The Audit Division, Office of the Inspector General has completed an audit of compliance with standards governing Combined DNA Index System (CODIS) activities at the North Louisiana Criminalistics Laboratory (Laboratory). The Federal Bureau of Investigation’s (FBI) CODIS program blends forensic science and computer technology to provide an investigative tool to federal, state, and local crime laboratories in the United States, as well as those from selected international law enforcement agencies. The CODIS program allows laboratories to compare and match DNA profiles electronically to assist law enforcement in solving crimes and identifying missing or unidentified persons.1 The FBI’s CODIS Unit manages CODIS and is responsible for developing, providing, and supporting the program to foster the exchange and comparison of forensic DNA evidence.
The FBI implemented CODIS as a distributed database with hierarchical levels that enable federal, state, and local crime laboratories to compare DNA profiles electronically. CODIS consists of a hierarchy of three distinct levels: (1) NDIS, managed by the FBI as the nation’s DNA database containing DNA profiles uploaded by participating states; (2) the State DNA Index System (SDIS), used at the state level to serve as a state’s DNA database containing DNA profiles from local laboratories; and (3) the Local DNA Index System (LDIS), used by local laboratories. DNA profiles originate at the local level, and then flow upward to the state level and, if allowable, national level. NDIS is the highest level in the CODIS hierarchy and enables the laboratories participating in the CODIS program to electronically compare DNA profiles on a national level.
The objectives of our audit were to determine if the: (1) Laboratory was in compliance with the NDIS participation requirements; (2) Laboratory was in compliance with the Quality Assurance Standards (QAS) issued by the FBI; and (3) Laboratory’s forensic DNA profiles in CODIS databases were complete, accurate, and allowable for inclusion in NDIS.
We determined that the Laboratory was in material non‑compliance with the standards governing CODIS activities we reviewed. Specifically, we noted the following.
- We noted four areas of concern with the NDIS participation requirements. Specifically, the CODIS computer screen did not lock after 10 minutes of non‑use, the CODIS computer backups were not stored in a locked container, and the Laboratory was not retaining copies of the annual reminder forms for CODIS users. We also noted that the Laboratory was not timely in notifying investigators of match confirmations, and forwarding external audit reports to the FBI. The Laboratory was in compliance with the remaining areas of the NDIS participation requirements that we reviewed.
- During our review, we reviewed the Laboratory’s adherence to select quality assurance standards (QAS). We did not identify any definitive evidence that would indicate that the QAS were not being followed in our review of the Laboratory’s annual audits, external audits, laboratory security, security of evidence samples, separation of known and unknown samples, and retaining samples after analysis. However, our review of forensic profiles identified issues that had implications that raised concerns about the Laboratory’s compliance with the QAS. Specifically, three of the specimens in our forensic profile sample had incomplete case files that were missing evidence of DNA analysis. Additionally, one specimen was excluded from our sample because the case file for it could not be located. We therefore could not verify that quality assurance standards were followed for these profiles, such as the technical review, controls, and quantitation requirements.
- During our review we identified 30 profiles that were unallowable. Of these profiles, 17 were unallowable according to FBI allowability standards, 8 were unallowable because they had been analyzed with an unapproved PCR kit, 3 had incomplete case files without evidence of DNA analysis or sample source, and 1 profile had 13 loci uploaded but review of the case file could only support the analysis of 9 loci.2 In addition, one of the specimens was excluded from the list of samples because the Laboratory could not locate the case file.
We made five recommendations to address the Laboratory’s compliance with standards governing CODIS activities, which are discussed in detail in the Findings and Recommendations section of the report. Our audit scope and methodology are detailed in Appendix I of the report and the audit criteria are detailed in Appendix II.
We discussed the results of our audit with Laboratory officials and have included their comments in the report as applicable. In addition, we requested a written response to a draft of our audit report from the FBI and the Laboratory. The FBI and the Laboratory responded that they agreed with all five of our recommendations. The Laboratory response can be found in Appendix III, while FBI’s response can be found in Appendix IV. Our analysis of those responses, as well as the actions necessary to close the recommendations can be found in Appendix V of this report.
Footnotes
- DNA, or deoxyribonucleic acid, is genetic material found in almost all living cells that contains encoded information necessary for building and maintaining life. Approximately 99.9 percent of human DNA is the same for all people. The differences found in the remaining 0.1 percent allow scientists to develop a unique set of DNA identification characteristics (a DNA profile) for an individual by analyzing a specimen containing DNA.
- A locus is a specific location on a chromosome. The plural form of locus is loci.