GAO-03-1155T, Maritime Security: Progress Made in Implementing Maritime Transportation Security Act, but Concerns Remain


This is the accessible text file for GAO report number GAO-03-1155T 
entitled 'Maritime Security: Progress Made in Implementing Maritime 
Transportation Security Act, but Concerns Remain' which was released on 
September 09, 2003.

This text file was formatted by the U.S. General Accounting Office 
(GAO) to be accessible to users with visual impairments, as part of a 
longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

On January 5, 2004, this document was revised to add various 
footnote references missing in the text of the body of the document.

Testimony: 

Before the Committee on Commerce, Science, and Transportation, United 
States Senate:

United States General Accounting Office:

GAO:

For Release on Delivery Expected at 9:30 a.m. EDT:

Tuesday, September 9, 2003:

MARITIME SECURITY:

Progress Made in Implementing Maritime Transportation Security Act, but 
Concerns Remain:

Statement of Margaret Wrightson Director, Homeland Security and Justice 
Issues:

GAO-03-1155T:

GAO Highlights:

Highlights of GAO-03-1155T, a testimony before the Senate Committee on 
Commerce, Science, and Transportation 

Why GAO Did This Study:

After the events of September 11, 2001, concerns were raised over the 
security of U.S. ports and waterways. In response to the concerns over
port security, Congress passed the Maritime Transportation Security 
Act in November 2002. The act created a broad range of programs to 
improve the security conditions at the ports and along American 
waterways, such as identifying and tracking vessels, assessing 
security preparedness, and limiting access to sensitive areas. A 
number of executive agencies were delegated responsibilities to 
implement these programs and other provisions of the act. 

The Senate Committee on Commerce, Science, and Transportation asked 
GAO to conduct a review of the status of the agencies’ efforts to 
implement the security requirements of the act. This testimony 
reflects GAO’s preliminary findings; much of GAO’s work in the area is 
still under way. 

What GAO Found:

Agencies responsible for implementing the security provisions of the 
Maritime Transportation Security Act have made progress in meeting 
their requirements. Thus far, GAO has obtained information about 43 of 
46 specific action areas, and efforts are under way in 42 of them. For 
example, the Coast Guard, the Department of Homeland Security agency 
with lead responsibility for most of the assignments, has published 
six interim rules covering responsibilities ranging from security of 
port facilities to vessel identification systems. Two other agencies 
within the new department—the Transportation Security Administration 
and the Bureau of Customs and Border Protection—have actions under way 
in such areas as establishing an identification system for millions of 
port workers and setting information requirements for cargo. The 
Maritime Administration, a Department of Transportation agency, has 
already completed or is well into implementing such responsibilities 
as developing training for security personnel. 

While much has been accomplished, GAO’s review found five areas of 
concern. Three relate primarily to security issues:

* Only a limited number of ports covered by vessel identification 
system,
* Questions about the scope and quality of port security assessments, 
and
* Concerns related to approving security plans for foreign vessels.

Two relate primarily to organizational and operational matters:

* Potential duplication of maritime intelligence efforts, and
* Inconsistency with Port Security Grant Program requirements.

www.gao.gov/cgi-bin/getrpt?GAO-03-1155T.

To view the full product, including the scope and methodology, click 
on the link above. For more information, contact Margaret Wrightson, 
415-904-2000, or wrightsonm@gao.gov.

[End of section]

Mr. Chairman and Members of the Committee:

I am pleased to be here today to discuss the implementation of the 
Maritime Transportation Security Act (MTSA) of 2002. This sweeping 
piece of legislation was enacted just 10 months ago, but it has already 
produced major changes in the nation's approach to maritime security. 
At your request, we have begun reviewing the implementation of security 
provisions of Title I of MTSA. I am here today to tell you about our 
preliminary findings and what agencies within the Department of 
Homeland Security (DHS) and other federal departments are doing to 
fulfill their many responsibilities under the act. I also want to 
advise you about specific matters that agency officials or others have 
brought to our attention thus far and other issues that may require 
further oversight. We will be continuing our efforts to more fully 
evaluate a number of the issues I will address today, and we plan to 
issue a report when this work is complete.

Our information is based on interviews with agency officials charged 
with implementing MTSA's provisions, as well as with officials and 
stakeholders from several ports.

Our preliminary findings are as follows:

* Progress has been made in implementing MTSA. MTSA called for actions 
in 46 key areas we identified, such as creating a maritime intelligence 
security system, assessing security conditions in port areas, creating 
and implementing a vessel tracking system, and creating identification 
systems for port workers and seafarers. So far, we have obtained 
information for 43 of these areas, and agency officials indicate that 
actions are complete or under way in 42 of them. For example, the Coast 
Guard, which had lead responsibility for most of the assignments, has 
six interim rules in place covering major areas of responsibility, such 
as security in and around the ports, aboard individual vessels, and at 
individual facilities. All six Coast Guard Maritime Safety and Security 
Teams included in the fiscal year 2003 budget are expected to be 
operational by the end of September 2003; these teams are designed to 
provide increased protection against terrorism in and around the 
nation's harbors. Also, the Transportation Security Administration 
(TSA) is testing new identification cards for controlling access to 
secure transportation facilities, including vessels and port 
facilities. The agency plans to start issuing the cards to millions of 
port workers in 2004. The Bureau of Customs and Border Protection 
(BCBP) and the Maritime Administration (MARAD), the two other agencies 
with the largest set of responsibilities under MTSA, also are making 
progress on major projects. Agency officials told us that cooperation 
and coordination on MTSA implementation has been strong. Further work 
will be needed to determine the extent to which early progress will be 
sustained over the course of implementation efforts and whether the 
spirit of cooperation translates into efforts at the port level.

* These findings not withstanding and bearing in mind our caveats as to 
the preliminary nature of these results, five areas have surfaced as 
potentially requiring further attention. (See table 1.):

Table 1: Summary of Areas That Require Further Attention:

Area: Security-related matters.

Area: Vessel identification system; Description: Security-related 
matters: A system has been developed and is being implemented, but the 
shore-based infrastructure needed is not present at many U.S. ports. As 
a result, the system may not be in place at these ports for several 
years. 

Area: Port security assessments; Description: Security-related 
matters: Assessments being conducted by an outside contractor have been 
criticized for their scope and quality, and the contractor has 
attempted to move to the next phase of the work before evaluating 
lessons learned. 

Area: Vessel security plans; Description: Security-related matters: 
Concerns have been raised about the Coast Guard's plan to accept other 
countries' certification of vessel security plans. 

Area: Operational and efficiency matters.

Area: Maritime intelligence system; Description: Security-related 
matters: Coast Guard and Transportation Security Administration may be 
duplicating efforts in collecting intelligence information about 
vessels and cargoes. 

Area: Grants program; Description: Security-related matters: A MTSA-
required program of grants for assisting in security preparations is 
being folded into an existing grants program, affecting the application 
of MTSA grant requirements. 

Source: GAO. 

[End of table]

Three of these areas, as shown in table 1, primarily have security 
implications. For example, MTSA called for development of an automatic 
identification system. The Coast Guard developed a system that would 
allow port officials and personnel on other vessels to determine the 
identity and position of vessels entering or operating within the port. 
While the Coast Guard is implementing this system, more than half of 
the 25 busiest U.S. ports will not have it for the foreseeable future, 
because it requires extensive shore-based equipment and infrastructure 
that many ports do not have. The two remaining areas relate primarily 
to operational or efficiency matters, such as duplication of effort in 
collecting intelligence information. We are continuing to examine all 
five areas.

Background:

MTSA was landmark legislation that mandated a quantum leap in security 
preparedness for America's maritime ports. Prior to the terrorist 
attacks of September 11, 2001, federal attention at ports tended to 
focus on navigation and safety issues, such as dredging channels and 
environmental protection. While the terrorist attacks initially focused 
the nation's attention on the vulnerability of its aviation system, it 
did not take long for attention to fall on the nation's ports as well. 
Besides being gateways through which dangerous materials could enter 
the country, ports represent attractive targets for other reasons: they 
are often large and sprawling, accessible by water and land, close to 
crowded metropolitan centers, and interwoven with highways, roads, 
factories, and businesses. Security is made more difficult by the many 
stakeholders, public and private, involved in port operations. These 
stakeholders include local, state, and federal agencies; multiple law 
enforcement jurisdictions; transportation and trade companies; and 
factories and other businesses.

Passed in November 2002, MTSA imposed an ambitious schedule of 
requirements on a number of federal agencies. MTSA called for a 
comprehensive security framework--one that included planning, 
personnel security, and careful monitoring of vessels and cargo. (See 
table 2 for examples of key MTSA activities.) MTSA tasked the Secretary 
of DHS, and the Secretary in turn has tasked the Coast Guard, with lead 
responsibility for the majority of its requirements. Timetables were 
often daunting. For example, one of the Coast Guard's responsibilities 
was to develop six interim final rules implementing MTSA's operational 
provisions in sufficient time to receive public comment and to issue a 
final rule by November 25, 2003.

Table 2: Examples of Key MTSA Activities:

Type of activity: Planning: 

Specific provision: Conduct vessel, facility, and port vulnerability 
assessments to determine potential risks. 

Specific provision: Develop transportation security plans for vessels, 
facilities, port areas, and the nation. 

Specific provision: Develop security incident response plans for 
vessels and facilities. 

Specific provision: Identification of personnel: Assess foreign ports 
for security risk. 

Type of activity: Identification of personnel.

Specific provision: Tracking of vessels: Create security cards 
required of any person seeking to enter a secure area of a vessel or 
facility; cards would have biometric information (such as fingerprint 
data) to guard against theft or counterfeiting. 

Type of activity: Tracking of vessels: 

Specific provision: Install automatic identification systems on 
numerous categories of vessels. 

Specific provision: Authorized to create and implement a long-range 
vessel tracking system. 

Source: GAO.

[End of table]

Adding to the difficulty has been the need to implement MTSA against 
the backdrop of the most extensive federal reorganization in over a 
half-century. Most of the agencies with MTSA responsibilities were 
reorganized into the Department of Homeland Security in March 2003, 
less than 5 months after MTSA enactment. Among the 22 agencies in the 
new department were some relatively new organizations, such as TSA. 
Other more longstanding agencies, including the Coast Guard, U.S. 
Customs Service, and Immigration and Naturalization Service, were 
transferred from a variety of executive departments. This vast 
recombination of organizational cultures introduced new chains of 
command and reporting responsibilities. MTSA implementation also 
involved coordination with other executive agencies, including the 
Departments of State, Transportation, and Justice.

Progress Has Been Made in Implementing MTSA:

Since the passage of MTSA in 2002 the responsible agencies--primarily 
the Coast Guard, TSA, and BCBP in DHS, along with MARAD in the 
Department of Transportation--have made strides in implementing the 
act's security provisions. MTSA called for actions in 46 key areas we 
identified. Thus far, we have received information from the responsible 
agencies on 43 of these areas. Of the 43 areas, work is done in 2 
(issuing interim rules and developing training for maritime security 
personnel), and under way in 40 others.[Footnote 1] These agencies also 
reported that cooperation and coordination has been extensive 
throughout the course of their activities.

A major achievement has been the Coast Guard's publication on July 1, 
2003, of six interim rules on the provisions where it had lead 
responsibility. The rules set requirements for many of the provisions 
delegated to the Coast Guard under MTSA. The rules, which included 
sections on national maritime security initiatives, area maritime 
security, vessel security, facility security, outer continental shelf 
facility security, and automatic identification systems, were published 
approximately 8 months after MTSA was enacted. Doing so kept the Coast 
Guard on schedule for meeting MTSA's requirement to receive public 
comment and issue the final rules by the end of November 2003. The 
rules provided a comprehensive description of industry-related maritime 
security requirements and the cost-benefit assessments of the entire 
set of rules. The Coast Guard plans to publish the final rules before 
November 25, 2003, after receiving and acting on comments to the 
interim rules.

Another Coast Guard accomplishment was the establishment of Maritime 
Safety and Security Teams called for under MTSA. These teams, which can 
be rapidly deployed where needed, are designed to provide antiterrorism 
protection for strategic shipping, high-interest vessels, and critical 
infrastructure. The Coast Guard has already deployed four teams--in 
Seattle and Galveston and near Norfolk and Los Angeles. The Coast Guard 
will deploy teams in New York City and near Jacksonville this year, and 
six more teams have been requested in the president's budget in 2004. 
These are to be located in San Diego, Honolulu, Boston, San Francisco, 
New Orleans, and Miami.

Other agencies in DHS have also made progress in their implementation 
of MTSA provisions. Responding to MTSA's requirement for the 
development of biometric[Footnote 2] transportation security 
identification cards that would allow only authorized persons access to 
secure areas of vessels or facilities, TSA is currently testing several 
different technology credentialing systems on sample cards. The agency 
will begin testing prototypes of the entire security card process, 
including conducting background checks, collecting biometric 
information on workers, verifying cardholders' identities, and issuing 
cards in early 2004. TSA plans to start issuing about 5 to 6 million 
new cards per year in the middle of 2004. Developing all of the 
policies and programs to make this system work is still under way and 
will continue to pose challenges to continued progress. Another DHS 
agency, BCBP, was delegated the responsibility for issuing regulations 
for electronic transmission of cargo information to BCBP by October 1, 
2003; BCBP published its proposed rule on July 23, 2003. BCBP was 
waiting for comments on the proposed rule, and BCBP officials told us 
that they expect to publish the rule on time.

MARAD has also made progress in its requirements. Among the provisions 
for which MARAD is responsible are developing standards and curricula 
for the training of maritime security personnel. MARAD submitted a 
Report to Congress, dated May 2003, containing the standards and 
curriculum called for by MTSA in the form of model course frameworks 
for seven categories of maritime security professionals. As an 
extension of the MTSA project, MARAD also produced three model maritime 
security courses for the International Maritime Organization (IMO). An 
IMO validation team has reviewed drafts of these courses, which found 
little need for change.

Agency officials told us that cooperation and coordination on MTSA 
implementation has been strong. Coast Guard officials said that they 
had developed channels of communication with other relevant agencies, 
and they said these other agencies were supportive in implementing 
provisions for which they did not have primary responsibility. In the 
work we have conducted at ports since the September 11th attacks, we 
have noted an increasing level of cooperation and coordination at the 
port level. However, ensuring smooth coordination as the many aspects 
of MTSA implementation continue is a considerable challenge. Additional 
work will be needed to determine the extent to which this spirit of 
cooperation continues to be translated into effective actions at the 
level where programs must be implemented.

Issues Raised Include Both Security and Operational Concerns:

While progress is being made, our preliminary work has identified five 
areas that merit attention and further oversight. Three relate 
primarily to security issues: (1) the limited number of ports that will 
be covered by the vessel identification system, (2) questions about the 
scope and quality of port security assessments, and (3) the Coast 
Guard's plans not to individually approve security plans for foreign 
vessels. The remaining two relate primarily to operational and 
efficiency matters: (1) potential duplication of maritime intelligence 
efforts and (2) inconsistency with Port Security Grant Program 
requirements.

Vessel Identification System Will Cover a Limited Number of Ports:

The main security-related issue involves the implementation of a vessel 
identification system. MTSA called for the development of an automatic 
identification system. Coast Guard implementation calls for a system 
that would allow port officials and other vessels to determine the 
identity and position of vessels entering or operating within the 
harbor area. Such a system would provide an "early warning" of an 
unidentified vessel or a vessel that was in a location where it should 
not be. To implement the system effectively, however, requires 
considerable land-based equipment and other infrastructure that is not 
currently available in many ports. As a result, for the foreseeable 
future, the system will be available in less than half of the 25 
busiest U.S. ports.

The identification system, called the Automatic Identification System 
(AIS), uses a device aboard a vessel to transmit a unique identifying 
signal to a receiver located at the port and to other ships in the 
area. This information gives port officials and other vessels nearly 
instantaneous information about a vessel's identity, position, speed, 
and course. MTSA requires that vessels in certain categories[Footnote 
3] install tracking equipment between January 1, 2003, and December 31, 
2004, with the specific date dependent on the type of vessel and when 
it was built.

The only ports with the necessary infrastructure to use AIS are those 
that have waterways controlled by Vessel Traffic Service (VTS) systems. 
Similar to air traffic control systems, VTS uses radar, closed circuit 
television, radiophones, and other technology to allow monitoring and 
management of vessel traffic from a central shore-based location. The 
Coast Guard currently plans to install AIS receiving equipment at the 
10 locations with VTS systems.[Footnote 4] More than half of the 25 
busiest ports, such as Philadelphia, Baltimore, Miami, Charleston, 
Tampa, and Honolulu, do not have VTS systems; hence, AIS will be 
inoperable at these locations for the foreseeable future. When AIS will 
be operable at these other ports depends heavily on how soon the Coast 
Guard can put an extensive amount of shore-based infrastructure in 
place. For the present, the Coast Guard is requiring AIS equipment only 
for (1) vessels on international voyages and (2) vessels navigating 
waterways under VTS control. Some of these international ships will be 
calling on ports that will not have AIS equipment. In such cases, the 
transmitters aboard the vessels will be of no use for the ports, 
because they will not have equipment to receive the signals.[Footnote 
5]

Cost is a major factor in the full implementation of AIS. Expanding 
coverage will require substantial additional investment, both public 
and private. The Coast Guard's budget request for fiscal year 2004 
includes $40 million for shore-based AIS equipment and related 
infrastructure--an amount that covers only current VTS areas. According 
to a Coast Guard official, wider-reaching national implementation of 
AIS would involve installation and training costs ranging from $62 
million to $120 million. Also, the cost of installing AIS equipment 
aboard individual ships averages about $10,000 per vessel, which is to 
be borne by the vessel owner or operator. Some owners and operators, 
particularly of domestic vessels, have complained about the cost of 
equipping their vessels.

Concerns about Port Security Assessments:

Another security-related issue involves the Coast Guard's efforts to 
address MTSA's security planning requirements through a series of 
security assessments of individual ports. Security assessments are 
intended to be in-depth examinations of security threats, 
vulnerabilities, consequences, and conditions throughout a port, 
including not just transportation facilities, but also factories and 
other installations that pose potential security risks. The Coast Guard 
had begun these assessments before MTSA was passed and decided to 
continue the process, changing it as needed to meet MTSA planning 
requirements, which include developing area security plans based on the 
evaluation of specific facilities throughout the port. At the request 
of the Subcommittee on Coast Guard and Maritime Transportation, House 
Committee on Transportation and Infrastructure, we have been examining 
these assessments, which are being conducted by an outside contractor. 
Our preliminary work has surfaced several potential concerns, which we 
are still in the process of reviewing.

One concern involves an apparent truncation of the review process for 
ensuring that the assessment methodology will deliver what MTSA 
requires. When MTSA took effect, the outside contractor already 
completed the first 10 of 55 planned assessments. The Coast Guard 
directed the contractor to modify the assessment methodology to take 
MTSA's planning requirements into account, and it decided that the next 
two assessments would be a pilot test of the revised methodology. The 
Coast Guard plans to use the pilot test to evaluate lessons learned, so 
that additional modifications can be made before any further contracts 
are signed.

Instead of waiting to see what changes might be needed as a result of 
the pilot projects, however, the contractor has apparently started the 
scoping phase for the next six port assessments. Scoping is a 
significant part of the new methodology, and as such, it is a major 
determinant in the nature and breadth of the issues to be addressed, as 
well as the assessment's cost. The contractor has also reportedly 
sought to negotiate and sign contracts to review the next six ports. 
Since the pilot projects will not be completed until at least October 
2003, it seems premature to reach decisions about the scope of the 
assessments and sign contracts for them. The revised methodology needs 
to be reviewed so that any needed changes are reflected in the next 
contract.

A second concern that has surfaced involves the scope and quality of 
the assessments themselves. As part of our work, we have interviewed 
port stakeholders to obtain their views on the process. At one port, 
where the assessment has been completed and the report issued, 
stakeholders said they had not been given an opportunity to comment on 
the report, which contained factual errors and did not include an 
assessment of railroads and the local power generating plant. At the 
other port, where the assessment was still in process, local Coast 
Guard personnel and port stakeholders noted that a survey instrument 
referred to the wrong port, asked questions they regarded as not 
pertaining to security, and was conducted in ways that raised concerns 
about credibility. Many of these stakeholders saw little usefulness in 
the assessments, believing that they added little to what the 
stakeholders had already learned from conducting their own more 
extensive security reviews of individual facilities or installations. 
They said the assessments focused on the same systems that had already 
been reviewed and would have greater value if they were focused on 
matters that had not already been thoroughly studied, such as the 
potential for waterborne assault. Coast Guard officials at the two 
ports said, however, that in their view the assessments would provide 
such benefits as a more comprehensive perspective on port operations 
and vulnerabilities and validate their need for additional assets and 
people to provide adequate security. Ensuring that the assessments are 
of high quality is important not only for their effectiveness as 
security instruments, but also because of their cost. For the most 
part, assessments have been conducted only at medium-sized ports, and 
even there they are costing $1 million or more per assessment.

Coast Guard Not Intending to Individually Approve Security Plans for 
Foreign Vessels:

Concerns have been raised about the proposed approach for meeting 
MTSA's requirement that the Secretary of DHS approve vessel security 
plans for all vessels operating in U.S. waters. Vessel security plans 
include taking such steps as responding to assessed vulnerabilities, 
designating security officers, conducting training and drills, and 
ensuring that appropriate preventive measures will be taken against 
security incidents. To implement this MTSA requirement the Coast Guard 
has stated, in general, that it is not the Coast Guard's intent to 
individually approve vessel security plans for foreign vessels. 
Separate from MTSA, an international agreement requires vessels to 
carry on board a vessel security plan that is approved by the vessel's 
country of registry--its "flag" state--to ensure that an acceptable 
security plan is in place. The Coast Guard provides that it will deem a 
flag state approval of a vessel security plan to constitute the MTSA-
required Secretary approval of MTSA vessel security plans. However, 
MTSA does not mention any role for foreign nations in the Secretary's 
required approval of vessel security plans, and some concerns have been 
raised about the advisability of allowing flag states--some with a 
history of lax regulation--to ensure the security of vessels traveling 
to the United States.

The international requirement for a security plan is contained in the 
International Ship and Port Facility Security (ISPS) Code.[Footnote 6] 
Under this requirement, which was adopted about the same time that MTSA 
was enacted and will go into effect on July 1, 2004, the vessel's flag 
state is responsible for reviewing and certifying the vessel's security 
plan. Prior to this time, the vessels' flag state had already been 
responsible for ensuring that its vessels met safety requirements. 
Critics of using this approach for MTSA-required security plans have 
pointed out that in the past, some flag states had a spotty record of 
enforcing safety requirements.

Rather than individually approving security plans for vessels overseen 
by foreign flag states, the Coast Guard plans an extensive monitoring 
effort as part of its oversight of vessels bound for U.S. waters. 
However, the Coast Guard's interim rule stated that, as part of an 
aggressive port state control program, the Coast Guard would verify 
that foreign vessels have an approved, fully implemented security plan, 
as well as tracking the performance of owners, operators, flag 
administrations, charters, and port facilities. Coast Guard officials 
have said that they are working from existing procedures, in that their 
security effort is modeled after their safety program. They also said, 
however, that they have no contingency plans in case stronger measures 
than those called for in their current plans are required.

The concerns are limited mainly to foreign flag vessels. Vessels 
registered in the United States will have their security plans reviewed 
and approved by the Coast Guard. It has been reported that the Coast 
Guard estimates that review and approval of security plans for domestic 
vessels and facilities will require 150 full-time personnel and cost 
$70 million as part of its 2004 budget.

Potential Duplication of Maritime Intelligence Efforts:

Turning to issues that are related more to program efficiency and 
management than to security concerns, one issue that has arisen 
involves potential duplication in the area of maritime intelligence. 
MTSA required the Secretary of Homeland Security to implement a system 
to collect, integrate, and analyze information on vessels operating on 
or bound for U.S. waters. The Secretary of DHS in turn delegated 
responsibilities to TSA and the Coast Guard. There appears to be 
potential for duplication by TSA and the Coast Guard in these efforts.

The duplication concerns center on the new Integrated Maritime 
Information System (IMIS) required under the Secretary's delegations. 
The Secretary of DHS delegated primary responsibility for this system 
to TSA, and TSA was appropriated $25 million to develop it. Coast Guard 
officials have voiced concerns that TSA's efforts in developing the 
overall system are duplicating existing Coast Guard efforts that are 
more extensive and better funded. According to these officials, IMIS is 
very similar to the Coast Guard's Intelligence Coordination Center 
(ICC) Coastwatch program, an effort that has 10 times the amount of 
funding appropriated for IMIS, involves 100 more staff members, and has 
staff already in place with considerable intelligence analysis 
capability. Coast Guard officials questioned whether TSA's smaller 
effort could yield information of similar quality.

Coast Guard officials also expressed concerns about potential 
duplication of effort at the port level. TSA's tests of the system 
would place TSA personnel at the port level. Coast Guard personnel 
noted that these efforts seemed similar to the Coast Guard's Field 
Intelligence Support Teams, as well as teams from the legacy agencies, 
the Customs Service and the Immigration and Naturalization Service, 
that also operate at the port level. Coast Guard officials said that 
they saw little sharing of the intelligence at that level.

While we have not yet had the opportunity to observe the intelligence 
arms of TSA and the Coast Guard in action to more fully evaluate the 
potential for duplication of effort, it does appear that some potential 
duplication exists. From conversations with TSA and Coast Guard 
officials, we could discern little difference in a number of their 
information and integration efforts. Aside from potential inefficient 
use of resources, this possible duplication may also limit either 
agency from obtaining a complete intelligence picture and detecting 
potential threats.

Differences between Current TSA Grant Program and MTSA Grant 
Requirements:

The final issue involves TSA's implementation of MTSA's grant program. 
MTSA required the Secretary of Transportation to establish a program of 
grants to ports and other entities to implement area and facility-
specific security plans. Prior to the enactment of MTSA, TSA, in 
partnership with MARAD and the Coast Guard, already had begun a port 
security grant program in February 2002. This program was originally 
intended to fund security assessments and enhanced operational security 
at ports and facilities, and two rounds of grants were funded before 
MTSA was enacted in November 2002. TSA officials told us that, rather 
than creating a new grant program to specifically respond to MTSA, they 
are adapting the existing program to meet MTSA requirements. Under this 
approach, some time will elapse before all of the grant requirements 
specified under MTSA are in place.

The existing grant program differs from MTSA requirements in several 
respects. Most significantly, the existing grant program does not 
require cost-sharing, while MTSA does. MTSA grant provisions state that 
for projects costing more than $25,000, federal funds for any eligible 
project shall not exceed 75 percent of the total cost. A TSA official 
said that, in starting to fold MTSA grants into the existing program 
for the third round of grants, TSA was still disbursing moneys from a 
prior appropriation, and the language of that legislation limited its 
ability to make changes that would meet MTSA requirements. As a result, 
TSA encouraged cost-sharing but did not require it. While TSA limited 
its changes for the first three rounds of grants, in the future 
continued deviation from MTSA cost-sharing requirements would keep 
federal dollars from reaching as many projects as possible. By not 
requiring a grantee to share in the financial burden, TSA does not take 
into account the applicant's ability to participate in the funding. If 
applicants have such ability, the result is that available federal 
dollars are not effectively leveraging as many projects as 
possible.[Footnote 7]

There are two additional areas where TSA's current grant program 
differs from MTSA provisions. First, the current grant program does not 
specifically correspond to the stated purpose of MTSA's grant funding, 
which is to implement area and facility-specific security plans. TSA 
officials told us that in round three, they would give preference to 
regulated facilities and vessels that were already required to have 
security assessments and plans in place. As a result, the grants would 
likely be for mitigating identified vulnerabilities rather than 
developing plans. Second, in the application instructions for the 
current program, TSA said that recurring costs for personnel and 
operations and maintenance costs were not eligible for funding. MTSA 
specifically includes these costs.

TSA officials said that for later rounds of grants during fiscal year 
2004, they would discuss potential changes in the Port Security Grant 
Program with the Coast Guard and MARAD. These potential changes would 
include requiring that all grant proposals be designed to meet MTSA 
port security grant requirements. The officials said, however, that 
before making any changes, they would look for specific directions 
accompanying currently pending appropriations for fiscal year 2004.

Mr. Chairman, this concludes my prepared statement. I would be pleased 
to answer any questions that you or other members of the committee may 
have.

Contacts and Acknowledgments:

For information about this testimony, please contact Margaret 
Wrightson, Director, Homeland Security and Justice Issues, at (415) 
904-2000. Individuals making key contributions to this testimony 
include Jonathan Bachman, Jason Berman, Steven Calvo, Matthew Coco, 
Rebecca Gambler, Geoffrey Hamilton, Christopher Hatscher, Lori Kmetz, 
Stan Stenersen, and Randall Williamson.

FOOTNOTES

[1] Work has not yet begun on issuing a report to the Congress 
regarding MARAD's expenditure of funds for training--no funds were 
expended in fiscal year 2003. 

[2] Biometric refers to technologies that can be used to verify a 
person's identity by characteristics such as fingerprints, eye retinas, 
and voice.

[3] All vessels of certain specifications on international voyages; 
self-propelled commercial vessels 65 feet or more in length; towing 
vessels 26 feet or more in length and more than 600 horsepower; vessels 
of 100 gross tons or more carrying one or more passengers for hire; and 
passenger vessels certificated to carry 50 or more passengers for hire.

[4] These locations are New York/New Jersey; the mouth of the 
Mississippi River; New Orleans; Houston/Galveston; Port Arthur, Texas; 
Los Angeles/Long Beach; San Francisco; Seattle/Tacoma; Alaska's Prince 
William Sound; and Sault Ste. Marie, Michigan.

[5] Under Coast Guard rules, all vessels arriving from foreign ports 
must inform a U.S. port, at least 96 hours in advance, of its intent to 
enter the harbor. Ports without AIS will still have this notice; what 
they will lack is the ability to verify ships' identities 
electronically when they arrive, or to quickly identify ships that are 
attempting to arrive unidentified. 

[6] This code was ratified by the International Maritime Organization, 
to which the United States is a party. 

[7] MTSA contains provisions for waiving the cost-sharing requirement 
if a higher level of federal funding is required.