Skip to main content

Private Security Contractors: DOD Needs to Better Identify and Monitor Personnel and Contracts

GAO-21-255 Published: Jul 29, 2021. Publicly Released: Jul 29, 2021.
Jump To:

Fast Facts

The Department of Defense has made significant use of private security contractors in the wars in Afghanistan and Iraq. Contractors' involvement in the deaths of civilians and other incidents prompted a renewed call in 2008 for nations to ensure that contractors respect international humanitarian law.

DOD has worked to improve its monitoring of its security contractor use but can't readily or comprehensively identify these personnel and what they're doing. For example, it can't identify which contractors are armed.

We made 3 recommendations, including assigning responsibility to a single high-level official for monitoring contractors.

 

Aerial view of the Pentagon

 

Skip to Highlights

Highlights

What GAO Found

The Department of Defense (DOD) has been unable to comprehensively identify private security contractor (PSC) contracts and personnel supporting contingency, humanitarian, peace-keeping, or other similar operations, limiting DOD's ability to readily and accurately identify the use of PSCs. DOD uses PSCs, which include companies and their personnel, hired to provide security services for the U.S. government. However, neither DOD nor GAO was able to use DOD's three PSC data sources to readily determine the universe of PSCs, the type of operation or exercise they support, or their functions, activities, and armed or unarmed status. For example, queries of DOD databases using the term “security guard” to identify PSC personnel excluded eight other job titles that may also perform private security functions. DOD has not comprehensively determined and communicated the contracted activities that fall within its definition of private security functions. Further, DOD does not have a means of readily identifying the contracts and personnel performing those activities in data sources. Without better identifying and tracking its PSC contracts and personnel, DOD will not be able to accurately determine its use of PSCs.

Since 2009, DOD has established an oversight framework for its use of PSC contracts, but has not fully monitored the implementation of this framework. DOD's framework distributes oversight functions across the department as well as to organizations outside the department (see fig.).

Roles and Functions of Entities to Oversee DOD's Use of Private Security Contractor (PSC) Contracts and Personnel

Roles and Functions of Entities to Oversee DOD's Use of Private Security Contractor (PSC) Contracts and Personnel

However, DOD has not fully monitored whether and how it and the other entities have carried out their PSC oversight roles and functions. For example, GAO reviewed data for deployed contractor personnel with the job title of “security guard” and found that about 12 percent of those individuals were employed by companies not on a DOD list of certified PSC companies. Independent, third-party certification is a key oversight mechanism DOD relies on to ensure it contracts with companies that use approved personnel hiring, screening, training, and reporting practices. DOD lacks a single, senior-level position assigned to fully monitor whether DOD and various entities are carrying out their respective PSC oversight roles and functions. Without assigning this position, DOD increases the risk of incidents that its framework aims to prevent. 

Why GAO Did This Study

During Operation Enduring Freedom in 2001–2014 and Operation Iraqi Freedom in 2003–2011, DOD significantly increased its use of PSCs. In 2008, the Swiss Government and the Red Cross issued the Montreux Document, which generally reaffirmed the obligation nations have to ensure that their PSCs respect international humanitarian law. PSCs supporting DOD have faced international attention resulting from incidents allegedly involving their personnel.

The National Defense Authorization Act for Fiscal Year 2020 included a provision for GAO to review DOD's use of PSCs. GAO assessed the extent to which DOD has (1) identified PSC contracts and personnel used to support contingency operations and (2) established a framework to oversee the department's use of PSC contracts. GAO analyzed DOD contract and personnel data for PSCs from 2009 through 2019, reviewed DOD guidance on PSC use, and conducted interviews with DOD officials and representatives from standards organizations.

Recommendations

GAO is making three recommendations to improve PSC oversight, including identifying and communicating the activities that fall under DOD's definition of PSC functions, and assigning a senior-level position responsible for monitoring the implementation of DOD's PSC oversight framework. DOD partially concurred with the recommendations, agreeing in substance and planning several actions as a result. DOD's planned actions should address the intent of GAO's recommendations if implemented.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, Personnel and Readiness, and Intelligence and Security, in coordination with the Chairman of the Joint Chiefs of Staff, Commanders of the Combatant Commands, and the Secretaries of the military departments, comprehensively determine and designate which of DOD's contracted activities and services fall within the department's definition of private security functions and communicate this information to relevant parties. (Recommendation 1)
Open
DOD partially concurred, agreeing that it is important to identify and communicate which contracted activities and services are private security contractor functions to the relevant parties and to designate future contracted activities and services that fall within those functions. DOD has developed plans and is taking action to address this recommendation. Specifically, DOD is working to clarify and update the definition of "private security contractor" (PSC) to include deciding and defining the meaning and scope "security functions." Once completed, DOD plans to publish and distribute the clarified PSC definition to its PSC community, as well as incorporate in its new PSC-specific online Defense Acquisition University course established and deployed in December 2022. Once completed, which DOD estimates will be in late September 20243, DOD's planned actions would fulfill the intent of our recommendation if DOD definition comprehensively determines and designates which of its contracted activities and services fall within the department's definition of private security functions. DOD's partial concurrence was because it took exception to GAO including the official replacing the Chief Management Officer as one of several DOD officials to participate in implementing the recommendation. GAO continues to believe that it is appropriate for the recommendation to refer to "the appropriate official replacing the Chief Management Officer," among other DOD offices and officials.
Department of Defense The Secretary of Defense should ensure that the appropriate official replacing the Chief Management Officer and the Under Secretaries of Defense for Acquisition and Sustainment, in coordination with Commanders of the Combatant Commands, and the Secretaries of the military departments develop a means for identifying the contracts and personnel performing those activities in readily available data sources, such as by establishing a data code unique to PSCs for use in existing fields in DOD data sources. (Recommendation 2)
Open
DOD partially concurred, agreeing to evaluate and assess courses of action to improve capabilities in identifying future contracts requiring contractor personnel performing private security functions in one or more DOD data sources. DOD has developed plans and is taking action to address this recommendation. Specifically, in parallel with its efforts to clarify and update guidance related to its updated the "private security contractor" (PCS) definition, DOD is developing a new data field to designate personnel as private security contractors within the contractor accountability system-Synchronized Predeployment and Operational Tracker-Enterprise Suite or "SPOT-ES") system. DOD plans to revise its PSC management business rules to reflect the new definition of PSC and the addition of its new PSC data field and then roll-out the new SPOT-ES data field to users with training, working to ensure the data field is understood and implemented appropriately. We believe that once DOD implements this course of action, which DOD estimates will be in early 2025, the intent of our recommendation should be met.
Department of Defense The Secretary of Defense should ensure that the Under Secretary of Defense for Acquisition and Sustainment updates Department of Defense Instruction 3020.50 and other guidance, as appropriate, to assign a senior-level DOD position the responsibility for monitoring the roles and functions of DOD and non-DOD entities under the department's PSC oversight framework, and require that the assigned position periodically document the results of its monitoring. (Recommendation 3)
Open
DOD partially concurred, and has undertaken three actions in response to this recommendation, completing one-designating the Deputy Assistant Secretary of Defense for Logistics as the senior DoD official responsible for monitoring roles and functions of DoD under the "private security contractor" (PCS) oversight framework-with its update to DoD Instruction 3020.50 published on October 13, 2022. To address the monitoring and reporting elements of our recommendation, DOD plans to establish a charter for a PSC Oversight Working Group and require the group to a) monitor PSC responsibilities within the department, and b) report to the Deputy Assistant Secretary of Defense for Logistics on its monitoring activities at regular intervals. DOD's planned action if implemented fully, which DOD estimates will be at the end of 2024, should meet the intent of our recommendation. The basis for DOD's partial concurrence relates to DOD disclaiming the authority to monitor roles and functions of non-DOD entities under its oversight framework. However, to the extent DOD's greater engagement with non-DOD entities through advice, collaboration, and enforcement of contractual requirements will afford the relevant DOD office with greater visibility into how and to what degree the non-DOD entities perform their respective roles, DOD's actions would meet the intent of our recommendation.

Full Report

GAO Contacts

Media Inquiries

Sarah Kaczmarek
Managing Director
Office of Public Affairs

Public Inquiries

Topics

Acquisition regulationsAfghanistan securityCombatant commandsCompliance oversightContingency operationsContracting officersContractor performanceContractor personnelDefense budgetsFederal procurementInformation systemsInternal controlsInternational organizationsMilitary forcesMilitary operationsPeacekeepingPhysical securityPoliceSecurity guardsWeapons