom of Information Act requests in 
the same manner, and the average response time for these requests in 
fiscal year 2009 was approximately 104 days.[Footnote 51] 

DHS's Privacy Office guidance calls for DHS components to adhere to 
the Individual Participation Principle by providing mechanisms for 
appropriate access, correction, and redress regarding DHS's use of 
personally identifiable information.[Footnote 52] Privacy Office 
officials acknowledged that the current process for employees to 
access their personal records could be improved, and they said they 
are discussing with senior E-Verify program officials ways to provide 
employees with better access to relevant information.[Footnote 53] For 
example, USCIS could inform employees about which types of records 
were consulted to make an employment eligibility determination, which 
could shorten the time and reduce the complexity of locating 
information because employees could then directly contact the 
appropriate DHS component to correct the information that led to an 
erroneous TNC. Developing procedures that enable employees to 
effectively access their personal information and have inaccuracies or 
inconsistencies in that information corrected could help DHS minimize 
the potential for employees receiving repeated erroneous TNCs. 

In addition to the difficulties employees may experience in accessing 
their personal information maintained by DHS, some employees might 
also face challenges in understanding how to contest erroneous TNCs, 
which is key to their ability to correct inaccurate information about 
themselves. For example, officials from OSC and CRCL stated that 
employees have expressed difficulty understanding TNC notification 
letters and the procedures for requesting reversal of a TNC that they 
believed to be in error.[Footnote 54] OSC officials stated that 
employees believe that USCIS should simplify the TNC letters so that 
people with limited literacy and English proficiency can better 
understand the process. In June 2010, USCIS released updated versions 
of both the TNC and referral notices, which include language that 
according to USCIS can be more easily understood. E-Verify program 
officials reported that they intend to further simplify the current 
TNC letters in fiscal year 2012, and combine them with an updated 
referral letter, so that employees will receive one letter notifying 
them of both the TNC and the appropriate agency to contact to resolve 
the TNC.[Footnote 55] USCIS reported that this initiative is a major 
procedural change and will require revision of current E-Verify 
processes as well as development of new procedures. 

Limitations in USCIS's Ability to Correct Employee Information: 

USCIS has taken actions to improve its ability to correct the personal 
information that led to erroneous TNCs; however the agency has not 
established mechanisms for its management program analysts to correct 
errors in employees' personal information that is obtained from other 
DHS components' databases. Instead, because it is not the owner of the 
information, USCIS must contact the component that controls the 
information and describe the error. Officials at the other DHS 
components may then decide what steps, if any, to take to correct 
their records. 

According to DHS Privacy Office guidance, DHS agencies should, to the 
extent practicable, adhere to the Data Quality and Integrity Principle 
by ensuring that personally identifiable information is accurate, 
relevant, timely, and complete.[Footnote 56] In addition, leading 
practices call for agencies that routinely work together to establish 
compatible policies and procedures, including those related to the use 
of data systems, to effectively operate across agency boundaries. 
[Footnote 57] DHS could increase the effectiveness of E-Verify in 
producing accurate results--a stated goal--by ensuring that the 
department's component agencies have procedures for ensuring that 
personal information in their records and systems that led to an 
erroneous TNC is corrected. Doing so could help ensure that the same 
problems do not recur when individuals take new jobs and are again 
processed through E-Verify. E-Verify program officials stated that 
they recently created a Data Integrity Unit that will be tasked with 
documenting errors in DHS databases and will work with other DHS 
components, including CBP and ICE, to correct erroneous information 
contained in their respective databases. This is an important first 
step but by itself cannot ensure that inaccuracies or inconsistencies 
are corrected when they are found. Specifically, USCIS, as one 
component of DHS, may not be in a position to direct other components, 
such as CBP and ICE, to adopt policies and procedures facilitating the 
correction of errors. Establishing departmentwide procedures to ensure 
that all components that own information involved in making work 
authorization decisions collaborate in correcting inaccuracies or 
inconsistencies could better position DHS to reduce the number of 
erroneous TNCs. This is because unresolved inaccuracies or 
inconsistencies in personal information put employees in the position 
of facing repeated erroneous TNCs when applying for jobs. 

E-Verify Staff's Decision-Making Process in Resolving Contested TNCs 
Is Not Documented, Limiting USCIS's Ability to Ensure Consistent 
Decisions: 

USCIS does not require management program analysts to document the 
process they used to resolve TNCs that were contested by employees. 
According to Standards for Internal Control in the Federal Government, 
to be effective, agencies need to clearly document all transactions in 
a timely manner to ensure that they are making appropriately informed 
decisions. Moreover, the standards call for clear documentation of 
policies and procedures that is readily available for examination. 
Without documentation of the process used to resolve TNCs that were 
contested by employees, there is no institutional record of the 
office's actions. Therefore, it may be difficult to review and 
validate the decision-making process for effective management 
oversight. Effective management oversight is important for ensuring 
sound stewardship. Moreover, without documentation of the process used 
to resolve TNCs that were contested by employees, E-Verify may not be 
able to ensure that its staff consistently apply criteria it has 
established, implement procedures as intended, or sustain those 
efforts over time. 

E-Verify program officials stated that there is a comment box in the 
system used by management program analysts to document the actions 
taken to resolve a TNC, in which they can note additional information 
related to the resolution of a case. Such a box could be used to 
document the basis for an analyst's resolution of a case. However, 
according to E-Verify program officials, management program analysts 
do not usually put any information in the comment boxes when resolving 
a TNC because USCIS does not require them to enter this information 
into the system. E-Verify program officials stated that while these 
procedures are not currently required, they recognize the importance 
of making and documenting accurate decisions, and plan to revise the 
standard operating procedures to require this of management program 
analysts. As of October 2010, USCIS had not set a timeline for 
revising and implementing the procedures. By developing procedures for 
management program analysts to document the basis for their work 
authorization decisions, USCIS could help employees obtain information 
about which types of records were consulted in making decisions about 
contested TNCs and help minimize the potential for recurring erroneous 
nonconfirmations. In March 2010, USCIS also established the Quality 
Assurance unit that is intended, among other things, to monitor the 
accuracy with which management program analysts resolve contested TNCs 
and ensure that verifications are performed efficiently without 
compromising accuracy. 

SSA Has Implemented Controls to Reduce the Number of Erroneous FNCs: 

According to senior SSA officials, some employees have received 
erroneous SSA FNCs when they did not notify SSA field office staff 
that they were attempting to resolve a TNC during a visit to a SSA 
field office, and when SSA field office staff did not take the 
appropriate steps to document the status and resolution of TNC cases. 
SSA reported that the agency is taking steps to address this issue. EV-
STAR, an electronic communications link between SSA and the employer 
that stores information on the status of cases on workers referred to 
SSA for a TNC, requires SSA employees to note information about a 
pending TNC resolution in the system. This is an important step 
because when an employer refers an employee to SSA through E-Verify, 
an 8-day clock starts. The employee must visit an SSA field office 
during that time (8 federal workdays) to try to resolve the TNC. The 
only way to extend the 8 days is for an SSA field office staff member 
to access EV-STAR. If the employee's information is not verified 
within this time frame, E-Verify will automatically notify the 
employer of the FNC. In certain cases, these FNCs can be erroneous 
because the employee is actually authorized to work but did not have 
his or her information verified within the specified time frame. SSA 
field office staff can extend the amount of time for an employee to 
resolve a TNC to up to 120 days at 30-day intervals, but can only do 
so if they make a notation in EV-STAR that the case is pending a TNC 
resolution. However, SSA field office staff are not always aware that 
the employee is attempting to resolve a TNC, either because the 
individual does not notify staff that he or she is there for E-Verify 
reasons or does not provide field office staff with a copy of the TNC 
referral letter. As a result, staff may not make a notation in EV-STAR 
to extend the case beyond 8 federal working days. Thus, if an employee 
does not return with the required documentation within 8 federal 
working days, the system will send an FNC response to the employer. In 
addition, even when SSA staff know that an employee is attempting to 
resolve a TNC, the staff do not always access EV-STAR to update cases 
as pending because, according to senior SSA officials, EV-STAR is a 
DHS system that requires staff to log into the system separately 
outside of the SSA system they regularly use. Furthermore, senior SSA 
officials told us that staff may also forget to update EV-STAR because 
of field office workload demands. 

Senior SSA officials stated that they cannot quantify how frequently 
erroneous FNCs occur because of incorrect EV-STAR use, but noted that 
the agency has worked with USCIS and OSC to address this problem. 
Senior OSC officials noted that while SSA is taking steps to address 
this issue, there is no formal appeals process for employees who 
receive FNCs in error, and no mechanism for compensating employees who 
are laid off or terminated as a result of receiving an erroneous FNC. 
Senior SSA officials reported that SSA has implemented five actions to 
address the issue of erroneous FNCs: 

* SSA has created and distributed to its regional offices EV-STAR 
usage reports that track the number of times field office staff access 
EV-STAR. SSA reported that it created this report to enhance awareness 
of E-Verify and EV-STAR by its regional and field offices. 

* In October 2010, SSA modified its operating system to add a direct 
link to EV-STAR. SSA told us that this modification will make it 
easier for field office staff to access EV-STAR. 

* SSA has created three alerts within its operating system to notify 
field office staff when a Social Security number is associated with an 
SSA TNC. These alerts have been designed to remind staff to access and 
take appropriate action in EV-STAR. SSA told us that these alerts will 
be deployed during fiscal year 2011. 

* SSA has added a slide in its televised broadcast in field offices, 
and is developing a poster, to advise individuals who are there to 
resolve a TNC to let the field office staff know that their cases are 
related to E-Verify. 

* SSA has developed training for field office staff regarding the use 
of EV-STAR. 

While these actions could address the causes leading to employees 
receiving erroneous FNCs because of SSA field office use of EV-STAR, 
it is too soon to know if these actions will fully address the problem. 

USCIS Has Taken Some Actions to Identify and Mitigate Civil Rights and 
Civil Liberties Risks Associated with E-Verify and Faces Challenges in 
Combating Employer Discrimination: 

DHS Relies on Interagency Meetings to Identify and Mitigate Civil 
Rights and Civil Liberties Risks: 

Senior USCIS E-Verify program officials and CRCL officials said they 
address issues related to employees' civil rights and civil liberties 
risks in interagency meetings. Westat's 2009 report stated that the 
erroneous TNC rate for employees who were eventually found to be 
eligible to work was approximately 20 times higher for foreign-born 
employees than for U.S.-born employees (2.6 percent versus 0.1 
percent) from April through June 2008. Based on statistical 
information provided us by USCIS for fiscal year 2009, the likelihood 
of noncitizens receiving erroneous TNCs was greater than that for 
citizens.[Footnote 58] As discussed earlier, employees may also face 
challenges in understanding TNC letters and how to contest erroneous 
TNCs. Given this, and USCIS's limited mechanisms for correcting errors 
in personal information that have caused erroneous TNCs or FNCs, 
increased potential exists for an adverse impact on individuals' civil 
rights and civil liberties. 

Assessing the risks posed by a program to civil rights and civil 
liberties is intended to determine the extent to which programs, 
policies, regulations, and guidelines comply with and safeguard civil 
rights and civil liberties. Formal assessments, such as civil 
liberties impact assessments, can offer assurance to the public that 
individuals' rights are being protected. They are typically conducted 
in instances when, for example, programs may have a direct impact on 
certain racial or ethnic groups, or require or authorize the federal 
government to collect personal information about private citizens. 
[Footnote 59] According to a senior CRCL official, CRCL's approach to 
addressing civil rights and civil liberties risks related to E-Verify 
is to hold routine interagency meetings with USCIS to discuss 
potential risks and recommend improvements to mitigate these risks. 
The official noted that if E-Verify were to become mandatory, a more 
formal assessment of civil rights and civil liberties issues could 
address those issues that may have an impact on civil rights and civil 
liberties. 

Challenges to Combating Discrimination: 

Employees may be vulnerable to discrimination under E-Verify if, for 
example, employers engage in practices prohibited by E-Verify, such as 
limiting the pay of or terminating employees who receive TNCs, or 
prescreening job applicants. In 2009, Westat reported that some 
employers who responded to its survey acknowledged engaging in such 
practices. Specifically, of 2,320 survey respondents, 17.1 percent 
(397) reported restricting work assignments until employment 
authorization was confirmed; 15.4 percent (357) reported delaying 
training until employment authorization was confirmed; and 2.4 percent 
(56) reported reducing pay during the verification process. Westat 
also reported that employers prescreened job applicants more often 
than they self-reported. For example, in its employee interviews, 
Westat found that of 396 workers who reported on their employment 
status at the time their work authorization was determined through E-
Verify, 114 claimed to be job applicants rather than new hires. To 
investigate job discrimination related to individuals' citizenship 
status or national origin, USCIS must refer suspected cases of 
discrimination to OSC. 

Attempting to identify discrimination within E-Verify is challenging 
because the E-Verify transaction database does not capture certain 
employer behaviors that are indicative of discrimination, such as 
denying employment based on citizenship status or national origin. 
According to USCIS, its transaction database contains information on 
two employer behaviors that may serve as indicators of discrimination: 
(1) terminating an employee who receives a TNC and (2) processing 
employees who are not new hires through E-Verify. E-Verify program 
officials stated that these indicators could be used in combination 
with other information, such as information obtained through a law 
enforcement request, to pursue charges of discrimination against an 
employer. Senior E-Verify program officials reported that they have 
worked with OSC and subject matter experts on a task force to 
determine how best to extract information from the E-Verify 
transaction database to target issues such as discrimination. 
According to USCIS, as it improves its E-Verify technical capability, 
the agency will be better positioned to identify trends in 
discrimination. To facilitate the exchange of information between 
USCIS and OSC, in March 2010, USCIS signed a memorandum of agreement 
with OSC. According to the agreement, USCIS is to refer to OSC all 
cases of suspected discrimination that USCIS identifies. The agreement 
also states that OSC is to refer cases of suspected nondiscriminatory 
abuse or misuse of E-Verify to USCIS. From March 2010 to August 31, 
2010, USCIS responded to approximately 78 requests for E-Verify 
transaction data from OSC. Of these requests, 50 were requests for 
technical assistance, and 28 were requests for enforcement purposes. 
OSC has referred approximately 39 instances of nondiscriminatory 
employer misuse of E-Verify from March 2010 to August 31, 
2010.[Footnote 60] According to OSC, since the two agencies have 
signed the agreement, USCIS has referred no cases of potential 
discrimination to OSC. 

To help employees better understand their rights, USCIS, OSC, and CRCL 
have taken several actions. First, OSC's "Know Your Rights" poster for 
employees includes, among other things, notice to employees that it is 
illegal for employers to deny an employee the right to work based on 
citizenship status or national origin and provides employees with the 
contact information for OSC. While this poster was not created 
specifically for the E-Verify program, employers participating in E- 
Verify are required under the employer MOU to display the poster in a 
visible location in both English and Spanish. Second, CRCL developed a 
"You Should Know Your Rights and Responsibilities Under E-Verify" 
brochure for employees--available on USCIS's Web site and in different 
languages--to help employees better understand their rights and 
responsibilities under E-Verify. Third, in March 2010, USCIS and CRCL 
developed a video for employees that explains E-Verify rules and 
policies, stresses the rights of employees, and reminds employees that 
employers may not use E-Verify to discriminate against or prescreen 
employees. Fourth, in April 2010, USCIS implemented an E-Verify help 
line to handle complaints about employer misuse of the E-Verify 
program and refer to OSC complaints about possible discrimination. 
USCIS, OSC, and CRCL have also taken actions to better educate 
employers on E-Verify rules and policies to help prevent both knowing 
and inadvertent discrimination. For example, OSC has created a set of 
"E-Verify Dos and Don'ts" to provide a quick reference guide for 
participating employers on their responsibilities under E-Verify. 
Through its hotlines for employers and employees, OSC also provides 
general guidance and handles complaints on a variety issues, including 
E-Verify issues.[Footnote 61] Lastly, USCIS and CRCL have developed an 
employer video to stress the importance of following E-Verify 
procedures to safeguard employee rights. Among other things, the video 
advises employers that E-Verify requires them to permit workers to 
contest TNCs with no adverse employment consequences, avoid using the 
system on job applicants, and protect employee privacy. 

USCIS and SSA Have Taken Actions to Prepare for Mandatory 
Implementation of E-Verify by Adopting Practices for Effectively 
Managing E-Verify System Capacity, but They Face Challenges in 
Estimating Costs: 

USCIS and SSA have taken actions to prepare for possible mandatory 
implementation of E-Verify by addressing widely accepted industry 
practices for effectively managing E-Verify system capacity and 
availability and working together to coordinate the shared operation 
of E-Verify. USCIS and SSA are in the process of developing an 
agreement to define acceptable and unacceptable levels of service 
required to support the E-Verify program, but have not established a 
written service-level agreement to help ensure that SSA will be able 
to meet E-Verify capacity demands and provide USCIS continuous service 
in the future, or provided timeframes for when the agreement will be 
completed. Additionally, in order to ensure that sound decisions are 
made about future resource needs for E-Verify, USCIS and SSA have 
developed life cycle cost estimates for the current E-Verify program. 
However, USCIS's cost estimates do not reliably depict current E-
Verify cost and resource needs or cost and resource needs for 
mandatory implementation. While SSA's cost estimates substantially 
depict current E-Verify costs and resource needs, SSA has not fully 
assessed the extent to which its workload costs may change in the 
future. 

USCIS and SSA Have Met Five of the Six Capacity Management Practices 
for E-Verify Operations but Have Not Documented System Requirements 
for Meeting Future Demands: 

To manage current E-Verify system capacity and plan for future system 
capacity needs, USCIS and SSA have met five of six practices 
identified by the Software Engineering Institute as best practices for 
establishing and maintaining capacity and availability of system 
components. These key practices are integral to effective information 
technology (IT) planning and are widely accepted by IT experts. Table 
2 provides examples of how USCIS and SSA have addressed each of the 
Software Engineering Institute's best practices for capacity 
management.[Footnote 62] 

Table 2: Effective Practices for Capacity Management and Planning and 
the Extent to Which USCIS and SSA Have Addressed Each Practice: 

Practices for effective capacity management and planning: 1. Establish 
strategy for managing capacity and availability that defines, among 
other things, service and resource requirements and availability and 
system constraints; 
Met. 
How USCIS and SSA have addressed each practice: USCIS and SSA 
developed a project management plan that defines staff resources 
needed to support E-Verify. USCIS also developed a document that 
discusses system constraints, such as requirements to meet security 
standards and use external systems for sources of data. 

Practices for effective capacity management and planning: 2. Select 
measures, such as response time and reliability, and analytic 
techniques to be used in managing the capacity and availability of E- 
Verify; 
Met. 
How USCIS and SSA have addressed each practice: With input from SSA, 
USCIS defined performance requirements for E-Verify, such as system 
capacity and availability, along with system reliability and response 
time requirements for notifying participating employers of 
verification results. 

Practices for effective capacity management and planning: 3. Monitor, 
analyze, and report on current and future demands for system 
performance; 
Met. 
How USCIS and SSA have addressed each practice: USCIS and SSA 
routinely measure and monitor E-Verify system availability, system 
response time, and continuity of service based on USCIS service 
requirements of 99.5 percent system availability and an average 
response time of 2 seconds per case and on performance reports. 

Practices for effective capacity management and planning: 4. Establish 
and maintain system representations, such as simulations of 
transaction arrival rates and load testing, to provide insight into 
how a system will work given specific work volumes and resources; 
Met. 
How USCIS and SSA have addressed each practice: USCIS and SSA 
conducted simulations and load tests to confirm that their systems 
will complete critical functions in a high transaction volume 
environment without performance delays. E-Verify program officials 
said that in 2007, USCIS successfully simulated an operational 
transaction load commensurate with an annual rate of 240 million 
queries per year--the higher estimate of the number of queries 
expected to be generated by a mandatory E-Verify program. 

Practices for effective capacity management and planning: 5. Identify 
services to be delivered and levels of acceptable and unacceptable 
service to be provided by an organization to support another 
organization's business programs; 
Met. 
How USCIS and SSA have addressed each practice: According to senior E-
Verify program and SSA officials, USCIS and SSA have agreed to 
proposed performance measures in regards to system availability, 
average response time, and transaction volumes. Each fiscal year, 
USCIS provides SSA an annual estimate of E-Verify transaction volumes 
for the next fiscal year and anticipated volumes beyond that year to 
help measure performance. 

Practices for effective capacity management and planning: 6. Define 
and document the requirements listed above in a service-level 
agreement; 
Not met. 
How USCIS and SSA have addressed each practice: The agencies have not 
established a written service-level agreement that describes 
acceptable and unacceptable SSA service levels required to support the 
E-Verify program. 

Source: GAO analysis of the actions USCIS and SSA have taken to 
establish and maintain capacity and availability of system components 
for E-Verify operations. 

[End of table] 

We previously reported that capacity management is one of the most 
critical responsibilities in the management of an IT environment. 
[Footnote 63] It provides a structure for agencies to measure and 
evaluate system performance to prevent or correct problems and to plan 
for future capacity requirements based on estimated workloads. By 
using capacity planning tools to prepare for how IT components and 
resources should be configured to adequately support anticipated 
future workloads, agencies can avoid interruptions in services and be 
better prepared to effectively meet future demands. The capacity 
management actions that USCIS and SSA have taken, as shown in table 2, 
will enhance the agencies' ability to support future workload demands 
in the event that E-Verify becomes mandatory nationwide. 

As of October 2010, USCIS and SSA actions to address E-Verify system 
capacity and availability issues had not included documenting system 
requirements in a service-level agreement. Such an agreement could 
help ensure that the agencies have a common understanding of how to 
meet current and future E-Verify system demands. As shown in table 2, 
defining and documenting system requirements in a service-level 
agreement is the sixth practice for effective planning for 
establishing and maintaining capacity and availability of system 
components. This practice involves organizations identifying the 
levels of acceptable and unacceptable service that one organization is 
to provide another to support that organization's business programs. 

In 2008, an independent contractor recommended that USCIS engage in a 
service-level agreement with SSA to ensure that SSA understands and 
agrees to the service levels for current and future needs of the E- 
Verify program.[Footnote 64] According to USCIS, it has developed a 
draft service-level agreement and provided it to SSA for its review. 
Senior SSA officials told us that SSA is reviewing the agreement, but 
they were unable to identify a date for when the agreement would be 
reviewed and approved by both agencies. SSA reported that a service- 
level agreement between SSA and USCIS for E-Verify would help 
guarantee high availability and continuity of service for the program 
and prevent issues with SSA's operation of E-Verify. SSA reported that 
it currently monitors E-Verify volume and alerts USCIS of any 
potential increases in the transaction volumes, but acknowledged that 
without an agreement that sets forth parameters for system 
availability and continuity of service, its other workload demands, 
such as disability and retirement processing, could take precedence 
over its E-Verify workload and disrupt E-Verify service. E-Verify 
program officials reported that they are continuing to work with SSA 
to incorporate additional performance parameters into the agreement, 
including performance criteria for system availability, data security, 
and system capacity. They noted, however, that the timeframe for 
completing the agreement has not yet been worked out. SSA and USCIS 
reported that the agreement needs to reviewed, negotiated, and 
approved before it can be included in a future reimbursable agreement. 
Standards for program management require that the specific steps 
needed to complete a project be identified and documented, and that 
milestones and time frames be established for completing projects. 
[Footnote 65] Until USCIS and SSA document the terms of the service-
level agreement, including the steps needed to complete the agreement 
in a manner that is acceptable to both parties and a time frame with 
milestones for its completion, USCIS may not have reasonable assurance 
that SSA will be able to provide continuous service for E-Verify 
operations and meet the increased demands for system capacity in the 
future. 

USCIS and SSA Face Challenges in Accurately Estimating E-Verify Costs: 

Sound Decisions about Future Resource Needs to Ensure the Success of E-
Verify Program Implementation Depend on USCIS and SSA Developing 
Reliable Cost Estimates: 

A reliable cost estimation process provides a sound basis for making 
accurate and well-informed decisions about resource investments, 
budget formulation, measurement of progress, and accountability for 
results, and is critical to the success of any program. According to 
OMB,[Footnote 66] federal agencies must maintain current and well- 
documented estimates of program costs, and these estimates must 
encompass the program's full life cycle. Among other things, OMB has 
stated that a reliable life cycle cost estimate is critical to the 
capital planning and investment control process. Without such an 
estimate, agencies are at increased risk of making poorly informed 
investment decisions, securing insufficient resources to effectively 
execute defined program plans and schedules, and thus experiencing 
program cost and schedule overruns and performance shortfalls. 

Our research has determined that a reliable cost estimate possesses 
four characteristics, which are summarized in table 3. 

Table 3: GAO's Characteristics of a Reliable Cost Estimate: 

Characteristic: Comprehensive; 
Description: A comprehensive cost estimate should include all 
government and contractor costs over the program's full life cycle, 
provide sufficient detail to ensure that cost elements are neither 
omitted nor double counted, and document all cost-influencing ground 
rules and assumptions. 

Characteristic: Well-documented; 
Description: A well-documented cost estimate should capture in writing 
such things as the source and significance of the data used, the 
calculations performed and their results, and the rationale for 
choosing a particular estimating method or reference. A well-
documented estimate can be easily reconstructed by an outside source 
and should be reviewed and accepted by management. 

Characteristic: Accurate; 
Description: An accurate cost estimate should be, among other things, 
based on historical data reflecting most likely costs, adjusted 
properly for inflation, and validated against an independent cost 
estimate. An accurate estimate should be updated regularly to reflect 
material changes in the program and actual cost experience on the 
program, and steps should be taken to minimize mathematical mistakes. 

Characteristic: Credible; 
Description: A credible cost estimate should discuss any limitations 
in the analysis caused by uncertainty or biases surrounding the data 
and assumptions. Major assumptions should be varied, and other 
outcomes computed to determine how sensitive the estimate is to 
changes in the assumptions. Risk and uncertainty inherent in the 
estimate should be assessed and disclosed. 

Source: GAO Cost Estimating and Assessment Guide. 

[End of table] 

We reviewed USCIS's and SSA's cost estimates for E-Verify, compared 
them against the above four characteristics, and assessed the extent 
to which the agencies met the characteristics of a reliable cost 
estimate. A reliable cost estimate consists of 12 best practices that 
can be grouped into four characteristics. We determined that the 
characteristic was (1) not met if the agency provided no evidence that 
satisfied any portion of the criterion, (2) minimally met if the 
agency provided evidence that satisfied less than one-half of the 
criterion, (3) partially met if the agency provided evidence that 
satisfied about one-half of the criterion, (4) substantially met if 
the agency provided evidence that satisfied more than one-half of the 
criterion, and (5) met if the agency provided complete evidence that 
satisfied the entire criterion. We assigned a value ranging from 1 to 
5 indicating the extent to which the agencies met each best practice, 
and averaged the values for the practices that were associated with 
each characteristic. (See appendix I for a list of the 12 best 
practices.) 

USCIS Has Partially Met Three of Four Characteristics of a Reliable 
Cost Estimate: 

Our analysis showed that USCIS's E-Verify estimates partially met 
three of four characteristics of a reliable cost estimate and 
minimally met one characteristic. In December 2009, USCIS provided us 
a life cycle cost estimate of $508 million for funding E-Verify as a 
nonmandatory program through fiscal year 2020, at which time USCIS 
expects that E-Verify will need to be replaced. The $508 million 
includes $16 million for planning, $182 million for acquisition, $261 
million for operations and maintenance, $17 million for security, and 
$32 million for government full-time employees. 

USCIS's cost estimate was: 

* Partially comprehensive because it was developed by in-house 
personnel with assistance from subject matter experts, and outlined a 
schedule for completing the work and the approach for developing the 
estimate. The cost estimate is not fully comprehensive because USCIS's 
estimation of E-Verify development costs did not break E-Verify down 
into its smaller specific components. For instance, USCIS provided 
high-level cost estimates for both government and contractor efforts 
associated with developments and enhancements but lacked estimates for 
detailed system requirements. E-Verify program officials stated that 
the large number of ongoing enhancements to E-Verify prohibited it 
from doing a more in-depth analysis sufficient to ensure that all 
costs have been considered. By breaking costs down into small 
components, an agency positions itself to more precisely identify 
which components cause cost or schedule overruns so that root causes 
can be readily determined if needed. USCIS's cost estimate also did 
not include detailed E-Verify system requirements, historical cost 
data, or full life cycle costs. 

* Partially documented because USCIS briefings and other documents 
together describe program requirements, purpose, technical 
characteristics, acquisition strategy, and operational plan. USCIS has 
not, however, prepared a development plan and identified program risks 
in accordance with best practices. USCIS's cost estimate also does not 
include the supporting documentation and calculations that would allow 
someone unfamiliar with the cost estimate to easily re-create it. 

* Partially accurate because USCIS used historical data and cost 
performance reports to help predict future costs. The cost estimate is 
not fully accurate, however, because it was not validated against an 
independent cost estimate--a required best practice--and does not 
include all applicable life cycle costs, as stated above. Moreover, 
USCIS's and SSA's cost estimates are incongruent, with USCIS' estimate 
being 15 percent lower than SSA's. In contrast to SSA's detailed cost 
estimates, USCIS's estimates for SSA were not explained or supported 
by backup data. 

* Minimally credible because while USCIS assessed E-Verify's ability 
to meet the requirements of the current voluntary program, a potential 
mandated program, and growth under both scenarios with the help of 
subject matter experts, it did not carry out other activities. For 
example, the agency did not (1) perform an independent cost estimate 
on E-Verify, (2) perform a sensitivity analysis to determine which 
factors could affect the cost estimate, or (3) identify the risks 
associated with changes in the projected number of E-Verify cases or 
SSA's E-Verify workload. Projected case volumes can fluctuate for 
various reasons, such as state legislation or policy changes, and case 
volumes directly affect SSA's workload. Given that USCIS reimburses 
SSA for its costs for operating E-Verify, determining these risks 
would allow USCIS to better predict future costs under different 
scenarios. 

USCIS acknowledged the limitations in its cost estimates for E- 
Verify, and attributed the limitations in the comprehensiveness, 
documentation, accuracy, and credibility of its estimates to a range 
of factors, including competing program office priorities and USCIS's 
limited cost-estimating capabilities. Senior E-Verify program 
officials told us that since February 2010, USCIS has contracted with 
a federally funded research and development center to perform a 
comprehensive analysis of E-Verify's technical infrastructure--VIS-- 
including developing an independent cost estimate of the life cycle 
costs of E-Verify in an effort to better comply with our cost- 
estimating guidance. Senior E-Verify program officials also told us 
that the agency is working with USCIS's Office of Information 
Technology's Cost Estimate Section to review and evaluate the cost 
estimates for VIS's contract re-compete effort, and stated that in 
June 2010 it launched an initiative to regularly report risks related 
to VIS and system costs to DHS. However, until it generates a reliable 
life cycle cost estimate for E-Verify, USCIS is at increased risk of 
not making informed investment decisions, understanding system 
affordability, and developing justifiable budget requests for future E-
Verify use and potential mandatory implementation. 

SSA Has Substantially Met Three of Four Characteristics of a Reliable 
Cost Estimate, but Challenges Exist with Predicting E-Verify Workload: 

Our analysis showed that SSA's E-Verify estimates substantially met 
three of four characteristics of a reliable cost estimate and 
partially met the fourth characteristic. SSA's life cycle cost 
estimate for fiscal years 2010 through 2015 of almost $66 million 
includes approximately $14 million in costs that have already been 
incurred for developing the Isolated Environment, which was designed 
for dedicated use by E-Verify, $18 million for fiscal years 2010 
through 2013 to maintain this system; and $34 million for fiscal years 
2010 through 2015 to provide administrative support to SSA field 
offices and a toll-free number to respond to TNC inquiries. SSA's cost 
estimate was: 

* Substantially comprehensive because SSA accounted for both 
government-and contractor-related cost elements for E-Verify. SSA's 
ability to develop cost estimates for operating and supporting E-
Verify was enhanced by the availability of information on the actual 
costs of developing E-Verify, as SSA had already developed and 
deployed the Isolated Environment. SSA's cost estimate was detailed in 
that costs were neither omitted nor double counted. For example, all 
development resources and associated cost elements required to 
develop, produce, deploy, and sustain E-Verify have been accounted 
for, as required by best practices. In addition, SSA provided detailed 
assumptions about such things as the skill level of software 
programmers, level of user involvement, and field office workload, 
which are important cost drivers of E-Verify development and support 
costs. Like USCIS, however, SSA did not break E-Verify development 
costs into its smaller specific components as suggested by best 
practices. 

* Substantially well-documented because SSA's estimate addressed many 
of the best practices we assessed. For example, USCIS gathered data on 
historical actual costs and from program and technical sources, such 
as blanket purchase agreements and actual invoices for hardware such 
as mainframes, and software development data from similar projects. 
Moreover, based on the documentation SSA provided to us regarding 
operating and support costs, we were able to easily re-create SSA's 
cost estimate. SSA's development cost estimate did not fully provide 
the supporting documentation and calculations, as required under best 
practices, but since SSA has completed the development effort, it now 
has a spreadsheet of actual costs that override the initial estimate. 

* Substantially accurate because, as noted above, SSA has actual costs 
for its development effort which enabled it to update its estimate 
with actual development costs. SSA's operating and support cost 
estimates were supported by data on labor hours and a detailed list of 
the hardware and software necessary for E-Verify operation. SSA also 
identified the inflation indexes it used to estimate costs and relied 
on actual data from its cost accounting systems, as well as earned 
value management data, to collect actual costs. The cost estimate did 
not fully meet best practices because it was not validated against an 
independent cost estimate and did not include all costs associated 
with maintaining the system. 

* Partially credible because SSA identified as key cost drivers the 
costs associated with system hardware, storage, and labor, and also 
estimated the costs for administrative operations, such as the number 
of E-Verify cases and SSA E-Verify workload. In addition, SSA 
conducted a sensitivity analysis to determine which communication 
technology would best allow SSA field staff to address phone 
inquiries. Further, there is less risk to SSA's estimates going 
forward because development efforts for the Isolated Environment are 
now complete. Regarding operations and support cost estimates, which 
constituted nearly 80 percent of the cost estimate, however, SSA did 
not adequately address the inherent risk and uncertainty within the 
estimate or the limitations associated with the assumptions used to 
create it. Although SSA stated that it routinely assesses the risk and 
uncertainty in developing its estimate of E-Verify costs, it does not 
use statistical models to quantitatively determine the extent of 
variability around its cost estimate. For example, SSA did not 
identify the risks associated with changes in the projected number of 
E-Verify cases or SSA's E-Verify workload, or document and assess the 
risks of these assumptions varying. Changing the number of projected E-
Verify cases can affect SSA's workload projections, and would result 
in changes to SSA's final cost estimate. We performed our own analysis 
and found that increasing either the number of cases or SSA's workload 
projections by 10 percent would increase SSA's total cost by almost 
$0.5 million. 

SSA officials attributed the limitations of SSA's documentation of its 
life cycle cost estimates to the fact that OMB does not require SSA to 
develop life cycle cost estimates outside of its 5-year window. SSA 
officials told us that SSA develops costs estimates for only 5 years 
to better control for changes in system costs, such as hardware 
upgrades, as these costs tend to be less stable than other costs. SSA 
officials told us that they have developed system cost estimates 
through fiscal year 2020 because of the variability associated with 
the costs involved. SSA officials also attributed the limitations 
associated with credibility in its cost estimates to its ability to 
recoup all actual costs for E-Verify system maintenance and operations 
pursuant to its reimbursable agreement with USCIS. Therefore, 
according to SSA, SSA will incur more operational work if E-Verify 
transaction volume increases, but will bear no additional costs 
because USCIS must reimburse SSA for all expenses. While there is no 
risk for SSA if cost overruns occur, there is risk to USCIS because it 
has to pay for all costs incurred by SSA for operating E-Verify and 
resolving TNCs. For example, SSA's workload increased from processing 
85,869 TNC cases in fiscal year 2007 to processing 88,235 TNC cases in 
fiscal year 2009. However, the extent to which SSA's workload may 
either increase or decrease in the future is not known. According to 
cost estimating best practices, a credible cost estimate should 
discuss any limitations in the analysis caused by uncertainty or 
biases surrounding the data and assumptions. By not assessing the 
inherent risk and uncertainty within its estimate or the limitations 
associated with the assumptions used to create it, SSA will not be 
able to reliably determine the extent to which its workload costs may 
change if the projected, or estimated, number of E-Verify cases is 
greater or less than expected, and may not be able to provide 
assurance to USCIS that it can provide the required level of support 
for E-Verify operations if it experiences cost overruns within any one 
fiscal year.[Footnote 67] 

Conclusions: 

E-Verify is a widely used employment verification system in the United 
States and may become a key part of federal efforts to reform the 
immigration system. Since we last testified in June 2008, USCIS and 
SSA have taken actions that have helped improve the accuracy of E- 
Verify and reduce opportunities for unauthorized workers to use 
fraudulent documents to gain employment. These efforts 
notwithstanding, the government's ability to ensure an authorized 
workforce is limited because E-Verify, like the Form I-9 process on 
which it is based, is vulnerable to identity fraud. Identity fraud can 
allow E-Verify to erroneously verify individuals who fraudulently use 
the valid documents of others to gain employment. Documents with 
enhanced security features, such as biometrics, may help to resolve 
some of these weaknesses, but they may be costly and generate privacy 
concerns. Further, worksite enforcement is an integral part of an 
effective employment authorization system, but resource limitations 
have impeded ICE from investigating and sanctioning all but the most 
egregious employer violators of worksite immigration laws. If E-Verify 
became mandatory and worksite enforcement resources continued to be 
limited to egregious employer violators, more unscrupulous employers 
could have the opportunity to hire unauthorized workers without much 
risk of detection. 

USCIS's actions to improve the accuracy of E-Verify have included 
adding tools to help identify fraudulent documents, expanding the 
number of databases queried through E-Verify, and instituting quality 
control procedures to screen for data entry errors. However, USCIS can 
further improve the accuracy of E-Verify by taking additional actions 
to help prevent erroneous TNCs attributable to name mismatches, 
particularly for individuals--often foreign-born, naturalized, or 
both--who have multiple or hyphenated surnames. Disseminating 
information to employees on the importance of providing consistent 
name information to employers, SSA, and DHS can help better ensure 
data accuracy and reduce the appearance of discrimination toward 
certain cultural groups because of the disparate impact of these kinds 
of erroneous TNCs on such groups. 

With respect to monitoring and compliance, USCIS has increased the 
size of its staff but remains limited in its ability to ensure 
employer compliance with E-Verify policies and procedures. As part of 
its efforts to help employers understand E-Verify rules so that they 
can better comply with them, USCIS developed an E-Verify tutorial and 
requires that employers pass a mastery test before they use E-Verify. 
By developing an analysis plan for the mastery test, analyzing test 
response data, and using the results of that analysis to revise the 
test, the tutorial, or both, USCIS would be able to better target its 
education efforts and ensure employer compliance with the E-Verify 
program. 

Regarding privacy protections, USCIS has taken actions to minimize 
risks to the privacy of personal information for new employees. 
However, employees are limited in their ability to identify, access, 
and correct information in DHS databases that has led to erroneous 
TNCs. Developing procedures that enable employees to effectively 
access their personal information and have inaccuracies or 
inconsistencies in that information corrected could help DHS minimize 
the potential for employees to receive repeated erroneous TNCs. In 
addition, establishing departmentwide procedures to ensure that all 
components that own information involved in making work authorization 
decisions collaborate in correcting inaccuracies or inconsistencies 
could better position DHS to reduce the number of erroneous TNCs and 
help to increase the effectiveness of E-Verify by enhancing accuracy. 
Moreover, because management program analysts are not required to 
document the actions taken to resolve a TNC, it will be difficult for 
USCIS to have a basis for ensuring that decisions will be made 
consistently and obtain reasonable assurance that erroneous TNCs will 
not continue to occur if the resolution of such TNCs has not been 
documented. By developing procedures for management program analysts 
to document the basis for their work authorization decisions, USCIS 
could help inform employees about which types of records were 
consulted in making decisions about contested TNCs and help minimize 
the potential for recurring erroneous nonconfirmations. 

USCIS and SSA have taken actions to prepare for a possible mandatory E-
Verify implementation, but they could be better positioned to ensure 
that SSA will be able to provide continuous E-Verify service and meet 
increased demands for system capacity in the future by developing a 
written service-level agreement. Further, by developing a life cycle 
cost estimate for E-Verify using the four characteristics of a 
reliable estimate, USCIS would be better positioned to make informed 
investment decisions, understand system affordability, and develop 
justifiable budget requests for future E-Verify use and potential 
mandatory implementation. Finally, by assessing the risk and 
uncertainty within SSA's E-Verify workload estimate, as well as the 
limitations associated with the assumptions used to create it, in 
accordance with best practices, SSA will be able to provide assurance 
to USCIS that it can provide the required level of support for E-
Verify operations. 

Recommendations for Executive Action: 

We are making the following eight recommendations: 

To reduce the likelihood of name-related erroneous TNCs for employees 
with multiple or hyphenated surnames, we recommend that the Director 
of USCIS disseminate information to employees, for example, through 
CRCL's instructional videos for employees, in DHS's A Guide to 
Naturalization, and at naturalization ceremonies, on the potential for 
name mismatches and how to record their names consistently when 
providing name information to employers, SSA, and DHS. 

To better target USCIS's education efforts and ensure employer 
compliance with the E-Verify program, we recommend that the Director 
of USCIS develop an analysis plan for the mastery test and use the 
analysis results to make fact-based decisions about whether and how to 
revise the test, the tutorial, or both. 

To ensure that employees have the ability to access and correct 
inaccuracies or inconsistencies in personal information within DHS 
databases that may have led to erroneous TNCs and minimize the 
potential for employees receiving repeated erroneous TNCs, we 
recommend that the Director of USCIS develop procedures that enable 
employees to access personal information and correct inaccuracies or 
inconsistent personal information in DHS databases. 

To improve the accuracy of the source data used to make employment 
eligibility decisions and decrease the potential for recurring 
erroneous nonconfirmations, we recommend that the Secretary of 
Homeland Security direct the heads of DHS components to coordinate 
with one another to develop procedures to correct inaccurate or 
inconsistent information in their records and systems that may have 
led to erroneous TNCs or FNCs. 

To decrease the potential for recurring erroneous nonconfirmations, we 
recommend that the Director of USCIS develop procedures for management 
program analysts to document the basis for their work authorization 
decisions. 

To help ensure that SSA will be able to meet the capacity demands of 
the E-Verify program and provide USCIS with continuous service in the 
future, we recommend that the Director of USCIS and the Commissioner 
of SSA finalize the terms of the service-level agreement that defines 
the requirements for SSA to establish and maintain the capacity and 
availability of its system components for E-Verify, including the 
steps needed to complete the agreement in a manner that is acceptable 
to both parties and a timeframe and milestones for its completion. 

To ensure that USCIS has a sound basis for making decisions about 
resource investments for E-Verify and securing sufficient resources to 
effectively execute defined program plans, we recommend that the 
Director of USCIS ensure that a life cycle cost estimate for E-Verify 
is developed in a manner that reflects the four characteristics of a 
reliable estimate consistent with best practices--comprehensive, well- 
documented, accurate, and credible. 

To ensure that SSA can accurately project costs associated with its E-
Verify workload, as well as estimates for potential mandatory 
implementation of E-Verify, we recommend that the Commissioner of SSA 
assess the risk and uncertainty within SSA's E-Verify workload 
estimate as well as the limitations associated with the assumptions 
used to create it, in accordance with best practices, to ensure that 
SSA can provide the required level of support to USCIS and E-Verify 
operations. 

Agency Comments and Our Evaluation: 

We provided a draft of this report to DHS and SSA for their review and 
comment. We received written comments from DHS, which are reprinted in 
appendix III. DHS generally concurred with the recommendations in this 
report and discussed actions it has underway or is planning to take in 
response to these recommendations. However, it is not clear to what 
extent these actions will fully address the intent of 3 
recommendations. DHS also provided us technical comments, which we 
incorporated as appropriate. 

To address the first recommendation that USCIS disseminate information 
to employees that name mismatches can result in erroneous TNCs and how 
to record their names consistently, DHS stated that it concurred and 
noted that on November 8, 2010, USCIS began to distribute the U.S. 
Citizenship Welcome Packet at all naturalization ceremonies to advise 
new citizens to update their records with SSA. As discussed in the 
report, USCIS also issued a contract for a study on name-related TNCs 
and included language in A Guide to Naturalization that advises newly 
naturalized citizens to update their records with SSA. USCIS plans to 
use the results from the study, expected in the third quarter of 
fiscal year 2011, to enhance its name matching algorithms and provide 
improved guidance to individuals who use the E-Verify system. These 
are useful steps toward reducing the likelihood of name-related 
erroneous TNCs, but do not fully address the intent of the 
recommendation because they do not specifically provide information to 
employees on how prevent a name-related TNC. Therefore, they still 
leave open the possibility that employees with multiple or hyphenated 
surnames will not consistently record their name on various 
authorizing documents when updating their records. Thus, we continue 
to encourage USCIS to provide information to employees on the 
importance of recording their names consistently. 

Regarding the second recommendation that USCIS develop an analysis 
plan for the E-Verify mastery test and use the analysis results to 
make decisions about whether and how to revise the test, the tutorial 
or both, USCIS concurred and commented that it began to analyze the 
mastery test results following a June 2010 mastery test revision, 
although it did not specifically mention when the analysis began. As 
discussed in the report, as of October 2010, USCIS officials reported 
that USCIS had not yet begun to analyze the mastery test results. 
Thus, since USCIS undertook this effort after we concluded our review 
of this issue in October 2010, we have not examined the extent to 
which USCIS's analytic approach fully addresses our recommendation. 

Regarding the third recommendation that USCIS develop procedures to 
enable employees to access personal information and correct 
inaccuracies or inconsistencies in such information within DHS 
databases, DHS stated that USCIS concurred. DHS stated that USCIS is 
piloting a process whereby USCIS staff assist employees who receive 
TNCs by submitting an electronic application to request a records 
update. USCIS's Verification Division Deputy Division Chief explained 
in a follow-up discussion that this pilot process is limited to a 
small number of individuals who contact USCIS regarding a TNC and also 
have a current application for an immigration benefit (such as an 
application for permanent residency). Therefore, employees receiving a 
DHS TNC who are not in the immigration benefit application process 
would not receive this type of assistance. USCIS also commented that 
individuals who call USCIS to resolve a DHS TNC are referred to local 
USCIS or CBP offices, and ports of entry, to correct records when 
inconsistent or inaccurate information is identified. Although such 
referrals provide employees the ability to access agencies that 
maintain personal information on them, USCIS does not have operating 
procedures in place for management program analysts to explain to 
employees what personal information produced the TNC or what specific 
steps they should take to correct the information. As noted in the 
report, DHS also stated that USCIS is developing an E-Verify Self-
Check program which will allow individuals to check their own work 
authorization status against SSA and DHS databases prior to applying 
for a job. While this should help individuals avoid receiving an 
erroneous TNC when they are hired for a job, it will not benefit newly 
hired employees who have already received such a TNC. We encourage 
USCIS to continue its efforts to develop procedures enabling employees 
to access and correct inaccurate and inconsistent personal information 
in DHS databases. 

Regarding the fourth recommendation that DHS components coordinate 
with one another to develop procedures to correct inaccurate or 
inconsistent information in their records and systems that may have 
led to erroneous TNCs or FNCs, DHS concurred. DHS noted, as stated in 
the report, that it will continue to work with its components to 
ensure that E-Verify provides the most accurate and up-to-date 
information on immigration status and that inaccuracies in various 
systems' source data are corrected. 

Regarding the fifth recommendation that USCIS develop procedures for 
documenting the basis for work authorization decisions, DHS concurred 
and stated, as noted in the report, that it plans to modify its 
standard operating procedures in fiscal year 2011 and its Status 
Verification System in fiscal year 2013 to facilitate documentation of 
work authorization decisions. Such action is consistent with the 
intent of the recommendation and should help decrease the potential 
for recurring erroneous nonconfirmations. 

To address the sixth recommendation that USCIS and SSA finalize the 
terms of the service-level agreement to help ensure that SSA will be 
able to meet the capacity demands of the E-Verify program and provide 
USCIS with continuous service, DHS stated that USCIS concurred and 
has, as noted in the report, drafted a service-level agreement that is 
under review at SSA. 

To address the seventh recommendation that USCIS ensure a life cycle 
cost estimate for the E-Verify program is developed in a manner that 
reflects the characteristics of a reliable cost estimate consistent 
with best practices, DHS stated that USCIS concurred and is in the 
process of finalizing a new life cycle cost estimate that meets such 
criteria. Such action should help ensure that DHS has a sound basis 
for making decisions about its E-Verify resource investment. 

We also received written comments from SSA, which are reprinted in 
appendix IV. SSA also agreed with the sixth recommendation that it 
complete a service-level agreement with USCIS and stated that it plans 
to have such an agreement in place by March 2011. However, SSA did not 
agree with the eighth recommendation that it assess the risk and 
uncertainty within its E-Verify workload estimates to ensure that SSA 
can provide the required level of support to USCIS and E-Verify 
operations. SSA stated that it routinely assesses the risk and 
uncertainty when developing assumptions for E-Verify workload 
estimates and administrative costs related to proposed legislation. 
SSA also stated that if E-Verify were to become mandatory, SSA would 
adapt its budget models and recalculate estimated costs based on the 
new projected workload volume. As discussed in the report, SSA does 
not conduct a risk and uncertainty analysis that uses statistical 
models to quantitatively determine the extent of variability around 
its cost estimate or identify the limitations associated with the 
assumptions used to create the estimate. As a result, we continue to 
believe that SSA should adopt this best practice for estimating risks 
to help it reduce the potential for experiencing cost overruns for E-
Verify. SSA also provided us technical comments, which we incorporated 
as appropriate. 

We also provided a copy of this draft to CRCL, OSC, ICE, and the 
Department of State. CRCL and OSC provided technical comments, which 
we incorporated as appropriate. ICE and the Department of State 
informed us that they had no comments. 

As agreed with your offices, unless you publicly announce the contents 
of this report earlier, we plan no further distribution until 30 days 
from the report date. At that time, we will send copies to the 
Secretary of Homeland Security, the Commissioner of the Social 
Security Administration, and other interested parties. The report also 
will be available at no charge on the GAO Web site at [hyperlink, 
http://www.gao.gov]. 

If you or your staff members have any questions about this report, 
please contact me at (202) 512-8777 or stanar@gao.gov. Contact points 
for our Offices of Congressional Relations and Public Affairs may be 
found on the last page of this report. GAO staff who made major 
contributions to this report are listed in appendix V. 

Signed by: 

Richard M. Stana: 
Director, Homeland Security and Justice Issues: 

[End of section] 

Appendix I: Objectives, Scope, and Methodology: 

You requested that we examine the Department of Homeland Security's 
(DHS) U.S. Citizenship and Immigration Services (USCIS) and the Social 
Security Administration's (SSA) operation of the E-Verify program and 
their efforts to address previously reported concerns. For this 
review, we examined the progress that USCIS and SSA have made since we 
last testified in June 2008. Specifically, we examined the extent to 
which: 

* USCIS has reduced the incidence of tentative nonconfirmations (TNC) 
and E-Verify's vulnerability to fraud, 

* USCIS has improved its ability to monitor employer noncompliance and 
ensure compliance with E-Verify program policies and procedures, 

* USCIS has provided safeguards for employees' personal information in 
E-Verify and enabled employees to correct inaccurate information, and: 

* USCIS and SSA have taken steps to prepare for mandatory E-Verify 
implementation. 

To determine the extent to which USCIS has reduced the incidence of 
TNCs and E-Verify's vulnerability to fraud, we analyzed reports on E- 
Verify issued by SSA's Office of the Inspector General, the Westat 
Corporation (Westat), USCIS's Ombudsman, and public policy think 
tanks, such as the Migration Policy Institute and the Center for 
Immigration Studies. We analyzed relevant legislation pertaining to E-
Verify, USCIS and SSA program documentation on enhancements made to 
the E-Verify program since we testified in June 2008, E-Verify 
standard operating procedures, indicators and goals for reducing both 
the TNC rate and identity fraud, performance measures for assessing 
system accuracy, statistics quantifying the reduction in TNCs and 
identity fraud as a result of enhancements made, and interagency 
agreements. We reviewed videos developed jointly by USCIS's 
Verification Division, the division overseeing the E-Verify program, 
and DHS's Office for Civil Rights and Civil Liberties (CRCL) on 
employee rights, and SSA documentation on its initiatives to assist 
employees with name and citizenship changes. We analyzed data on the 
results of E-Verify queries for fiscal year 2009. To determine whether 
the data were reliable, we interviewed senior E-Verify program 
officials from USCIS's Verification Division about their procedures 
for ensuring data quality in the transaction database, which stores E-
Verify queries, and senior SSA officials about their procedures for 
ensuring data quality in the Numerical Identification System 
(Numident), which stores information on all individuals in the United 
States with Social Security numbers. We questioned E-Verify program 
and SSA officials about the sources of the data and policies and 
procedures used to maintain the integrity of these data. We also 
analyzed the SSA's Office of the Inspector General's report on 
Numident data accuracy, and determined that its review provided 
sufficient assurance of the quality of those variables used in the E-
Verify process.[Footnote 68] Based on our analysis of the information 
obtained, we determined that USCIS's and SSA's E-Verify data were 
sufficiently reliable for reporting purposes. We interviewed senior 
officials from the State Department to discuss the agency's efforts to 
coordinate with USCIS on implementation of the photo matching tool and 
associated challenges with incorporating passport photographs into E- 
Verify. We interviewed officials from the American Association of 
Motor Vehicle Administrators to determine the extent to which USCIS 
has made progress in coordinating with the association to incorporate 
driver's license data and photographs into E-Verify and what 
challenges remain. We also reviewed the E-Verify evaluation conducted 
by Westat in December 2009, including Westat's methodology for 
collecting data from employers using E-Verify, and for estimating the 
percentage of unauthorized employees that E-Verify incorrectly 
confirmed as work eligible. Although the data were subject to various 
sources of error, which Westat acknowledged in its report, we believe 
Westat's approach was appropriate and produced a credible estimate 
given the limitations of the data. 

To determine the extent to which USCIS has improved its ability to 
monitor employer noncompliance and ensure compliance with E-Verify 
program policies and procedures, we analyzed E-Verify program 
documentation on enhancements made to the Monitoring and Compliance 
Branch since we testified in June 2008, including USCIS's efforts to 
develop new technology to assist the branch in better identifying 
trends in employer noncompliance and open additional regional offices 
to help oversee employer compliance with the program. We analyzed the 
branch's standard operating procedures for identifying employer 
noncompliance, its training plan for its monitoring and compliance 
analysts, and its plan for contacting noncompliant employers to 
address incidents of noncompliance with E-Verify policies and 
procedures. We reviewed USCIS's staffing model for the branch, as well 
as cost estimates for staffing the branch in fiscal years 2010 and 
2011. We analyzed the E-Verify tutorial that USCIS requires employers 
to complete before participating in E-Verify and the tutorial mastery 
test, as well as practices for evaluating the effectiveness of 
training and development programs. We reviewed documentation on other 
E-Verify educational activities available through the E-Verify Web 
site that USCIS conducts to assist employers with E-Verify compliance. 
We conducted interviews with senior E-Verify program officials at 
USCIS, senior officials at U.S. Immigration and Customs Enforcement 
(ICE), and senior officials at the Department of Justice's Office of 
Special Counsel for Immigration-Related Unfair Employment Practices 
(OSC) to determine what procedures have been put in place to address 
and sanction employer noncompliance with E-Verify program rules and 
the extent to which the agencies were coordinating with one another to 
address employer noncompliance. We also analyzed an interagency 
agreement between USCIS and ICE to determine the extent to which the 
agencies are coordinating to address noncompliance issues related to E-
Verify. 

To determine the extent to which USCIS provides safeguards for 
employees' personal information in E-Verify and enables employees to 
identify, access, and correct information in personal records that is 
incorrect or inconsistent, we reviewed the Fair Information Practice 
Principles adopted by the DHS Chief Privacy Officer and assessed the 
extent to which USCIS has addressed relevant principles within in E- 
Verify program. The principles we identified as relevant to E-Verify 
were Transparency, Individual Participation, Purpose Specification, 
Data Minimization, Use Limitation, Data Quality and Integrity, 
Security, and Accountability and Auditing. We analyzed USCIS's 
standard operating procedures for resolving DHS-related TNCs, and 
conducted interviews with privacy officials at USCIS to determine 
what, if any, limitations exist in resolving these TNCs. We analyzed 
USCIS's privacy impact assessments that were required by the E-
Government Act of 2002 and a system of records notice that was 
required by the Privacy Act of 1974. We analyzed SSA's processes for 
resolving TNCs and SSA's EV-STAR procedures to determine the impact 
these processes had employee nonconfirmations. We also interviewed 
senior officials at SSA to discuss SSA's processes for resolving TNCs 
and recording decisions in E-Verify. We analyzed an interagency 
agreement between USCIS and OSC to determine the extent to which the 
agencies are coordinating to address discrimination issues related to 
employer use of E-Verify. We reviewed educational and outreach 
resources provided to employees by OSC, USCIS, and CRCL to help them 
better understand their rights. We also interviewed officials from 
DHS's Privacy Office and CRCL and from OSC to discuss their roles and 
responsibilities for assisting employees in dealing with issues 
related to civil rights and civil liberties--specifically privacy and 
discrimination--and their efforts to coordinate with USCIS on these 
issues. 

To determine what steps USCIS and SSA have taken to prepare for 
mandatory E-Verify implementation, we reviewed and assessed USCIS's 
and SSA's system capacity requirements and life cycle cost estimates. 
To assess USCIS's and SSA's efforts to ensure that their information 
technology (IT) infrastructures are capable of supporting increased 
transaction volumes expected from a mandated E-Verify program, we 
obtained agency documentation that describes processes and procedures 
for managing and planning system capacity and availability, and 
compared these processes and procedures with widely accepted industry 
practices identified by the Software Engineering Institute.[Footnote 
69] We collected results of interagency tests of the E-Verify IT 
infrastructure, such as those that tested the workload expected if the 
use of E-Verify is mandated, to validate that both SSA's and the 
Verification Division's E-Verify systems were scalable to meet 
performance requirements for increased transaction volumes. We 
assessed the results of these tests to verify that the agencies were 
taking steps to ensure that their systems could successfully process 
increases in IT infrastructure demands. To ensure the reliability of 
the information we collected, we interviewed senior DHS and SSA 
officials who were knowledgeable about the E-Verify program and 
supporting IT infrastructure and discussed with them the agencies' 
capacity management and planning efforts. 

To determine the reliability of USCIS's and SSA's cost estimates, we 
analyzed the derivation of each cost estimate relative to 12 best 
practices as defined in our Cost Estimating and Assessment Guide. 
[Footnote 70] The 12 best practices are (1) define the estimate's 
purpose, (2) develop the estimating plan, (3) define the program's 
characteristics, (4) determine the estimating structure, (5) identify 
ground rules and assumptions, (6) obtain the data, (7) develop the 
point estimate and compare it to an independent cost estimate, (8) 
conduct sensitivity analysis, (9) conduct risk and uncertainty 
analysis, (10) document the estimate, (11) present the estimate to 
management for approval, and (12) update the estimate to reflect 
actual cost and changes. Our research has determined that these 12 
practices can be grouped into the following four characteristics: 
comprehensive, well-documented, accurate, and credible, and involve an 
assessment of the methodologies, assumptions, and source data used for 
the estimate. One analyst reviewed USCIS's and SSA's cost estimates to 
determine whether the characteristic was (1) not met if the agency 
provided no evidence that satisfied any portion of the criterion, (2) 
minimally met if the agency provided evidence that satisfied less than 
one-half of the criterion, (3) partially met if the agency provided 
evidence that satisfied about one-half of the criterion, (4) 
substantially met if the agency provided evidence that satisfied more 
than one-half of the criterion, and (5) met if the agency provided 
complete evidence that satisfied the entire criterion. That analyst 
assigned a value ranging from 1 to 5 indicating the extent to which 
the agencies met each best practice and averaged the values for the 
practices that were associated with each characteristic.[Footnote 71] 
A second analyst independently verified the results. We also 
interviewed program officials from both agencies responsible for the 
cost estimate about the estimate's derivation. 

We also reviewed SSA's E-Verify workload estimates, known as the 
fallout rate, and workload cost estimates to determine the impact of E-
Verify on SSA's current and future workloads. In doing so, we reviewed 
USCIS's and SSA's reimbursable agreement for SSA's operation of E-
Verify, which outlines SSA's responsibilities for operating E-Verify. 
To determine whether SSA's workload calculations were accurate and 
reliable, we interviewed senior SSA officials about their procedures 
for ensuring data quality in the SSA TNC database, which stores all 
SSA-related TNCs, and SSA's methodology for determining its workload 
based on data in the TNC database. We performed validation testing to 
determine that the records in this file contained adequate information 
to support SSA's calculations for its workload estimates. Based on our 
review, we determined that SSA's E-Verify workload estimates were 
sufficiently reliable for reporting purposes. 

To gain a better understanding of how E-Verify is being implemented at 
the state level and what users' experiences have been with 
implementing and operating E-Verify, we conducted site visits to 
Colorado, North Carolina, and Arizona. We chose these three states 
based on the length of time each state's E-Verify law had been in 
effect, the range of employer types covered by the law, and geographic 
dispersion.[Footnote 72] On these site visits we interviewed state 
officials responsible for operating E-Verify within their respective 
state and overseeing implementation of the state's E-Verify law. We 
interviewed representatives and employers from eight industry 
associations, representatives from eight immigrant advocacy groups, 
employers and representatives from four state and local chambers of 
commerce, and E-Verify users from two state universities to determine 
what opportunities and challenges exist with operating E-Verify and to 
gain their insight into some of the issues employers face in 
attempting to verify employment authorization. Because Arizona law 
makes local county attorneys partially responsible for overseeing and 
enforcing Arizona E-Verify laws, we met with officials from the 
Maricopa County Attorney's and Sheriff's Offices. We conducted in-
person and telephone interviews with local SSA regional and field 
office representatives in each state to learn about the effects of E-
Verify on SSA's field office workload. We conducted in-person and 
telephone interviews with ICE regional and field office staff to 
determine ICE's role in assisting USCIS with E-Verify education, 
outreach, and compliance. In Arizona, we met with local USCIS 
officials to discuss their efforts and coordination with ICE in 
helping the state implement its E-Verify law. We selected these 
offices based on several factors, including their proximity to the 
metropolitan areas we visited, the amount of time SSA field offices 
spent resolving E-Verify cases, and coordination between ICE and USCIS 
on outreach efforts. We selected the industry associations 
representing employers for interviews based on a mix of criteria, such 
as the type of industry and member use of E-Verify. We selected 
immigrant advocacy groups to interview based on recommendations 
obtained from the DHS's CRCL, the National Immigration Law Center, the 
National Council of La Raza, and the Service Employees International 
Union. While the views expressed by the representatives in these three 
states cannot be generalized to all states, industry associations, 
advocacy groups, and employers, they provided us with additional 
perspectives on the benefits and challenges associated with E-Verify 
program. 

We conducted this performance audit from June 2009 through December 
2010 in accordance with generally accepted government auditing 
standards. Those standards require that we plan and perform the audit 
to obtain sufficient, appropriate evidence to provide a reasonable 
basis for our findings and conclusions based on our audit objectives. 
We believe that the evidence obtained provides a reasonable basis for 
our findings and conclusions based on our audit objectives. 

Appendix II: The Fair Information Practice Principles: 

Based on the Privacy Act of 1974, the Fair Information Practice 
Principles are a framework adopted by the DHS Privacy Office that is 
used to govern the protection of personally identifiable information 
(PII) throughout DHS. Table 4 outlines the characteristics of each of 
the eight principles. 

Table 4: Fair Information Practice Principles: 

Principle: Transparency; 
Description: DHS should be transparent and provide notice to the 
individual regarding its collection, use, dissemination, and 
maintenance of PII. 

Principle: Individual Participation; 
Description: DHS should, to the extent practical, seek individual 
consent for the collection, use, dissemination, and maintenance of PII 
and should provide mechanisms for appropriate access, correction, and 
redress regarding DHS's use of PII. 

Principle: Purpose Specification; 
Description: DHS should specifically articulate the authority that 
permits the collection of PII and specifically articulate the purpose 
or purposes for which the PII is intended to be used. 

Principle: Data Minimization; 
Description: DHS should only collect PII that is directly relevant and 
necessary to accomplish the specified purpose(s) and only retain PII 
for as long as is necessary to fulfill the specified purpose(s). 

Principle: Use Limitation; 
Description: DHS should use PII solely for the purpose(s) specified in 
the notice. Sharing PII outside the department should be for a purpose 
compatible with the purpose for which the PII was collected. 

Principle: Data Quality and Integrity; 
Description: DHS should, to the extent practical, ensure that PII is 
accurate, relevant, timely, and complete, within the context of each 
use of the PII. 

Principle: Security; 
Description: DHS should protect PII (in all forms) through appropriate 
security safeguards against risks such as loss, unauthorized access or 
use, destruction, modification, or unintended or inappropriate 
disclosure. 

Principle: Accountability and Auditing; 
Description: DHS should be accountable for complying with these 
principles, providing training to all employees and contractors who 
use PII, and auditing the actual use of PII to demonstrate compliance 
with these principles and all applicable privacy protection 
requirements. 

Source: DHS. 

[End of table] 

[End of section] 

Appendix III: Comments from the Department of Homeland Security: 

US. Department of Homeland Security: 
Washington, DC 20528: 

December 8, 2010: 

Mr. Richard M. Stana: 
Director, Homeland Security and Justice: 
U.S. Government Accountability Office: 
441 G Street, N.W. 
Washington, DC 20548: 

RE: Draft Report GA0-11-146: Employment Verification: Federal Agencies 
Have Taken Steps to Improve E-Verify, but Significant Challenges 
Remain, (Job Code 440799): 

The Department of Homeland Security appreciates the opportunity to 
review and respond to the Government Accountability Office (GAO) 
subject report. We are encouraged by GAO's positive findings on the E-
Verify Program, particularly our gains in the following areas: 

* U.S. Citizenship and Immigration Services (USCIS) has reduced the 
incidence of Tentative Nonconfirmations (TNCs) and E-Verify's 
vulnerability to fraud. There was a 5.4 percentage point decrease in 
TNCs between fiscal year (FY) 2007 and FY 2009. 

* USCIS has improved its ability to monitor and ensure employer 
compliance with E-Verify Program policies and procedures. Since GAO's 
testimony in 2008, USCIS has increased staffing levels for monitoring 
and compliance functions of E-Verify, including expansion into a field 
office in Buffalo, NY, and, in FY 2011, the opening of a second field 
office in Lincoln, NE. In FY 2010, USCIS monitored and provided E-
Verify compliance assistance to more than 16,000 employers suspected 
of noncompliance. This exceeded the FY 2010 target for contacting 2 
percent of all enrolled employers. 

* USCIS has provided safeguards for employees' personal information in 
E-Verify and enabled employees to correct inaccurate information. 
USCIS Verification Division has its own Privacy Branch dedicated to 
privacy issues. In June 2010, USCIS updated E-Verify to mask Social 
Security Numbers (SSNs) when entered into E-Verify. USCIS provides 
information to employers on safe handling of Personally Identifiable 
Information (PII). The responsibility to safely handle PII is covered 
in both the mandatory online tutorial and E-Verify user manual. The E-
Verify Web site [hyperlink, http://www.dhs.gov/E-Verify] has a section 
on privacy principles and provides an overview in eight foreign 
languages on how an individual's PII is used and stored in E-Verify. 
In spring 2011, USCIS plans to launch a Self Check feature that 
enables individuals to check their work authorization status online 
and provides them with instructions on how to update their records. In 
FY 2010, USCIS launched a number of employee rights initiatives 
including an employee hotline and multilingual videos on employee 
rights and responsibilities produced in partnership with the DHS 
Office of Civil Rights and Civil Liberties. Furthermore. USCIS signed 
a Memorandum of Agreement with the Department of Justice's Office of 
Special Counsel for Unfair Immigration-Related Employment Practices to 
establish procedures for discrimination case referrals. 

* USCIS and SSA have taken steps to prepare for mandatory E-Verify 
implementation. In partnership with SSA, USCIS has used widely 
accepted industry practices to effectively manage the E-Verify System 
capacity and availability. USCIS is also in the process of developing 
a written service-level agreement with SSA. 

USCIS recognizes there are still opportunities for continued success 
as the E-Verify Program continues to expand and grow. USCIS concurs 
with all of GAO's recommendations and can also report that it is 
taking significant steps toward addressing each of them. USCIS's 
response follows: 

Recommendation 1: To reduce the likelihood of name-related erroneous 
TNCs for employees with multiple or hyphenated surnames, we recommend 
that the Director of USCIS disseminate information to employees, DHS's 
Naturalization Guide, and naturalization ceremonies, on the potential 
for name mismatches and how to record names consistently when 
providing name information to employers, SSA and DHS. 

Response: USCIS concurs with this recommendation. USCIS is working 
with an independent research and evaluation firm to conduct a special 
study on name-related TNCs. The study, "Evaluation of the Accuracy of 
E-Verify Findings" will be completed in the 3" quarter of FY 2011 and 
is focusing on the impact of name and date of birth mismatches on 
TNCs. USCIS plans to use the study's findings to develop better name 
matching algorithms and provide enhanced helper text for users. 

USCIS has included language in the Guide to Naturalization 
recommending that newly-naturalized citizens update their records with 
SSA. Page 39 states, "We strongly recommend that you go to your 
nearest Social Security Administration (SSA) office to update your 
Social Security record soon after your naturalization ceremony. This 
is important because your Social Security record will be used to 
establish eligibility for benefits and to demonstrate authorization to 
work. The nearest SSA office can be found by calling 1-800-772-1213 or 
at [hyperlink, http://www.socialsecurity.gov]." The Guide to 
Naturalization also advises a newly-naturalized citizen to visit SSA 
if he or she changed his or her name at the oath ceremony and the 
Certificate of Naturalization does not show their old and new names. 
Furthermore, it recommends which documents the new citizen needs to 
present to SSA to complete the name change. 

In addition, on November 8, 2010, USCIS began an initiative to 
distribute the U.S. Citizenship Welcome Packet to newly-naturalized 
citizens at all naturalization ceremonies (both administrative and 
judicial). This packet specifically advises that each new citizen go 
to a local SSA office to update his or her Social Security record soon 
after the naturalization ceremony. 

Recommendation 2: To better target USCIS's education efforts and 
ensure employer compliance with the E-Verify Program, we recommend 
that the Director of USCIS develop an analysis plan for the mastery 
test and use the analysis results to make fact-based decisions about 
whether and how to revise the test, the tutorial, or both. 

Response: USCIS concurs with this recommendation. The E-Verify mastery 
test is required for all new employers after they have completed the 
mandatory online tutorial. USCIS began analyzing the mastery test 
results following a June 2010 mastery test revision to assess what 
questions may need revision and to determine what concepts may require 
greater explanation. USCIS identified three questions needing revision 
and plans to make corresponding changes in E-Verify release 6.0. 
scheduled for 2011. The analysis will be an ongoing effort, and we 
will continue to monitor reports to determine changes for future 
releases. 

Recommendation 3: To ensure that employees have the ability to access 
and correct inaccuracies or inconsistencies in personal information 
within DHS databases that may have led to erroneous TNCs and minimize 
the potential for employees receiving repeated erroneous TNCs, we 
recommend that the Director of USCIS develop procedures that enable 
employees to access personal information and correct inaccuracies or 
inconsistent personal information in DHS databases. 

Response: USCIS concurs with this recommendation. As noted in the 
report, USCIS and other DHS Components have regulatory processes 
available for the review and correction of personal information under 
the Privacy Act. However, USCIS recognizes that these processes may 
need to be supplemented by methods specifically designed for the needs 
of E-Verify users. USCIS is developing the E-Verify Self Check service 
that addresses the recommendation made by GAO. E-Verify Self Check 
will be a free, Web-based service that allows individuals to check 
their own work authorization status against SSA and DHS databases. If 
a mismatch occurs the user will be notified of the mismatch and given 
directions on how to rectify the issue (e.g., visit an SSA field 
office, contact DHS). To conduct a "self check," users will be 
required to first go through an identity assurance process to ensure 
that the correct person is accessing his or her work authorization 
status. 

USCIS plans to deploy E-Verify Self Check in spring 2011 through a 
phased pilot implementation process. Based on the results of the 
pilot, USCIS will consider expanding E-Verify Self Check to more users 
as early as 2013. 

In addition to the future Self Check feature, employees with TNCs who 
contact USICS are referred to local USCIS offices, Customs and Border 
Protection (CBP) offices, and Ports of Entry to correct records when 
they identify errors or inconsistencies. For USCIS system 
inconsistencies, employees may make an appointment via the Infopass 
system to visit the local office and have their records reviewed and 
updated, if appropriate. Additionally, we are currently piloting a 
process whereby USCIS staff assist employees who receive TNCs by 
submitting an electronic application through the "Service Request 
Management Tool" (SRMT) to request a records update. 

Finally, USCIS will work with internal and external stakeholders to 
improve quality assurance on the source data that USCIS uses to 
determine employment authorizations. 

Recommendation 4: To improve the accuracy of the source data used to 
make employment eligibility decisions and decrease the potential for 
recurring erroneous nonconfirmations, we recommend that the Secretary 
of Homeland Security direct the heads of DHS components to coordinate 
with one another to develop procedures to correct inaccurate or 
inconsistent information in their records and systems that may have 
led to an erroneous TNCs of FNCs. 

Response: DHS concurs with this recommendation and will continue to 
work with the components to ensure that data is transmitted or made 
available to the E-Verify program that provides the most accurate and 
up-to-date information on immigration status. As noted in the report, 
the E-Verify program has created a Database Integrity Unit that is 
tasked with identifying and facilitating the correction of erroneous 
information contained in DHS component databases. Additionally. The 
DHS Office of Policy, Screening Coordination Office (SCO) works with 
USCIS, CBP, and US-VISIT to establish links between the Verification 
Information System (VIS) and Arrival Departure Information System 
(ADIS) and I-94W automated systems to provide real time arrival data 
to USCIS. DHS/SCO has also been working with USCIS and ICE on the 
upgrades to the Student and Exchange Visitor Information System 
(SEVIS) data which when completed will provide more accurate 
information to USCIS on student status. DHS will continue to work 
closely with the components to ensure that correct and accurate 
information is transmitted or made available to the E-Verify program 
and that inaccuracies in the various systems are corrected. 

Recommendation 5: To decrease the potential for recurring erroneous 
nonconfirmations, we recommend that the Director of USCIS develop 
procedures for management program analysts to document the basis for 
their work authorization decisions. 

Response: USCIS concurs with this recommendation. USCIS plans to re-
engineer our Status Verification System (SVS), which is used to track 
and manage TNCs, so that Status Verifiers can document the basis for 
their work authorization decisions. SVS's re-engineering 
implementation will occur in FY 2013. As noted by GAO, USCIS will 
implement procedures to address this through the use of a comment box 
and will update Standard Operating Procedures (SOPs) to require this 
documentation by the second quarter of FY 2011. 

Recommendation 6: To help ensure that SSA will be able to meet the 
capacity demands of the E-Verify Program and provide USCIS with 
continuous service in the future, we recommend that the Director of 
USCIS and the Commissioner of SSA finalize the terms of the service-
level agreement that defines the requirements for SSA to establish and 
maintain the capacity and availability of its system components for E-
Verify, including the steps needed to complete the agreement in a 
manner that is acceptable to both parties and a timeframe and 
milestones for its completion. 

Response: USCIS concurs with this recommendation and has drafted a 
service-level agreement that is under review at SSA. 

Recommendation 7: To ensure that USCIS has a sound basis for making 
decisions about resource investments for E-Verify and securing 
sufficient resources to effectively execute defined program plans, we 
recommend that the Director of USCIS ensure that a life cycle cost 
estimate for the E-Verify is developed in a manner that reflects the 
four characteristics of a reliable estimate consistent with best 
practices-comprehensive, well-documented, accurate, and credible. 

Response: USCIS concurs with this recommendation. The current Life 
Cycle Cost Estimate (LCCE) met three of four characteristics of a 
reliable cost estimate and partially met one characteristic. USCIS is 
in the process of finalizing a new Life Cycle Cost Estimate (LCCE) 
that meets GAO criteria and is based on the Systems Engineering 
Lifecycle (SELC) process. 

The Department appreciates the opportunity to comment on the draft 
report. In addition to this response, technical comments have been 
provided under a separate cover. 

Sincerely, 

Signed by: 

H. W. Couch, Jr. 
Deputy Director: 
Departmental GAO/OIG Liaison Office: 

[End of section] 

Appendix IV: Comments from the Social Security Administration: 

Social Security: 
Social Security Administration: 
Baltimore, MD 21235-0001: 

December 10, 2010: 

Mr. Richard M. Stana: 
Government Accountability Office: 
Director, Homeland Security and Justice: 
441 G. Street, N.W. 
Washington. D.C. 20548: 

Dear Mr. Stana: 

Thank you for the opportunity to review the Government Accountability 
Office (GAO) draft report, "Employment Verification: Federal Agencies 
Have Taken Steps to Improve E-Verify. But Significant Challenges 
Remain" (GAO-1 1-146). Our comments on the report are enclosed.
If you have any questions, please contact me or have your staff 
contact Rebecca Tothero, Acting Director. Audit Management and Liaison 
Staff at (410) 966-6975. 

Sincerely, 

Signed by: 

Dean S. Landis: 
Deputy Chief of Staff: 

Enclosure: 

[End of letter] 

Comments On The Government Accountability Office (GAO) Draft Report. 
"Employment Verification: Federal Agencies Have Taken Steps To Improve 
&Verify, But Significant Challenges Remain" (GA0-11-146): 

Thank you for the opportunity to review the subject report. We offer 
the following responses to your recommendations and technical comments. 

Recommendation: 

"To help ensure that SSA will be able to meet the capacity demands of 
the E-Verify program and provide USCIS with continuous service in the 
future, we recommend that the Director of the USCIS and the 
Commissioner of SSA finalize the terms of the service-level agreement 
that defines the requirements for SSA to establish and maintain the 
capacity and availability of its system components for E-Verify, 
including the steps needed to complete the agreement in a manner that 
is acceptable to both parties and a timeframe and milestones for its 
completion." 

Response: 

We agree. We are developing an E-Verify service-level agreement with 
the United States Citizenship and Immigration Services (USCIS) and 
expect to have it in place by March 2011. 

Recommendation: 

"To ensure that SSA can accurately project costs associated with its E-
Verify workload, as well as estimates for potential mandatory 
implementation of E-Verify, we recommend that the Commissioner of SSA 
assess the risk and uncertainty within SSA's E-Verify workload 
estimate as well as the limitations associated with the assumptions 
used to create it, in accordance with best practices, to ensure that 
SSA can provide the required level of support to USCIS and E-Verify 
operations." 

Response: 

We disagree with the implication that we do not assess the risk and 
uncertainty within our E-Verify workload estimates. We routinely 
assess the risk and uncertainty when developing assumptions for E-
Verify workload estimates and administrative cost estimates related to 
proposed legislation. We understand that E-Verify workloads may grow 
and that they would grow substantially with mandatory implementation 
of E-Verify. If there is mandatory implementation of E-Verify, USCIS 
would provide us with revised estimated workloads. We would adapt our 
budget models quickly and re-calculate estimated costs based on the 
new projected volume. 

[End of section] 

Appendix V: GAO Contact and Staff Acknowledgments: 

GAO Contact: 

Richard M. Stana, (202) 512-8777 or stanar@gao.gov: 

Staff Acknowledgments: 

In addition to the contact named above, Evi Rezmovic, Assistant 
Director, and Sara Margraf, Analyst-in-Charge, managed this 
assignment. Blake Ainsworth, David Alexander, Tonia Brown, Frances 
Cook, Marisol Cruz, John de Ferrari, Julian King, Linda Miller, 
Danielle Pakdaman, David Plocher, Karen Richey, Robert Robinson, 
Douglas Sloane, Stacey Steele, Desiree Thorp, Vanessa Taylor, Teresa 
Tucker, and Ashley Vaughan made significant contributions to the 
report. 

[End of section] 

Footnotes: 

[1] The Illegal Immigration Reform and Immigrant Responsibility Act, 
as amended, Pub. L. No. 104-208, div. C, §§ 401-404, 110 Stat. 3009-
546, 3009-655 to -665 (1996),required the former U.S. Immigration and 
Naturalization Service (whose E-Verify responsibilities were taken 
over by USCIS) and SSA to operate E-Verify allowing employers to 
electronically verify an employee's eligibility to work. 

[2] See Federal Acquisition Regulation (FAR) subpt. 22.18. As of 
September 8, 2009, with certain exceptions, federal contracting 
officers are to include the E-Verify requirements in federal prime 
contracts above $100,000 and require such prime contractors to include 
the E-Verify requirements in certain subcontracts. The FAR employment 
eligibility verification contract clause (FAR § 52.222-54) also 
includes specified exceptions, such as one permitting institutions of 
higher education and state and local governments to verify only new 
hires working directly under the contract. 

[3] GAO, Immigration Enforcement: Weaknesses Hinder Employment 
Verification and Worksite Enforcement Efforts, [hyperlink, 
http://www.gao.gov/products/GAO-05-813] (Washington, D.C.: Aug. 31, 
2005). 

[4] GAO, Employment Verification: Challenges Exist in Implementing a 
Mandatory Electronic Employment Verification System, [hyperlink, 
http://www.gao.gov/products/GAO-08-895T] (Washington, D.C.: June 10, 
2008). 

[5] A TNC occurs when an employee's information is compared 
electronically to government records, and SSA cannot match this 
information to confirm that the employee is eligible for work in the 
United States. Employees who believe their TNCs were errors must 
contact either SSA or USCIS to resolve the situation if they wish to 
continue their employment. 

[6] Westat Corporation, Findings of the E-Verify Program Evaluation 
(Rockville, Md., December 2009). 

[7] USCIS's transaction database stores information on E-Verify 
transactions and SSA's Numident stores information on individuals with 
Social Security numbers. 

[8] Software Engineering Institute, CMMI for Services, Version 1.2 
(Pittsburgh, Pa., February 2009). The Software Engineering Institute 
is a nationally recognized, federally funded research and development 
center established at Carnegie Mellon University to address software 
engineering practices. 

[9] GAO, GAO Cost Estimating and Assessment Guide: Best Practices for 
Developing and Managing Capital Program Costs, [hyperlink, 
http://www.gao.gov/products/GAO-09-3SP] (Washington, D.C.: March 
2009), 8-13. 

[10] We selected the eight associations and four chambers of commerce 
based on industry type and members' use of E-Verify, the eight 
immigrant advocacy groups based on recommendations obtained from 
several governmental and nongovernmental organizations, and the two 
state universities based on their use of E-Verify and proximity to the 
metropolitan areas we visited. 

[11] Pub. L. No. 99-603, § 101(a)(1), 100 Stat. 3359, 3360-72 
(codified as amended at 8 U.S.C. § 1324a). 

[12] There are 26 documents that are acceptable for the employment 
verification process. Six of these documents establish both identity 
and employment eligibility (e.g., U.S. passport or permanent resident 
card); 12 documents establish identity only (e.g., driver's license); 
and 8 documents establish employment eligibility only (e.g., Social 
Security card without the legend "Not Valid for Employment"). For 
verification purposes, employees may present either a single document 
from the first category or a combination of two documents, one from 
the identity category and one from the employment eligibility 
category. Employers who participate in E-Verify, however, must agree 
that if an employee presents a document from the identity-only 
category, they only will accept such a document if it contains a 
photograph. 

[13] Employers may choose to register for E-Verify by deciding to use 
E-Verify at individual worksites or by limiting the use of E-Verify to 
certain locations, such as a company's headquarters. Employers may 
also contract the use of E-Verify to an independent designated agent, 
to act on their behalf to verify the employment eligibility of their 
newly hired employees. Companies have the option to extract 
information from their existing human resources or payroll systems and 
transmit those data to E-Verify to verify employment authorization. 

[14] Federal contractors have 90 days from the date they enroll with E-
Verify to initiate verification queries on all newly hired employees 
and existing employees assigned to a federal contract. After this 90-
day phase-in period, federal contractors are required to initiate 
verification of each newly hired employee within 3 business days after 
the employee's start date. 

[15] Numident is a repository of personal information on individuals 
who have a Social Security number. This information includes the 
number holder's name, date of birth, place of birth, parents' names, 
citizenship status as recorded by SSA, date of death (if applicable), 
and the office where the Social Security number application was 
processed and approved. 

[16] TECS is an updated and modified version of the former Treasury 
Enforcement Communications System. 

[17] USCIS is the agency responsible for reviewing and approving or 
denying applications for lawful employment in the United States as 
well as applications for U.S. citizenship. 

[18] Noncitizens who are not permanent residents but still eligible to 
work in the United States, such as holders of certain kinds of visas 
that include employment eligibility, generally need to obtain an 
employment authorization document from USCIS prior to seeking 
employment. 

[19] A TNC may take some time to resolve after the employee has 
initiated contact with SSA or DHS. An employee is not to receive a FNC 
or be terminated from employment until SSA or DHS respond to the TNC 
inquiry. 

[20] Department of Homeland Security Appropriations Act of 2010, Pub. 
L. No. 111-83, § 547, 123 Stat. 2142, 2164-65, 2177 (2009). 

[21] Westat collected information via Web and onsite surveys of 
employers, in-person surveys of employees processed through the E- 
Verify system, a stakeholder conference, and interviews with federal 
employees and contractors. 

[22] To determine that USCIS had reduced its erroneous TNC rate, 
Westat compared data in the transaction database from April through 
June 2005 with data from April through June 2008. 

[23] Social Security Administration, Office of the Inspector General, 
The Social Security Administration's Implementation of the E-Verify 
Program for New Hires, A-03-09-29154 (Baltimore, Md., Jan. 6, 2010). 

[24] According to SSA, of the 1,713 new hires identified by the OIG as 
requiring verification through E-Verify, not all were required to be 
verified per E-Verify policy, specifically, those transfers from other 
federal agencies, reemployed annuitants, returning students, and 
military hires. According to SSA, after deducting these hires from the 
1,713, only 1,314 required verification. SSA reported that it verified 
the 1,314 employees in March 2010. 

[25] USCIS has also taken steps to help naturalized citizens better 
resolve TNCs. For example, in May 2008, USCIS developed a process to 
allow naturalized citizens to directly resolve their SSA TNCs with 
DHS. Almost 94 percent of employees who received an SSA TNC for a 
citizenship mismatch from October 2009 through August 31, 2010, have 
chosen to resolve their TNC by calling DHS. USCIS reported that 94 
percent of employees who called USCIS after receiving an SSA TNC were 
determined to be work eligible. 

[26] According to OSC, it has also worked with USCIS to help educate 
new citizens about the need to update their information with SSA. 

[27] E-Verify program officials stated that the 60 million projection 
is based on the approximate number of individuals that U.S. employers 
hire each year. 

[28] E-Verify program officials told us that the agency contracted 
with Westat in 2008 to conduct a study on the impact of complex names 
on the name-matching process to determine the frequency of erroneous 
TNCs attributable to name mismatches and whether they constituted a 
serious problem and, if so, to identify possible corrective actions. 
USCIS expects to receive Westat's final report in fiscal year 2011. 

[29] We did not specifically inquire about name-related TNCs in all of 
our meetings with employers and therefore do not know how many, if 
any, of the remaining 20 employers also believed that TNCs were more 
likely to occur with certain Hispanic employees. 

[30] According to CRCL, the E-Verify videos are distributed through a 
variety of sources, including by CRCL during community engagement and 
speaking events; USCIS through its Web site, during outreach events, 
and upon request from the public; and OSC upon request from the public 
and during outreach events. CRCL has drafted a plan to further 
distribute these videos to a variety of stakeholders, including 
private sector groups and nongovernmental organizations, but did not 
provide a time frame for when it will start distribution. 

[31] GAO, Standards for Internal Control in the Federal Government, 
[hyperlink, http://www.gao.gov/products/GAO/AIMD-00-21.3.1] 
(Washington, D.C.: November 1999). 

[32] USCIS has established a goal to strengthen the security and 
integrity of the E-Verify program by ensuring data accuracy. 

[33] GAO has previously reported on the risks associated with the use 
of fraudulent documents and agencies actions to address them. See GAO, 
Border Security: Better Usage of Electronic Passport Security Features 
Could Improve Fraud Detection, [hyperlink, 
http://www.gao.gov/products/GAO-10-96] (Washington, D.C.: Jan. 22, 
2010), and State Department: Undercover Tests Show Passport Issuance 
Process Remains Vulnerable to Fraud, [hyperlink, 
http://www.gao.gov/products/GAO-10-922T] (Washington, D.C.: July 29, 
2010). 

[34] According to officials at the American Association of Motor 
Vehicle Administrators, this pilot automates motor vehicle document 
verification between motor vehicle agencies and the E-Verify user. 
This pilot does not include the use of driver's license photographs. 
The program is designed to allow E-Verify employers to verify a new 
employee's driver's license, permit, or state-issued identification 
card directly with the issuing agency, and E-Verify is to send 
information back to the employer on whether the submitted information 
matches the motor vehicle agency's data. 

[35] According to USCIS, a locked Social Security number would halt 
any attempt by participating E-Verify employers to verify an 
employee's Social Security number through E-Verify if the employee 
notifies USCIS that his or her identity has been stolen and can 
provide supporting documentation to USCIS. 

[36] [hyperlink, http://www.gao.gov/products/GAO-05-813]. 

[37] The six behaviors are (1) multiple use of the same Social 
Security number across all E-Verify transactions, including use of the 
same Social Security numbers to fraudulently obtain information using 
various biographic information; (2) employer failure to use E-Verify 
after registering with the program; (3) employer termination of an 
employee who receives a TNC; (4) employer failure to perform 
verification within 3 business days of hire; (5) employer verification 
of existing employees; and (6) employer verification of employees 
hired prior to 1986. USCIS identified employer discrimination based on 
citizenship as a seventh behavior for Monitoring and Compliance Branch 
staff to examine, but this has not yet been implemented. 

[38] Since we reported in June 2008, USCIS has adjusted its goal from 
contacting 6 percent of registered employers to contacting 2 percent 
of worksites. E-Verify program officials said that monitoring 
worksites rather than employers enables USCIS to focus on the actual 
users of E-Verify, because an employer can have multiple worksites, 
and responsibility for running new hires through E-Verify could be 
decentralized such that individual worksites are responsible for 
verifying the employment eligibility of their own employees. 

[39] In June 2009, USCIS deployed the Compliance Tracking and 
Management System to serve as its central repository of information 
about incidents of noncompliant employer behavior. 

[40] This guidance includes, among other things, the E-Verify User 
Manual, E-Verify Quick Reference Guide, E-Verify User Manual for 
Federal Contractors, and the E-Verify MOU. USCIS has also developed an 
E-Verify compliance and self-audit tool to assist participating 
employers in better understanding and complying with E-Verify user 
requirements. 

[41] In 2007 Westat made 10 recommendations to USCIS to revise the 
tutorial, and 8 recommendations to USCIS to enhance the user 
friendliness of its E-Verify employer educational materials. USCIS 
reported that it has addressed 10 recommendations, 4 of these 
recommendations with the release of the new E-Verify tutorial in June 
2010, and 3 of these recommendations by simplifying and streamlining E-
Verify data entry, system navigation, and the process by which 
employers resolve cases. USCIS reported that it has plans in place to 
address 3 recommendations from 2011 through 2012 and does not have a 
timeline for addressing the 4 additional recommendations. 

[42] GAO, Aviation Security: Efforts to Validate TSA's Passenger 
Screening Behavior Detection Program Underway, but Opportunities Exist 
to Strengthen Validation and Address Operational Challenges, 
[hyperlink, http://www.gao.gov/products/GAO-10-763] (Washington, D.C.: 
May 20, 2010), and Human Capital: A Guide for Assessing Strategic 
Training and Development Efforts in the Federal Government, 
[hyperlink, http://www.gao.gov/products/GAO-04-546G] (Washington, 
D.C.: March 2004). 

[43] In June 2010, USCIS completed its Registration Re-engineering 
Initiative, an effort designed to validate the authenticity of E-
Verify users by comparing employer information provided during the 
registration process with employer information in a commercial 
database. 

[44] Westat cited this as an issue, reporting that approximately 16 
percent of surveyed employers in 2006 and 10 percent of surveyed 
employers in 2008 indicated that they had E-Verify system users on 
staff who had not completed the tutorial. 

[45] As of August 31, 2010, USCIS reported that it had completed one 
site visit. 

[46] USCIS must rely on OSC to investigate, sanction, and prosecute 
employers that violate the antidiscrimination provision of IRCA. 

[47] Of the 444 criminal arrests in fiscal year 2009, 114 were arrests 
of employers and management officials and 330 were arrests of workers. 
As of August 30, 2010, ICE had made 397 criminal arrests--165 of 
employers and management officials and 232 of workers--and obtained 
270 indictments as a result of worksite enforcement-related 
investigations. 

[48] ICE officials said they opened an investigation in one case, but 
lacked sufficient evidence to prove wrongdoing. ICE officials said 
that ICE decided not to open investigations for the other two cases 
because each was limited to a single incident of document fraud. 

[49] The Fair Information Practice Principles adopted by DHS are a 
revision of principles, called the Fair Information Practices, first 
proposed by a U.S. government advisory committee. See Department of 
Health, Education, and Welfare, Records, Computers and the Rights of 
Citizens: Report of the Secretary's Advisory Committee on Automated 
Personal Data Systems (July 1973). 

[50] The privacy notices included several privacy impact assessments, 
which are required by the E-Government Act of 2002 and system of 
records notices, which are required by the Privacy Act of 1974. 

[51] Department of Homeland Security, 2009 Annual Freedom of 
Information Act Report to the Attorney General of the United States, 
October 1, 2008-September 30, 2009 (Washington, D.C., February 2010). 

[52] Department of Homeland Security, Privacy Policy Guidance 
Memorandum 2008-01 (Dec. 29, 2008). 

[53] USCIS reported that it plans to deploy a self-check initiative in 
spring 2011 to provide individuals a tool for verifying their 
employment eligibility outside of the hiring process and an 
opportunity to proactively correct outdated or incorrect information 
in SSA or DHS databases prior to applying for a job. 

[54] OSC is the office responsible for enforcing the 
antidiscrimination provision of the Immigration and Nationality Act, 
which prohibits discrimination in hiring, firing, recruitment or 
referral for a fee based on citizenship or immigration status or 
national origin, along with discriminatory practices in the employment 
eligibility verification process and retaliation. 

[55] According to USCIS, it has TNC letters in Spanish, Haitian-
Creole, Japanese, Korean, Chinese, Vietnamese, Russian, and Tagalog. 

[56] Department of Homeland Security, Privacy Policy Guidance 
Memorandum 2008-01. 

[57] GAO, Results-Oriented Government: Practices That Can Help Enhance 
and Sustain Collaboration among Federal Agencies, [hyperlink, 
http://www.gao.gov/products/GAO-06-15] (Washington, D.C.: Oct. 21, 
2005). 

[58] The USCIS data did not break out the number of TNCs for foreign- 
born versus U.S-born employees. Therefore, we were unable to determine 
the extent to which foreign-born employees were more likely to receive 
erroneous TNCs compared to U.S.-born employees. 

[59] Senior CRCL officials told us that CRCL is now referring to these 
assessments as civil rights and civil liberties impact assessments 
because their review addresses concerns related both civil rights and 
civil liberties. 

[60] From October 2009 through February 2010, OSC reported that it had 
referred 17 instances of nondiscriminatory employer misuse of E-Verify 
to USCIS. 

[61] According to OSC, in fiscal year 2010, it handled 992 E-Verify- 
related hotline calls (or 14 percent of total hotline calls). 

[62] There are additional established practices for maintaining system 
capacity and availability. We identified the six practices discussed 
above by obtaining agency documentation that describes USCIS and SSA 
processes and procedures for managing and planning system capacity and 
availability and compared them with the practices established by the 
Software Engineering Institute. 

[63] GAO, Computer Operations: FAA Needs to Implement an Effective 
Capacity Management Program, [hyperlink, 
http://www.gao.gov/products/GAO/IMTEC-92-2] (Washington, D.C.: Nov. 
27, 1991). 

[64] Booz Allen/Hamilton, Independent Assessment of the E-Verify 
Architecture (Washington, D.C., Feb. 8, 2008). 

[65] The Project Management Institute, The Standard for Program 
Management© (Newton Square, Pa., 2006). 

[66] OMB Circular No. A-11, Preparation, Submission, and Execution of 
the Budget; OMB Circular No. A-130 Revised, Management of Federal 
Information Resources (Nov. 28, 2000); and Office of Management and 
Budget, Capital Programming Guide: Supplement to Circular A-11, Part 
7, Preparation, Submission, and Execution of the Budget (Washington, 
D.C., June 2006). 

[67] If this were to occur, either USCIS would be responsible for 
providing additional funds for SSA to continue E-Verify operations or 
SSA would have to limit the amount of service its provides to USCIS 
until a new reimbursable agreement is developed or additional funds 
become available. 

[68] Social Security Administration, Office of the Inspector General, 
Accuracy of the Social Security's Numident File, A-08-06-26100 
(Baltimore, Md., Dec. 8, 2006). 

[69] Software Engineering Institute, CMMI for Services, Version 1.2 
(Pittsburgh, Pa., February 2009). The Software Engineering Institute 
is a nationally recognized, federally funded research and development 
center established at Carnegie Mellon University to address software 
engineering practices. 

[70] [hyperlink, http://www.gao.gov/products/GAO-09-3SP], 8-13. 

[71] We scored best practice on a scale from 1 to 5 where not met 
equaled 1, minimally met equaled 2, partially met equaled 3, 
substantially met equaled 4, and met equaled 5. 

[72]In Colorado, state law requires state contractors to certify that 
they will use E-Verify or a state operated Department Program as an 
alternative to E-Verify for new hires performing work under a state 
contract for services. In North Carolina, state law requires state 
agencies, institutions, colleges, and local education agencies to use 
E-Verify on all employees hired on or after January 1, 2007 (or March 
1, 2007, in the case of local education agencies). In Arizona, state 
law requires all employers, whether public or private, to use E-Verify 
to verify new hires. 

[End of section] 

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each 
weekday, GAO posts newly released reports, testimony, and 
correspondence on its Web site. To have GAO e-mail you a list of newly 
posted products every afternoon, go to [hyperlink, http://www.gao.gov] 
and select "E-mail Updates." 

Order by Phone: 

The price of each GAO publication reflects GAO’s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO’s Web site, 
[hyperlink, http://www.gao.gov/ordering.htm]. 

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537. 

Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional 
information. 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: 
E-mail: fraudnet@gao.gov: 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Ralph Dawn, Managing Director, dawnr@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, D.C. 20548: 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, D.C. 20548: