TSA Oversight of National Passenger Rail System Security
Photo by Andrew Harrer/Bloomberg/Getty Images
Why We Did This Audit
We conducted this audit to determine the extent to which the Transportation Security Administration (TSA) has the policies, processes, and oversight measures to improve security at the National Railroad Passenger Corporation (Amtrak).
What We Found
TSA has limited regulatory oversight processes to strengthen passenger security at Amtrak because the component has not fully implemented all requirements from Public Law 110–53, Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Act). Federal regulations require Amtrak to appoint a rail security coordinator and report significant security concerns to TSA. Although the 9/11 Act requires TSA to establish additional passenger rail regulations, the component has not fully implemented those regulations. Specifically, TSA has not issued regulations to assign rail carriers to high-risk tiers; established a rail training program; and conducted security background checks of frontline rail employees. In the absence of formal regulations, TSA relies on outreach programs, voluntary initiatives, and recommended measures to assess and improve rail security for Amtrak.
TSA attributes the delays in implementing the rail security requirements from the 9/11 Act primarily to the complex Federal rulemaking process. Although the rulemaking process can be lengthy, TSA has not prioritized the need to implement these rail security requirements. This is evident from TSA’s inability to satisfy these requirements more than 8 years after the legislation was passed.
Without fully implementing and enforcing the requirements from the 9/11 Act, TSA’s ability to strengthen passenger rail security may be diminished. The absence of regulations also impacts TSA’s ability to require Amtrak to make security improvements that may prevent or deter acts of terrorism.
What We Recommend
We made two recommendations to DHS and TSA to implement rail security requirements from the 9/11 Act. When implemented, these recommendations should strengthen the effectiveness of passenger rail security.
Recommendation 1: We recommend that the TSA Administrator ensure TSA develops and adheres to a detailed, formal milestone plan to deliver the remaining 9/11 Act Notices of Proposed Rulemaking to DHS.
Recommendation 2: We recommend that the DHS General Counsel effectively coordinate with the Office of Management and Budget (OMB) to expedite the implementation of the remaining passenger rail requirements of the 9/11 Act.
Although voluntary initiatives assist TSA in identifying potential security vulnerabilities, they do not replace the need to implement regulatory requirements. TSA’s reliance on voluntary initiatives has led to a reduced urgency in implementing the outstanding rail security requirements from the 9/11 Act. The lack of enforceable regulations diminishes TSA’s ability to strengthen security for Amtrak and other passenger rail carriers. This deficiency also prevents TSA from requiring Amtrak to make security improvements that may prevent or deter acts of terrorism.
DHS concurred with the recommendations.
For Further Information:
Contact our Office of Public Affairs at (202) 254-4100, or email us at DHS-OIG.OfficePublicAffairs@oig.dhs.gov