About the National Security Vetting Failures Database: A Streamed panel discusses how national security threats have slipped between the cracks
About the National Security Vetting Failures Database
By Todd Bensman for the Center for Immigration Studies
The success of the September 11 plot depended on the ability of the hijackers to obtain visas and pass an immigration and customs inspection in order to enter the United States. It also depended on their ability to remain here undetected while they worked out the operational details of the attack. If they had failed on either count — entering and becoming embedded — the plot could not have been executed. — “9/11 and Terrorist Travel: Staff report of the National Commission on Terrorist Attacks Upon the United States”, p. 7
It is beyond dispute that terrorists, agents of espionage, and human rights violators still defeat federal screening systems, with unacceptable regularity, many years after the 9/11 reforms, as detailed in the September 2021 CIS Backgrounder “9/11 + 20: America still struggles to vet entering foreigners for national interest threats”.1 They often enter with discoverable disqualifying backgrounds and reasonably predictable threat behaviors despite an immigration security vetting cordon thought to have been rebuilt after 9/11. One example was British subject Malik Faisal Akram, who in January 2022 entered the United States on an electronic tourist visa and kidnapped a Jewish family in Colleyville, Texas, before police killed him.2
The problem of entrances like Akram’s persists in no small part because vetting failures are rarely analyzed after the fact, and quickly drift from the public mind and interest of lawmakers, oversight committee members, media, and homeland security practitioners who would otherwise feel compelled to demand process reforms and remedies.
To help meet this need for remedial attention, the Center for Immigration Studies’ Vetting Failures Database presents the first known collection of preventable federal government vetting failures that enabled entries of foreign nationals who threatened and harmed American national interests and public safety.
Its purpose is to be a constant reminder to the American public and to government employees in a position to effect remedies that they are obliged to do so as soon as practicable. Additionally, the database points America’s homeland security establishment and its congressional overseers to previously unidentified fail points in the highly complex immigration security screening array so that they may more ably block future entries of foreign threat actors.
The CIS database, which will grow as new cases can be analyzed and added, is offered in the spirit that drawing public attention to fail points will more likely prompt process or policy repairs, as well as sustained vigilance against repetition, than would otherwise occur if weak links were left publicly unknown and largely forgotten.
Each case in the CIS database identifies one or more probable vetting system fail points — in policy, processes, and personnel accountability — by U.S. agencies at home and abroad that operate the complex national security screening infrastructure rebuilt after the 9/11 attacks.
There is disagreement among experts inside and outside of government as to how often systems built after 9/11 have failed to detect and bar immigrants and nonimmigrants who harbor ill intent or who can be judged as foreseeably problematic.
To establish at least a starting point for policy focus on the matter, the Center for Immigration Studies seeded this living database collection with cases in which analyses of public records show, with reasonable probability, that visa and immigration security screening failed at least once but often on more occasions. It is a starter kit of cases reflecting systemic procedural problems. The year 2008 was chosen as the starting point on the assumption that the first series of 9/11 visa vetting reforms would have fully vested by then and, in essence, remain in current use, according to government officials CIS has consulted. The year 2008 also was chosen because certain significant new process improvements were implemented that year.
In its elaborate, three-year investigation of the attacks, the National Commission on Terror Attacks Upon the United States, known informally as the “9/11 Commission”, discerned those screening failures by reverse-engineering facts gathered afterward and, using deduction and inference, created valuable hindsight.
In that spirit, CIS has attempted to reverse-engineer case facts from federal court records and other public information to construct a hindsight view into more recent vetting failures so that they can, even if sometimes imperfectly, be seen, studied, understood, and potentially remedied.
The database covers more than terrorism threats. In rebuilding infrastructure and intelligence-sharing protocols of the early 2000s, the new U.S. homeland security enterprise mainly intended to detect and block the legal entry of terrorists into the United States on visas or their subsequent applications to stay. But global threats have evolved to challenge the U.S. “national interest”, a more inclusive delineator that covers a broader array of unsuitable U.S. entrants, including spies, violent transnational criminals, and human rights violators.3 The CIS database reflects vetting failures that reflect this “all threats” suite of foreign adversaries.
For that ongoing endeavor, the Center invites anonymous nominations for new cases, or new information about older ones. For suggestions, please e-mail [email protected].
Database Quick Facts
Time from entry to discovery:
- All crime types: 5 years, eight months.
- Terrorism-related cases (36): five years
- Human rights cases (4): 19 years
- Espionage-related cases: 3 years, five months
Failures per case:
- Thirty-two cases in which at least one failure occurred
- Ten cases in which at least two failures occurred.
- Five cases in which at least three failures occurred.
Most frequent visa or immigration benefit types where failures occurred:
- Lawful Permanent Residence: 22
- Refugee applications: 19
- Temporary visas of various types: 17
- Naturalized citizenship: 15
- Asylum: 6
- Military Accessions Vital to the National Interest: 1
What’s in the Database and What’s Not
The pool of cases selected for inclusion is far from comprehensive and should not be construed as reflecting either problem-set totality or representative weight in any given area. It is by necessity, rather, a compilation selected almost solely on the basis of whether enough public information was available to reverse-engineer cases for analysis from which to draw reasonable conclusions that security failure was more likely than not avoidable. The database, therefore, is hardly quantitative but does sufficiently identify problem areas for potential remedial action. The database does not presume to know whether remedies were already implemented.
Beyond availability of information, a high bar was set for a case’s inclusion in the database. Excluded from consideration were cases in which screening failure could not reasonably be attributed because immigrant and nonimmigrant applicants may have radicalized or committed crimes well after their entry approvals and security vetting opportunities had passed. Also excluded were cases in which a suspect’s criminality, such as espionage, where suspects are highly trained to deceive in hermetic secrecy, could not reasonably be discovered in any routine immigrant adjudication process, but, rather, only by virtue of later court-controlled investigative surveillance methods.
Cases involving prosecution and conviction are most often represented because legal processes provided the requisite public information about investigative findings. However, five federal prosecutions charging Chinese F-1 student visa holders with economic espionage and visa fraud — where evidence pointed strongly to security screening failures — were excluded after the Department of Justice dropped charges in 2021.4
The database provides narrative analyses of each included case explaining how and where vetting failure occurred, buttressed — for purposes of public transparency — by uploaded public court records and links to open-source information from which the analyses were derived. The database provides a searchable, filterable base of common information about each case as follows:
- National security threat type category;
- Year of first vetting opportunity from 2008;
- Number of missed opportunities to detect and prevent per case;
- Responsible agencies;
- Visa, immigration status, or benefit sought, identifying vetting responsibility;
- Estimated time lengths suspects were free and undetected inside the United States to pose a threat; and
- Present status of threat actors.
A majority of cases fall under three general categories: terrorism, espionage, and human rights violations, regardless of whether final charges and convictions were related to statutes for those crimes. Most were placed in these broad categories based on how they were initially investigated, rather than the statute under which they were finally charged. For instance, FBI Counter-Terrorism Task Force investigations are carried out by bureau agents but also with task force members specializing in immigration fraud, such as Immigration and Customs Enforcement’s Homeland Security Investigations officers. Much like bootlegger Al Capone’s conviction for tax evasion, authorities ended up charging subjects for crimes not directly tied to terrorism or espionage, settling on statutes that offered the quickest means of eliminating suspects like Capone as public safety threats. If the FBI was investigating a subject as a terrorism or espionage case, for instance, the database still categorizes them as such no matter the final unrelated charges, for ease of public understanding.
Smaller numbers are derived from counter-intelligence espionage investigations of Chinese scholars that produced various charges and convictions. Agents of the Chinese Communist Party’s military intelligence arms gamed security screeners in recent years to secure student and cultural exchange visas and went on to commit grave harm to the national interest. A Russian national was at the center of one entry, and a Singaporean in another.
Some entries are included that derive from immigration fraud investigations of human rights violators, whose manipulation of U.S. immigration benefits to hide from international justice CIS considers an affront to the national interest. Other categories are likely to be added as new cases become known.
Each failure case lays bare one or more likely repairable defects in the array of security screening policies and systems across government agencies such as the Department of State’s Office of Consular Affairs, U.S. Citizenship and Immigration Services (USCIS), the Department of Defense, and other identified responsible federal entities.
Some additional context may help database users better understand how systems have contributed more to failures than has individual human error.
In recent years, the United States has offered more than 70 specific types of nonimmigrant visas in 24 major visa categories.5 From 2016 to 2019, the State Department issued almost 40 million immigrant and nonimmigrant visas at consular posts abroad before dropping in 2020 due to Covid-19 travel restrictions.6 Inside the United States, USCIS processes an average of at least one million lawful permanent resident green cards a year. In 2020 alone, a down year, USCIS’s 19,000 employees and contractors received 7.7 million applications of various sorts, granting 439,000 lawful permanent residence green cards that year and an average of 760,000 citizenship naturalizations each year since 2015.7 That is just a sampling of USCIS responsibilities; it doesn’t include humanitarian admissions such as asylum and refugee claims, special immigrant visas, and parole.
Database Limitations
A cornerstone feature of the database are analytical reports summarizing each case and assessing what probably went wrong in the screening processes so that responsible authorities might see, study, and remedy problems highlighted in them. Conducting the analyses required reverse-engineering all known facts about each case as derived from all findable public information and applying reasoned, albeit human, judgments. But sometimes, a key piece of information was not in the public realm. For example, time periods in which a threat actor was able to operate freely inside the United States until discovery by law enforcement had to be estimated in some cases in which the precise date of entry or discovery could not be located. In situations where only a given year was available, CIS decided to earmark the sixth month of that year. Users can find an asterisk next to these time frames connoting that they are estimates.
As for analytical judgments about identified failure points, CIS consulted current and former government official familiar with some of the vetting processes most often at issue, who confirmed analytical judgments as reasonable. An important caveat, however, is that neither CIS analysts nor those it consulted could possibly be privy to every action taken by adjudicators in the privacy of agency offices and conference rooms. Some of the case analyses, therefore, may inadvertently have omitted exculpatory circumstances.
Finally, this database project does not provide specific recommendations for improvement, but merely aspires to point out policy, process, prioritization, technology, and resource issues that most likely caused vetting failures. This project shied from offering recommendations because screening processes shape-shift from year to year and from agency to agency in ways that are often not publicly known.
Notes on the National Vetting Center
National leaders since 9/11 had never pointedly prioritized the problem set until President Donald Trump introduced the notion of “extreme vetting” for nationals of nations of terrorism concern. Some of that administration’s initiatives had to do with reducing the number of applicants that backlogged adjudicators would have to screen in some regions, but raised ultimately short-circuiting political opposition.8 The incoming administration of President Joe Biden reversed most of these.9 One such reversed initiative was a regulatory rule change to address the counter-intelligence problem of Chinese spies posing as scholars on F student and J cultural exchange visas. The regulation would have required more frequent and intense security vetting for those visas based on nationality.10
While the two presidential views of how to balance security vetting with immigration levels sharply differed, one Trump initiative that did find support and sustenance from the Biden administration was the National Vetting Center (NVC), established by presidential proclamation in 2018.11 Albeit with no fanfare or media coverage, the Biden administration signaled that it did recognize that improvements were needed when it decided to keep the NVC.12 A February 2021 executive order by the Biden administration to increase refugee resettlement levels cited the need for improved vetting and wrote in a central role for the NVC.13
In essence, the NVC fills a gap that had been hobbling government agencies conducting security screening on millions of foreign applicants: spotty access to a fuller government archive of classified information that other agencies jealously fenced off, against which checks and investigations could be run for derogatory information on applicants.14 As one founding NVC document put it, “The NVC process and technology is designed to make such information accessible in a more centralized and efficient manner to agencies charged with making adjudications.”15
Agencies like USCIS and the State Department still adjudicate their own applications, though now support from the NVC expands the breadth of application vetting checks. For instance, after the fall of Kabul, Afghanistan, in September 2021, the center was pressed into serving information requests for Afghan special immigrant visa applicants and other evacuees, government sources familiar with the center’s operations said. In March 2022, the center expanded classified information access to USCIS in vetting all other refugee applicants, sources said.
To date, the NVC has not been pressed into running checks involving immigrants who have been illegally crossing the Southern border in historic volumes. However, the center is running classified database checks on five nationalities the Biden administration, starting in mid-January 2023, began channeling through an online app called CBP One, which fast-tracks humanitarian parole grants to hundreds of thousands of would-be border-jumpers while they are in Mexico or other countries and then ushers them through ports of entry. The five nationalities are Cuba, Nicaragua, Venezuela, Haiti, and Ukraine.
The checks mainly look for connections to international terrorism or violent transnational criminal organizations. But Cuba, Venezuela, and Nicaragua are diplomatically estranged from the United States and Haiti’s capacity to collect data is extremely limited. An NVC source explained that derogatory intelligence information about people from those countries is limited and that most CBP One applicants will be cleared when center analysts find nothing in the classified data realm.
Additionally, in the fall of 2022, the NVC took on responsibility for running all visas through its classified databases, enhancing the chance of detecting applicants of concern for counterintelligence, terrorism, and transnational crime. Also recently, the NVC began running security checks on some affirmative asylum-seekers, those who do not show up at the border, but rather at interior airports or U.S. embassies abroad.
However, while new measures involving the NVC may improve one aspect of national security vetting, they hardly represent a total solution to other problems that stem from high volumes of applicants that limited staff must process at home and abroad.
The astronomical annual volume of application adjudications have resulted in deep backlogs behind State Department and USCIS adjudicators, who are under pressure to clear or reduce them, a circumstance at odds with sound security vetting. These are systemic, resource- and policy-related problems.
“Volume is a huge problem. It’s a huge piece of it,” said one federal government official with knowledge of the volume-to-resource ratio. “The related challenge is that for some agencies, vetting is not a core mission. They just don’t do vetting. It’s a side project or hobby.”