Skip navigation

Audit of the DEA’s Management and Oversight of its Confidential Source Program, OAG, 2016

Download original document:
Brief thumbnail
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
Office of the Inspector General
U.S. Department of Justice

Audit of the

Drug Enforcement Administration’s

Management and Oversight of its

Confidential Source Program


Audit Division 16-33

September 2016

AUDIT OF THE DRUG ENFORCEMENT ADMINISTRATION’S

MANAGEMENT AND OVERSIGHT OF ITS

CONFIDENTIAL SOURCE PROGRAM

EXECUTIVE SUMMARY

The Drug Enforcement Administration (DEA) considers its Confidential Source
Program to be critical to its pursuit of illegal narcotics trafficking. However,
confidential sources can be motivated by factors other than combating crime,
including financial gain and avoidance of punishment; therefore, care must be
taken to evaluate and supervise their use. Between October 1, 2010, and
September 30, 2015, the DEA had over 18,000 active confidential sources assigned
to its domestic offices, with over 9,000 of those sources receiving approximately
$237 million in payments for information or services they provided to the DEA.
In July 2015, the Department of Justice (Department or DOJ) Office of the
Inspector General (OIG) issued a report on the DEA’s confidential source policies
and its oversight of higher-risk confidential sources. We found the DEA’s
confidential source policies were not in full compliance with the Attorney General’s
Guidelines Regarding the Use of Confidential Informants (AG Guidelines).
In this review, we concluded that DEA’s management and oversight of, and
policies governing, its Confidential Source Program required significant
improvement. In particular, we found DEA field offices bear disproportionate
responsibility for confidential source management and review. For example, DEA
headquarters offices do not provide comprehensive oversight to ensure that field
offices’ establishment and use of sources, and payments to them, are appropriate,
reasonable, and justified.
We found that the DEA did not adequately oversee payments to its sources,
which exposes the DEA to an unacceptably increased potential for fraud, waste, and
abuse, particularly given the frequency with which DEA offices utilize and pay
confidential sources. For example, while DEA policy prohibits paying deactivated
sources who were deactivated because of an arrest warrant or for committing a
serious offense, we found two concerning instances of payments to previouslydeactivated sources. In one case, the DEA reactivated a confidential source who
previously provided false testimony in trials and depositions. During the
approximate 5-year period of reactivation, this source was used by 13 DEA field
offices and paid $469,158. More than $61,000 of the $469,158 was paid after this
source was once again deactivated for making false statements to a prosecutor.
This was not the only confidential source who received payments after having
been deactivated. Based on our review of DEA’s confidential source data, we
estimated the DEA may have paid about $9.4 million to more than 800 deactivated
sources between fiscal years (FY) 2011 and 2015. While we describe in this report
some concerns about the accuracy and completeness of the available DEA data, and
while we did not review the circumstances of all of these payments in depth, from
i

available information it appears that paying deactivated sources is common enough
to justify much closer managerial oversight and review of such payments.
Another area of concern is the DEA’s oversight of confidential sources it
categorized as “Limited Use,” often referred to as “tipsters,” which DEA policy
specifies are sources who make information available independently without
direction by the DEA. The Limited Use category is regarded by the DEA as low-risk
and therefore DEA policy requires the least supervision. Yet we found that Limited
Use sources were some of DEA’s highest paid sources, with 477 Limited Use
sources during the period of our review having received an estimated $26.8 million.
We reviewed confidential source files associated with six DEA field offices
with interdiction units – enforcement units whose primary activity is to intercept
drug trafficking at transportation and other facilities. We found these units relied
heavily on Limited Use confidential sources who were employees in the travel and
parcel industries with access to passenger information or private facilities. We also
found that Special Agents gave instructions and guidance to these sources about
what information to provide the interdiction units and what actions to take to assist
them, testing the boundaries of what it means to provide information “without
direction.” For example, some Agents requested that sources provide them with
suspicious travel itineraries that met criteria defined by the Agents, and in some
cases requested entire passenger manifests almost daily. Similarly, some parcel
employees were told to provide information related to suspicious parcels and, at
times, followed DEA instructions to directly transfer customer packages to the DEA.
Some of these sources received significant payments for their assistance, including
an airline employee who received more than $600,000 in less than 4 years, and a
parcel employee who received over $1 million in 5 years. We believe that DEA
Agents directed the actions of these sources extensively enough that they could not
reasonably be understood to have acted “without direction” and therefore do not fit
the definition or purpose of “Limited Use.”
Among the Limited Use sources the DEA established were Amtrak and
Transportation Security Administration (TSA) employees. In November 2015, the
OIG completed two separate investigations into DEA’s use of two Amtrak employees
and one TSA employee as sources. These investigations determined the DEA’s use
of these individuals as sources was improper.1 During this audit, we found that,
between FYs 2011 and 2015, the DEA actually used at least 33 Amtrak employees
and 8 TSA employees as sources, paying the Amtrak employees over $1.5 million
and the TSA employees over $94,000. Indeed, even after we issued our
investigative reports detailing our findings of improprieties, the DEA continued to
use seven Amtrak employees as sources. The continued use of these sources only
ceased in March 2016 when the DEA Inspections Division mandated that the field
offices deactivate the seven sources and the DEA promulgated an interim policy
1
See the summaries of the investigations’ findings on our website: Investigative Summary of
Findings Concerning the DEA’s Use of Amtrak Employees as Paid Confidential Sources (January 2016)
and Investigative Summary of Findings Concerning the DEA’s Use of a TSA Airport Security Screener
as a Paid Confidential Source (January 2016).

ii

with a highly specific prohibition on using government or quasi-government
employee sources (to include contract employees) to obtain information within the
scope of their official duties. The DEA formalized this policy in July 2016.
We also found the DEA did not appropriately track all confidential source
activity; did not document proper justifications for all source payments; and, at
times, did not adequately safeguard traveler information. For example, Agents told
us that they generally received tips from sources almost daily via email or text,
some of which were sent to non-government private accounts established by the
Agents, thereby possibly compromising travelers’ personally identifiable
information, affecting record maintenance requirements, and complicating the
DEA’s efforts to manage and access important case-related information. We also
learned the DEA generally maintains confidential source tip information only when a
consensual encounter and subsequent search leads to an arrest or seizure, and
even then the information retained only pertains to the encounter. Because DEA’s
files do not detail the universe of information provided by its sources, it is unable to
examine their reliability and whether they frequently or rarely provide useful
information, or whether the information DEA agents acted upon resulted in
identifying individuals involved in illegal activity or instead caused DEA to regularly
approach innocent civilians for questioning. 2 We are deeply concerned about this
inability to assess source reliability, which seriously impairs DEA’s ability to oversee
and manage the activity of these sources and the Confidential Source Program
overall. We also found that Agents do not always include in DEA investigative
reports references to confidential source information. Agents in one field office told
us they do not do so because they hope to minimize exposure of the source. We
believe the failure to document all source activity presents challenges to the
tracking and retrieving of such activity, and therefore could increase the risk that
some information relating to sources may not be available to prosecutors when
needed in legal proceedings.
Additionally, we were extremely concerned to discover the DEA condoned its
confidential sources’ use of “sub-sources,” who are individuals a source recruits and
pays to perform activities or provide information related to the source’s work for
the DEA. During our review of DEA files, we found evidence of sources who were
paid based, in part, on the need to pay “sub-sources,” but the information in the
files was insufficient to allow us to determine the full extent of such payments. We
found that the DEA has no controls, policies, or procedures for interactions with
these “sub-sources.” Condoning the use of “sub-sources” to assist in investigations
without the DEA’s full knowledge, awareness, and approval raises serious questions
– it increases the chance that individuals may be conducting unauthorized illegal
activity on the DEA’s behalf, potentially puts these and other individuals in harm’s
way, exposes the DEA and DOJ to significant liability, and could impact
2
We identified a similar issue in our report on The DEA’s Use of Cold Consent Encounters at
Mass Transportation Facilities (January 2015), which found the DEA only retained data on consensual
encounters when it led to a consensual search that resulted in a seizure or arrest, and therefore the
DEA could not assess whether encounters were being conducted in an unbiased or effective manner.

iii

prosecutions. We believe the DEA needs to evaluate whether “sub-source” use is
appropriate and, if so, must develop policies and procedures to regulate it.
Another significant area of concern is the limited management, oversight,
and tracking of source payments by the DEA’s Intelligence Division, which oversees
several programs under which sources provide information or conduct
narcotics-related intelligence-gathering activities. According to DEA officials, the
sources are used primarily for law enforcement purposes and the DEA’s Intelligence
Division generally relies on DEA field offices’ risk assessments and determinations
that confidential sources are reliable. In comparison, within the Executive Branch’s
Intelligence Community, of which the DEA’s Office of National Security Intelligence
is a member, there are standards for the appropriate handling of sources, including
independent validation of sources. However, the DEA does not independently
validate the credibility of sources used for intelligence programs or the accuracy of
the information they provide. DEA legal and intelligence officials expressed concern
over applying the Intelligence Community’s validation and rating process to DEA’s
confidential sources because they believe it would impact the ability of prosecutors
to effectively utilize DEA sources during narcotics-related criminal proceedings. We
believe independent assessments of sources are critical to intelligence-gathering
operations, and that relying on field offices to make these judgments without
sufficient oversight from the Intelligence Division could negatively affect the
Intelligence Division’s ability to understand and appropriately use the information it
receives.
Additionally, when we asked the DEA Intelligence Division to provide us with
an itemized list and overall total of payments to intelligence-related confidential
sources, it was unable to do so. We reviewed DEA records and estimated that,
during the 5-year period of our review, the Intelligence Division paid more than
$30 million to sources who provided narcotics-related intelligence and contributed
to law enforcement operations, $25 million of which went to just 9 sources.
Additionally, we identified one source who was paid over $30 million during a
30-year period, some of it in cash payments of more than $400,000. We concluded
the Intelligence Division’s management and oversight of its sources was not
commensurate with the large amount of payments it made to them.
The deficiencies we identified in this audit raise significant concerns about the
adequacy of the current policies, procedures, and oversight associated with the
DEA’s management of its Confidential Source Program. When we informed DEA
management and program officials about our findings and concerns, these officials
expressed a commitment to improve the DEA’s Confidential Source Program, to
implement appropriate controls over confidential sources, and to ensure that
confidential sources remain a productive and essential element used by the DEA to
accomplish its mission. This report makes several recommendations to help the
DEA address deficiencies in its Confidential Source Program, and ensure that its
handling of and payments to sources are appropriate, accountable, and reflective of
the importance of, and risks posed by, its use of confidential sources.

iv

AUDIT OF THE DRUG ENFORCEMENT ADMINISTRATION’S

MANAGEMENT AND OVERSIGHT OF ITS

CONFIDENTIAL SOURCE PROGRAM

TABLE OF CONTENTS

INTRODUCTION

.......................................................................................... 1


Previous OIG and GAO Reports ............................................................... 1

DEA’s Confidential Source Program Overview ........................................... 3

DEA Confidential Source Categories and Payment Types ............................ 4

Confidential Source System Concorde...................................................... 6

OIG Audit Approach .............................................................................. 8

AUDIT FINDINGS ........................................................................................ 10

LIMITED USE CONFIDENTIAL SOURCE INVOLVEMENT IN

DEA INTERDICTION ACTIVITIES .................................................................... 10

Limited Use Confidential Sources .......................................................... 10

Utilization of Limited Use Confidential Sources for Interdiction Activities .... 12

Amtrak Confidential Sources ....................................................... 14

Transportation Security Administration Employees ......................... 16

Commercial Airline Employees ..................................................... 17

Bus Transportation Employees Used as Confidential Sources ........... 19

Parcel Company Employees as Confidential Sources ....................... 20

Significant Concerns and Legal Implications ........................................... 22

Direction to Limited Use Confidential Sources ................................ 23

Tracking and Handling of Confidential Source “Tips,” and the

Consequences for Subsequent Discovery Obligations...................... 25

Extensive Reliance on Limited Use Confidential Sources.................. 27

THE DEA INTELLIGENCE DIVISION’S OVERSIGHT OF CONFIDENTIAL SOURCE

ACTIVITIES AND THE DEA’S USE OF SUB-SOURCES ........................................ 29

DEA Intelligence Division’s Confidential Source Payments and Utilization ... 29

Confidential Source Validation .............................................................. 30

Intelligence Division Oversight of Confidential Source Payments ............... 32


The DEA’s Use of Sub-Sources in Enforcement and Intelligence Activities... 33

DEA CONFIDENTIAL SOURCE OVERSIGHT AND MANAGEMENT........................... 35

Confidential Source Program Oversight Responsibilities ........................... 36

Confidential Source Categorization and Use Inconsistencies ..................... 37

Application of Confidential Source Category Based on 

Criminal History......................................................................... 37

Payments to Deactivated Confidential Sources............................... 39

Confidential Source System Concorde Use and System Deficiencies........... 40

Payment Oversight and Management .................................................... 42

Payment Tracking Discrepancies .................................................. 42

Payment Support and Documentation Discrepancies ...................... 44

CONCLUSION AND RECOMMENDATIONS......................................................... 46

STATEMENT ON INTERNAL CONTROLS............................................................ 49

STATEMENT ON COMPLIANCE WITH LAWS AND REGULATIONS.......................... 50

APPENDIX 1:

OBJECTIVE, SCOPE, AND METHODOLOGY .............................. 51


APPENDIX 2:

THE DRUG ENFORCEMENT ADMINISTRATION’S

RESPONSE TO THE DRAFT AUDIT REPORT ............................. 54


APPENDIX 3:

OFFICE OF THE INSPECTOR GENERAL ANALYSIS AND SUMMARY

OF ACTIONS NECESSARY TO CLOSE THE REPORT ................... 59


AUDIT OF THE DRUG ENFORCEMENT ADMINISTRATION’S

MANAGEMENT AND OVERSIGHT OF ITS

CONFIDENTIAL SOURCE PROGRAM

INTRODUCTION

This is the second and final report resulting from the Department of Justice
(DOJ or Department) Office of the Inspector General’s (OIG) audit of the Drug
Enforcement Administration’s (DEA) Confidential Source Program that was initiated
in February 2014. In July 2015, the OIG issued an audit report associated with this
review to report on significant issues we had identified at that time. 3 However, due
to obstacles and delays imposed by the DEA on the OIG’s access to information
necessary to our audit that lasted for over a year after we initiated the review, we
were not able to report on our larger objective at that time. Since the issuance of
our July 2015 report, the OIG has coordinated with the DEA and received its
cooperation in our continued efforts to assess the DEA’s management and oversight
of its Confidential Source Program. We have now completed our review of the
DEA’s oversight of payments to confidential sources, evaluated compliance with
pertinent rules and regulations associated with the use of confidential sources, and
examined confidential source management practices employed by DEA domestic
field offices and the DEA’s Intelligence Division.
Previous OIG and GAO Reports
The OIG issued an audit report in 2005 that assessed the DEA’s compliance
with regulations concerning confidential informants and the DEA’s controls over
confidential source payments. 4 That audit identified several areas for the DEA to
improve its management of the use of confidential sources to address findings
regarding the DEA’s failure to independently review and evaluate underlying
suitability data, lack of proper documentation, failure to perform required reviews,
instances wherein multiple DEA offices categorized the same source differently, as
well as the improper categorization of other sources. Furthermore, the DEA did not
adequately track receipts for reimbursements. The audit also concluded that the
DEA did not have an effective system to account for and reconcile all confidential
source payments.
More recently, the OIG’s July 2015 report identified that the DEA’s
confidential source policy was not consistent with the Attorney General’s Guidelines

3

U.S. Department of Justice Office of the Inspector General, Audit of the Drug Enforcement
Administration’s Confidential Source Policies and Oversight of Higher-Risk Confidential Sources, Audit
Report 15-28 (July 2015).
4

U.S. Department of Justice Office of the Inspector General, The Drug Enforcement
Administration’s Payments to Confidential Sources, Audit Report 05-25 (May 2005).

1


Regarding the Use of Confidential Informants (AG Guidelines). 5 The AG Guidelines
provide guidance to all Justice Law Enforcement Agencies (JLEA), including the
DEA, related to establishing, approving, utilizing, and evaluating confidential
sources. In addition, we determined that the DEA did not have adequate policies
and practices for reviewing, approving, and revoking confidential sources’
authorization to conduct Otherwise Illegal Activity (OIA). Further, the DEA was not
conducting the required assessment of long-term or other confidential sources in a
timely or adequate manner. 6 The report also noted that the DEA Special Agents
Manual lacked directives related to recruiting, establishing, and using confidential
sources that are subject to DEA regulatory requirements. The report additionally
identified significant concerns regarding the DEA’s provision of Federal Employees’
Compensation Act (FECA) benefits to confidential sources. In response to this
report, the DEA has coordinated with the Criminal Division and developed updated
Confidential Source Program policies to comply with the AG Guidelines; the DEA’s
updated confidential source policies were officially incorporated into DEA operations
in July 2016. In addition, the DEA has implemented new policies and procedures
related to the provision of FECA benefits to confidential sources.
In January 2016, the OIG made public summaries of its findings in two
investigations related to the DEA’s use of Amtrak and Department of Homeland
Security (DHS) Transportation Security Administration (TSA) employees as paid
confidential sources. 7 The OIG determined that the DEA paid two Amtrak
employees more than $860,000 for information that was available at no cost to the
government in violation of federal regulations relating to the use of government
property, thereby wasting substantial government funds. Similarly, the OIG found
that by registering a TSA Security Screener as a confidential source, the DEA
agreed to pay for information that the screener was already obligated to provide to
law enforcement. In both of these investigations, the OIG determined that the DEA
violated or exceeded the terms of its confidential source policies.
Finally, the Government Accountability Office (GAO) issued a report in
September 2015 on DOJ and Department of Homeland Security (DHS) law
enforcement components’ confidential informant policies. GAO’s report identified
that the DEA did not have policies that were fully consistent with the AG

5

Following the issuance of the July 2015 OIG report, DOJ officials from the Office of the
Deputy Attorney General (ODAG), Criminal Division, and DEA coordinated to improve the DEA’s
policies related to the management and use of confidential sources to ensure that the policies contain
all requirements included within the AG Guidelines.
6
The DEA does not have a unique category for long-term confidential sources, but it does use
this term (outside of its DEA Special Agents Manual) and identifies these individuals as sources active
for 6 or more consecutive years.
7
U.S. Department of Justice Office of the Inspector General, Investigative Summary of
Findings Concerning the DEA’s Use of Amtrak Employees as Paid Confidential Sources (January 2016),
and U.S. Department of Justice Office of the Inspector General, Investigative Summary of Findings
Concerning the DEA’s Use of a TSA Airport Security Screener as a Paid Confidential Source
(January 2016).

2


Guidelines. 8 Specifically, the report stated that DEA policy was not consistent with
the requirements to provide written instructions to informants regarding the
parameters of authorized Otherwise Illegal Activity and to have informants sign an
acknowledgment of these instructions. 9
DEA’s Confidential Source Program Overview
The DEA defines a confidential source as any person who, with a reasonable
expectation of confidentiality, furnishes information regarding drug trafficking, or
performs an investigative activity. The DEA uses confidential sources throughout
the world to assist in investigating criminal activity and to regularly contribute
information to the DEA.
As we identified in our July 2015 audit, DEA officials believe that the DEA
could not effectively enforce the controlled substances laws of the United States
without the use of confidential sources. These officials conveyed that confidential
sources play a significant role in DEA’s processes for initiating investigations and
providing DEA with invaluable information and services that facilitate arrests and
seizures of drugs and currency. However, confidential sources can be motivated by
many factors, including fear, financial gain, avoidance of punishment, competition,
and revenge; therefore, special care must be taken to carefully evaluate and closely
supervise their use. Moreover, the credibility and the appropriate and legal use of
confidential sources must always be considered and balanced against the
information and services they provide.
The DEA’s Office of Operations Management administers the Confidential
Source Program through the Confidential Source Unit. This Unit provides support to
the field and manages the electronic system that maintains data on each
confidential source – the Confidential Source System Concorde (CSSC). However,
the DEA relies on its field office personnel to recruit, manage, direct, and evaluate
the use of confidential sources.
DEA Special Agents in field offices establish, utilize, control, and pay
confidential sources. Supervisory personnel must review and approve all
confidential source activities and payments. Both Special Agents and supervisory
personnel are responsible for documenting these activities and payments in the
confidential source files and in CSSC. Each field office is also assigned a
Confidential Source Coordinator who must provide guidance to Special Agents and
supervisory personnel regarding aspects of the Confidential Source Program. 10 The
8
GAO, Confidential Informants Updates to Policy and Additional Guidance Would Improve
Oversight by DOJ and DHS Agencies, GAO-15-807, (September 2015).
9

The AG Guidelines allow JLEAs to authorize confidential sources to engage in activity that
would otherwise be illegal if they were not acting under the direction of the government.
10

Both DEA Special Agents and Task Force Officers manage DEA confidential sources;
however, in this audit report we use “Special Agent” to refer to both DEA Special Agents and DEA Task
Force Officers.

3


Confidential Source Coordinator is also responsible for maintaining the integrity and
completeness of information stored in CSSC and the confidential source files. The
integrity and completeness of confidential source files are reviewed during the
annual self-inspections process, which is conducted by each field office and
submitted to the DEA Inspections Division. To complement the self-inspections
process, the Inspections Division also conducts on-site reviews of each field office,
including Confidential Source Program activities, at each field office on a 4 to 5-year
cycle.
Finally, although the majority of the DEA’s confidential sources are
established and used by its field offices, the DEA’s Intelligence Division also utilizes
confidential sources to advance intelligence-related operations and programs. The
Intelligence Division’s role in using, and the supervision of, confidential sources is
described in detail later in this report.
DEA Confidential Source Categories and Payment Types
The DEA has established categories for confidential sources with different
handling requirements, and with different levels of approval and scrutiny of
confidential source use. Table 1 describes the DEA’s confidential source categories.
Table 1
Overview of DEA Confidential Source Categories
as Defined by the DEA Special Agents Manual
Categories
Regular Use
Restricted Use

Definitions
A confidential source who does not meet the criteria for establishment as
a Restricted Use, Defendant, or Protected Name confidential source.
A confidential source who will be subject to a greater degree of
supervisory control based upon factors within his/her background that
indicates a need for such supervision.

Limited Use

A confidential source who is established as a confidential source for
payment purposes only and who is a “professional” businessperson or a
“tipster.”
Defendant
A confidential source who was under arrest or is subject to arrest and
prosecution for a federal or state offense; requires federal or state
prosecutor concurrence for establishment.
Protected Name
A confidential source whose public identification or utilization as a DEA
confidential source could pose a threat to the national security of the
United States or a foreign country, or result in a high likelihood of violence
to the confidential source and/or his/her family members or associates, or
is likely to raise complex legal issues.
Source: DEA Special Agents Manual

The DEA’s primary purpose for establishing these categories is to distinguish
the different levels of oversight for the sources, including variant supervisory and
outside approval and reporting requirements based on the level of risk associated
with the source. As identified in Table 2, the DEA’s requirements for Restricted
Use, Defendant, and Protected Name sources are the most stringent and provide
for additional oversight, while the requirements for Limited Use confidential sources

4


are less stringent and do not necessitate extensive oversight. Compared to the
other confidential source categories, the annual review requirements for Limited
Use confidential sources are considerably reduced. Specifically, if an individual
meets the DEA’s criteria for a Limited Use confidential source, completion of the risk
assessment is not required and limited information related to the office designator,
activation, source type, payment totals, and criminal history is identified on an
annual suitability form. In some instances, and with additional approval, DEA
Special Agents can establish individuals as both Defendant and Restricted Use if
they meet the criteria.
Table 2a
DEA Confidential Source Category General Requirements

Reporting
Requirements

Initial Approval
Requirements

Confidential Source Categories
Restricted
Use

Defendant

Protected
Name

Regular
Use

Limited
Use

Group Supervisor

√

√

√

√

√

Assistant Special
Agent in Charge

√

√

√

Special Agent in
Charge

√b

√

Prosecutor
(Concurrence)

√

Initial Debriefing &
Risk Assessment

√

√

Fingerprints &
Photographs

√

√

Quarterly Debriefings

√

√

√

√

Annual Debriefing &
Risk Assessment

√

√

√

√

√

√
√

√

a

The requirements depicted in this chart are based on the DEA’s confidential source policy that was
in effect during our audit. In response to our July 2015 report, the DEA formally implemented policy
changes in July 2016.

b

Approval by the Special Agent in Charge to establish a Restricted Use confidential source is
required in a limited number of specific circumstances, such as establishing a federal prisoner as a
confidential source. In other cases, Special Agent in Charge approval for Restricted Use sources is
discretionary and based on the assessment and recommendation of the Assistant Special Agent in
Charge.
Source: OIG Analysis of DEA Special Agents Manual and DEA Annual Continuing Suitability Report
and Recommendation

5


As part of their working relationship with the DEA, the confidential sources
may receive check or cash payments from the DEA for their DEA-related activities.
These payments are attributed to various categories and purposes, as outlined in
Table 3.
Table 3
Overview of DEA Confidential Source Payment Types
as Defined by the DEA Special Agents Manual
Categoriesa
Services/Information

Award

Reward

Definitions and Approvals
A confidential source may be compensated for services or information
during any stage of the investigation in which the confidential source
provides covert assistance to DEA.
Payments of up to $500,000 or 25 percent of the amount realized by the
government from asset forfeiture, whichever is less, for information or
assistance leading to a civil or criminal forfeiture. A confidential source
must have provided original information that clearly led to asset
forfeiture. A payment under this provision shall preclude the confidential
source from receiving any additional Assets Forfeiture Fund awards
based on the same information.
A confidential source may receive a reward payment from operational
funds upon the culmination of the covert stage of an investigation. This
payment may be made from operational funds even if the confidential
source has been recommended for Assets Forfeiture Fund awards.

Reimbursement
for Expenses

Confidential sources can be compensated for reasonable expenses
incurred during investigation. The expenditure of funds for this purpose
must be documented. Receipts will be obtained from the confidential
source whenever possible. The receipts will be attached to payment
documents and filed in the confidential source file.

Relocation

DEA may fund confidential source expenses for relocation for security
purposes. These expenses may include travel for the confidential source
and his or her immediate family, movement and/or temporary storage of
household goods, and temporary living expenses at a new location for a
period of time not to exceed six months.

Security

DEA may be required to provide security assistance to a confidential
source that does not entail the relocation of the confidential source.

a

Payments for the Purchase of Evidence, Payments from Trafficker Directed Funds, and Special
Payments are also confidential source-related payments. However, the payments to confidential
sources reviewed during this audit were primarily those in Table 3 above.
Source: DEA Special Agents Manual

Confidential Source System Concorde
As mentioned, the DEA uses CSSC to track, manage, and record confidential
source related information. 11 CSSC is a web-based application and is an electronic
repository for confidential source-related investigative reports, payments, and other
11

The DEA Special Agents Manual and Confidential Source Program officials state that the
confidential source paper files are the official record for confidential sources.

6


documents specific to individual confidential sources. CSSC is linked to both the
Unified Financial Management System (UFMS), in order to track payments made to
confidential sources, and the DEA’s case system, in order to track cases in which
the confidential source is involved.
During the audit, the OIG obtained and analyzed CSSC data related to
confidential sources who were ever active in any DEA domestic office between fiscal
years (FY) 2011 and 2015. We determined that due to weak internal system
controls the data entered into the system was not always accurate, consistent, or
complete. Moreover, we found that certain DEA processes to pay sources resulted
in missing data related to source payment information. As a result, although we
used the data to identify certain risk indicators during our sample selection of field
office confidential source files, we did not rely on the data to make conclusions and
recommendations regarding significant deficiencies without validating with other
documentation. The weaknesses we identified in CSSC and our use of CSSC data
are discussed in further detail in the DEA Confidential Source Oversight and
Management section of the report and Appendix 1.
Because it was the only Confidential Source Program data available, we used
CSSC data within our findings about specific confidential sources or source types.
These results are used for informational purposes related to our audit findings, as
well as general programmatic information for DEA’s review. Table 4 provides an
overview of the number and total payments to confidential sources from FY 2011
through FY 2015 based on our analysis of CSSC data.

7


Table 4

FY 2011 through FY 2015

Universe and Payments by Source Type

Confidential Source
Category
Regular Use
Restricted Use
Limited Use
Defendant
Protected Name
Multiple Categoriesc
Special Paymentd
Total

Number of
Active
Confidential
Sources
4,566
5,458
699
6,144
72
1,786
1

Number of
Paid
Confidential
Sourcesa
2,840
3,470
477
1,383
39
1,330
1

18,726

9,540

Payment Totalsb
$77,884,545
52,404,859
26,808,549
3,238,711
3,341,216
73,805,868
5,000
$237,488,748

a

Not all active confidential sources received payments. The number of paid
sources is a subset of the number of active sources.
b

Payments generally consist of amounts paid from DEA appropriated and
non-appropriated funds such as the High Intensity Drug Trafficking Area Program,
as well as award amounts paid from the Assets Forfeiture Fund and other reward
programs.

c

These sources encompass those whose category changed during our review
period or who were used concurrently by offices that applied different categories for
the same source.
d

Special Payment is comprised of only one record that did not have a

corresponding category as defined by the DEA Special Agents Manual.


Source: OIG analysis of DEA CSSC Data

OIG Audit Approach
To accomplish our objective, we conducted more than 50 interviews with
Department and DEA headquarters officials, as well as field office Special Agents
and Task Force Officers. In addition, we conducted site visits at the DEA’s offices in
Chicago, Illinois; San Francisco and Sacramento, California; El Paso, Texas;
Phoenix, Arizona; Albuquerque, New Mexico; and Los Angeles, California; as well as
the DEA’s Office of Special Intelligence and the Special Operations Division. During
these site visits, we reviewed 120 confidential source files and 19 investigative case
files. The sources we reviewed were paid over $36 million during our review
period. Finally, we reviewed DEA Inspections Division reports, analyzed DEA
documentation, and reviewed OIG reports of investigations.
This audit focuses on the DEA’s management and oversight of its Confidential
Source Program, to include the DEA’s oversight of payments to confidential sources.
Our results are organized into three findings focused on the following areas:
Limited Use confidential sources used in interdiction-related activities; confidential
sources associated with DEA Intelligence Division programs; and DEA’s oversight

8


and management of its Confidential Source Program. Additional information about
our approach to this audit is in Appendix 1.

9


AUDIT FINDINGS

LIMITED USE CONFIDENTIAL SOURCE

INVOLVEMENT IN DEA INTERDICTION ACTIVITIES

Limited Use confidential sources, as described by DEA officials, provide
independent and lawfully obtained information, or “tips,” to the DEA
and require the least amount of supervision and oversight. We found
that DEA’s interdiction activities rely on Limited Use confidential
sources who are travel and parcel industry employees. During our
review of 53 confidential source files associated with 6 different DEA
field offices conducting interdiction activities, we found that the DEA
paid these sources approximately $4.6 million between FY 2011 and
FY 2015. The majority of these 53 sources were paid to conduct
searches on proprietary databases, or access packages shipped
through private companies, to provide traveler and package
information to the DEA to assist in interdiction activities.
We found the DEA has not provided sufficient oversight in the
establishment, use, and payment of these sources by DEA’s
Interdiction Units. As a result, the DEA improperly established a TSA
employee as a Limited Use confidential source and inappropriately paid
Amtrak employees for information that could have been obtained at no
cost to the DEA. In addition, we found that the DEA routinely did not
document all of its interactions with sources or adequately handle and
secure the proprietary, potentially personally identifiable information
obtained from confidential sources. Finally, we found that the DEA’s
direction and guidance to its Limited Use sources, its reliance on
sources to accomplish its interdiction mission, and its sometimes
long-term and lucrative relationships with these sources calls into
question whether the source is truly providing information
independently or is acting as DEA’s agent, the latter of which could
have implications relating to compliance with the Fourth Amendment’s
protections against unreasonable searches and seizures.
Limited Use Confidential Sources
According to the AG Guidelines, a Source of Information is an individual who
meets the definition of a confidential informant and provides information to a JLEA
solely as a result of legitimate routine access to information or records, such as an
employee of the military, a law enforcement agency, or a legitimate business, and
not as a result of criminal association with persons of investigative interest to the
JLEA; and provides such information in a manner consistent with applicable law.
The AG Guidelines requirements do not apply to Sources of Information.

10


The DEA identifies this category of persons in the DEA Special Agents Manual
as Limited Use confidential sources. According to the DEA Special Agents Manual,
to assign a confidential source to the Limited Use category, the following must be
established:
1.	 The person may be recruited by DEA, but must provide information 

independently (without direction by DEA).

2.	 This person would not be required to testify as a witness in any legal

proceeding. In other words, DEA could independently corroborate the

information supplied by the confidential source.

3.	 DEA anticipates rewarding this person for information/services rendered.
4.	 The information obtained by this person is not provided because of criminal
association with persons of investigative interest to the DEA.
According to the DEA Special Agents Manual, the role of the Limited Use
confidential source is only to provide information that has been independently and
lawfully obtained, and is of investigative interest to the DEA. Additionally, the
Limited Use category (as shown in Table 2) is regarded by DEA as low-risk and has
fewer controls and levels of supervision needed to approve establishment, use, and
payments to these sources.
During our review of CSSC data, we observed that Limited Use confidential
sources were some of the highest paid DEA confidential sources. Specifically, our
analysis of the universe of confidential source payments during the period of our
review identified that the 477 confidential sources categorized and paid solely as
Limited Use received over $26.8 million (as shown in Table 4), or an average of
over $56,000 per source. From our initial review of a sample of confidential source
files and interviews with handling agents, we learned that the DEA often used
Limited Use confidential sources to assist with DEA interdiction activities that occur
at airports, train and bus stations, and parcel companies. For example, the DEA
established employees of transportation and parcel companies as confidential
sources. We reviewed documentation related to payments made to these
confidential sources and found that the information and services provided by these
Limited Use confidential sources, some of whom have government affiliations –
such as Amtrak and TSA employees – resulted in seizures of currency, forfeiture
cases, seizures of drugs, and arrests. 12 We identified several significant areas of
concern related to the DEA’s use of these Limited Use confidential sources for its
interdiction-related activities.

12
Amtrak is considered a quasi-government organization because it is a partially
government-funded American passenger railroad service. The Amtrak Board of Directors sets policy
and oversees the management of the company and includes seven members appointed by the
President of the United States with the advice and consent of the Senate.

11


Utilization of Limited Use Confidential Sources for Interdiction Activities
To carry out its mission to enforce the controlled substances laws and
regulations of the United States, the DEA established Interdiction Units to
“effectuate seizures of illegal drugs and illegal drug proceeds.” To accomplish this
goal, these Interdiction Units conduct consensual encounters with, and searches of,
members of the public. 13 We reviewed 53 confidential source files associated with
6 different DEA field offices conducting interdiction activities, hereafter referred to
as Interdiction Units, and interviewed 13 Special Agents who utilized confidential
sources for interdiction-related activities. We found that Special Agents who work
interdiction operations recruit individuals employed in the travel industry, including
airlines, Amtrak, bus companies, and parcel facilities, to become confidential
sources. Specifically, Special Agents stated that they identify employees who have
access to traveler databases or who interact with travelers on a regular basis and
can provide the DEA with “real-time” information. The DEA also recruits individuals
who work in the parcel industry and have access to package facilities and shipment
databases or records and can provide the DEA with information. The DEA
establishes these individuals using the Limited Use confidential source category
because, according to the Special Agents Manual and DEA Agents, the DEA does not
use these confidential sources in operations to buy drugs and does not rely on them
for their knowledge, involvement, and association with criminal activity.
To recruit and establish travel and parcel industry employees as confidential
sources, Special Agents identify, or may be approached by, individuals who are
willing to participate in a working relationship with the DEA. According to Special
Agents, when these “professional” Limited Use confidential sources are established,
the DEA uses the expertise of Special Agents to instruct the sources on what
constitutes suspicious travel or suspicious parcels with the intent of having the
sources identify these suspicious activities in company databases or identify
suspicious passengers, luggage, or packages en route. Special Agents from the
Interdiction Units stated that they tell these individuals that, as confidential
sources, the DEA may compensate them for the information provided and they may
receive monetary awards if their information results in seizures and subsequent
forfeitures. According to some of these DEA Special Agents, Limited Use
confidential sources generally agree to work with the DEA because of the prospect
of receiving significant financial awards.
Once these confidential sources have an understanding of the DEA’s
“suspicious” criteria, they can make ongoing observations while conducting their
general employment activities. However, many of the highly paid confidential
sources we reviewed also conducted active searches of travel databases or physical
searches of parcel facilities for the purpose of providing the DEA with traveler
13
According to the DEA Interdiction Manual, the DEA conducts interdiction operations at
major transportation facilities to detect and stop, or at least deter movement of drugs through
conventional means of transportation. In January 2015, the OIG issued a report on The DEA’s Use of
Cold Consent Encounters at Mass Transportation Facilities, Evaluation and Inspections Division
Report 15-3.

12


itineraries and parcels. According to Special Agents, the number of tips and
amount of information contained in each tip may vary by source, but in general,
these tips are the initial foundation of many DEA interdiction events because they
are a more effective starting point than a “cold” consensual encounter. In fact,
Special Agents we interviewed from the 6 DEA Interdiction Units we reviewed
estimated that 70 to 100 percent of all of their consensual encounters were initiated
because of Limited Use confidential source tips.
After travel itinerary-related tips are received, if time allows, Special Agents
or Intelligence Analysts perform a brief background investigation to research the
passenger information included in the tip. The explanation of this process varied
slightly among Interdiction Units, but generally, Special Agents described that the
brief investigation includes a background check to prioritize the confidential source
tips and to select the most ideal passengers for consensual encounters. However,
according to these Special Agents, if time does not allow, they could use the tip as
the basis for encountering a passenger who does not have any criminal background
association. These brief investigations are time sensitive because the information
provided by the confidential sources is often regarding passengers who are already
en route to or departing the Special Agents’ location.
Similarly, Special Agents from Interdiction Units stated that for parcel-related
tips, they may perform a brief background check on parcel senders and recipients,
if time allows for it. We found that Special Agents use the tip to track packages
based on sender and receiver information and to intercept packages en route in
order to conduct controlled deliveries of suspicious packages and to perform
subsequent consensual encounters with the sender and/or receiver.
If during a consensual encounter and subsequent search the DEA finds a
person transporting illegal substances, it seizes the drugs and arrests the person.
If the DEA finds currency, Special Agents must make a determination, based on
various investigative criteria, whether the currency is related to suspected drug
proceeds and if the government should seize it. If a consensual search results in
currency being seized from someone as suspected drug proceeds, the currency is
processed through the asset forfeiture program and, unless contested, will be
deposited into the Assets Forfeiture Fund.14 The Special Agents we spoke to stated
that the funds seized during interdiction cases and consensual searches are vital in
dismantling drug organizations. The Special Agents also stated that by focusing on
money seizures the DEA may effectively shut down a drug trafficking organization
because drug proceeds represent the culmination of the organization’s efforts.
14

The DOJ Asset Forfeiture Program encompasses the seizure and forfeiture of assets that
represent the proceeds of or were used to facilitate federal crimes. The Assets Forfeiture Fund was
established to receive the proceeds of forfeitures and to pay the costs associated with the costs of
such forfeiture. The Attorney General is authorized to use the fund to pay any necessary expenses
associated with forfeiture operations, to include the payment of awards for information or assistance
leading to a civil or criminal forfeiture. The OIG is conducting a review that is examining DOJ’s asset
seizure and forfeiture activities from FY 2007 to FY 2014, with particular attention paid to the
forfeiture of seized cash, and reviewing the effects of recent DOJ policy limiting the ability of DOJ
agencies to adopt assets seized under state law.

13


In the case of both drug and currency seizures, DEA Special Agents may
request that the confidential source who provided the initial tip receive a monetary
award for their contributions to DEA cases. For seizures of currency and other
items of value, the award can be up to 25 percent of the amount realized from the
asset forfeiture, but no more than $500,000. For seizures of drugs or other
contraband, there is no formal guidance on the establishment of award amounts.
While Limited Use confidential sources used in the DEA’s interdiction-related
activities provide similar types of information, we found differences in the DEA’s
handling and use of these confidential sources. These differences were largely
dependent upon the industry toward which the field office focused its interdiction
efforts. A more detailed look at the DEA’s use of confidential sources in the
Amtrak, TSA, commercial airline, intercity bus company, and parcel industries is
provided below, by type.
Amtrak Confidential Sources 15
We found that from FY 2011 through FY 2015, the DEA established, utilized,
and/or paid at least 33 Amtrak employees as Limited Use confidential sources. 16
Based on our analysis of the DEA’s CSSC data, we estimated that the DEA paid
these employees over $1.5 million between FY 2011 and FY 2015, and appears to
have paid them more than $2.3 million historically. 17
These Amtrak employees included train attendants who could identify
passengers and their luggage, and ticket agents who could query the Amtrak
passenger name records (PNR) system to provide the DEA with passenger travel
reservations. According to Special Agents, the PNRs provided to the DEA by these
confidential sources are computerized printouts of a passenger reservation and are
selected by the confidential source based on DEA-developed indicators of suspicious
travel such as tickets purchased last minute, tickets purchased with cash, and
travel to and from drug trafficking source cities. 18 The PNR information we
reviewed generally included passenger name, origin and destination cities, trip
15
We have coordinated with the Amtrak OIG on our identification of the DEA’s use of Amtrak
employees as confidential sources.
16

We identified 33 confidential sources who were employed by Amtrak. We identified these
individuals by reviewing multiple fields in the CSSC data and looked for different variations of spelling
Amtrak or occurrences of the word “railroad.” However, despite our search, due to the various
methods DEA employees used to input this employer information, there remains the potential that we
did not identify all Amtrak employees who were used as confidential sources by the DEA.
17

This historical amount was based upon our analysis of CSSC data, which included historical
payment information as far back as 1992 for these Amtrak confidential sources. As these payments
were prior to our review period, the OIG did not reconcile historical payments found in CSSC to
documentation in the confidential source file to verify or validate the historic payment information.
18

Through its investigations and other significant information, the DEA has identified
numerous cities as “source cities” for narcotics, which is one indicator used to evaluate the risk of
narcotics trafficking and narcotics proceeds trafficking.

14


itinerary, seat and train car numbers, as well as information related to the purchase
of the fare including whether the purchase was made with cash or credit and
whether the purchase was made via the telephone or internet. Although we could
not review any PNR documentation because it was not maintained in the
confidential source files we reviewed, Special Agents told us that confidential
sources sometimes also provide passenger dates of birth.
We interviewed DEA Special Agents who used Amtrak ticket agents as
confidential sources. These agents told us that these sources provided the DEA
with PNR information on a daily basis via email, text, or telephone call. As
described above, if the Special Agents have time, they will perform a brief
background investigation on the passengers associated with the tips in an attempt
to identify passengers with narcotics violations and criminal associations. These
Special Agents used the Amtrak tip information to conduct consensual encounters
and searches with the goal of seizing currency deemed narcotics proceeds and
illegal substances, and making related arrests.
We performed a detailed review of 21 of the 33 Amtrak sources we identified.
Our review included an in-depth examination of the DEA confidential source file,
interviews with handling agents, and reviews of certain case files. Table 5 gives an
overview of the Amtrak employee Limited Use confidential sources included in our
review.
Table 5

FY 2011 to FY 2015

21 Amtrak Employee Confidential Sources

Reviewed by the OIG

Confidential Source File
Information Reviewed
Sources Tested
Number of Payments to
Tested Sources
Amount Paid to Sources

Totals
21
175
$1,397,168

Cases
170
Total Currency Seized
$7,548,204
Number of Instances an Illegal
Substance was Seized
72
Source: OIG analysis of DEA confidential source files

As previously mentioned, in January 2016, the OIG released a summary of
its findings relating to its investigation involving two Amtrak employees recruited as
confidential sources to provide the DEA with information. The investigation found
that the information reported by Amtrak employees who were established as
confidential sources could have been obtained by DEA at no cost through a joint
task force with the Amtrak Police Department (APD). However, as of January 2014,
the OIG determined that over a period of 20 years, the DEA paid one of the Amtrak
employees $854,460 for PNR information, which was a substantial waste of

15


government funds. The DEA paid the other Amtrak employee $9,701. In this
audit, we further determined that, according to the DEA’s CSSC data, the
confidential source who was paid $854,460 through January 2014 received an
additional $108,155 between January 2014 and February 2015, thus increasing the
total amount paid to this Amtrak employee to $962,615, of which $726,439 was
paid during our review period.
Moreover, we determined that even after the OIG issued its Report of
Investigation to the DEA in November 2015, the DEA continued to use Amtrak
employees as Limited Use confidential sources; as of January 2016, the DEA had
seven Amtrak sources still active. DEA Special Agents from two separate field
offices justified the continued use of these confidential sources by saying Amtrak
Detectives were often too busy and unable to provide PNRs to the DEA. In
addition, these Special Agents stated that Amtrak confidential sources, who handle
reservations as a matter of daily routine duties, were more proficient than Amtrak
Detectives at searching the Amtrak system for PNRs.
According to the DEA, the use of these confidential sources ceased when, in
March 2016, the DEA Inspections Division became aware that certain DEA field
offices continued to use Amtrak employees as confidential sources after a field
office submitted a confidential source establishment form for an Amtrak employee.
The DEA’s Confidential Source Unit identified this as an issue and elevated it to the
DEA’s Inspections Division, and the Confidential Source Unit did a subsequent query
for all active Amtrak-employed confidential sources. Based on these results, the
DEA Inspections Division mandated that three field offices deactivate the seven
active Amtrak sources that had been identified. In addition, the DEA promulgated a
highly specific interim policy in March 2016 that prohibits the establishment of
government or quasi-government employees (and contractors) as sources,
including Amtrak employees, in order to obtain information related to their official
job responsibilities. This policy was formalized in July 2016.
Transportation Security Administration Employees19
We analyzed the DEA’s CSSC data and reviewed confidential source
documentation and found that between FYs 2011 and 2015, the DEA had
approximately eight TSA employees, including security screeners, as active
confidential sources, half of whom were categorized as Limited Use confidential
sources.20 According to CSSC, the DEA paid three of these confidential sources a
total of over $94,000 during this time. Establishing, using, and paying these TSA
19

We have coordinated with the Department of Homeland Security OIG on our identification
of the DEA’s use of TSA employees as confidential sources.
20

Due in part to the aforementioned OIG investigation, we did not conduct any file reviews
related to TSA confidential sources as part of this audit. Through our review of CSSC data, we
identified eight confidential sources who were employed by TSA. However, due to the various
methods DEA employees used to input this employer information into CSSC, combined with CSSC data
integrity issues discussed later in this report, there remains the potential that we did not identify all
DEA confidential sources who were also TSA employees.

16


employees as confidential sources for providing information obtained through their
TSA positions violated DEA policy.
These findings are consistent with a prior OIG investigation, described in a
January 2016 investigative summary that examined the DEA’s establishment and
use of a TSA security screener as a Limited Use confidential source. The DEA used
the security screener to identify and provide the DEA with information pertaining to
suspicious passengers carrying large sums of money that were identified during the
course of the sources’ TSA duties. The OIG’s investigation found that registering a
TSA security screener as a confidential source violated DEA policy, which precludes
registering as a confidential source “employees of U.S. law enforcement agencies
who are working solely in their official capacity with DEA.” The OIG also found that
TSA screeners are obligated to report to law enforcement suspected criminal
activity that they observe in the course of their duties, therefore the DEA agreed to
pay for information that the screener was already obligated to provide to law
enforcement. Further, the OIG determined that asking the TSA screener to notify
the DEA of suspicious activity in exchange for a possible monetary award violated
the DEA’s Interdiction Manual, and registering the TSA screener as a confidential
source could have resulted in violations of individuals’ constitutional protection
against unreasonable searches and seizures if the TSA screener’s actions led to
subsequent DEA enforcement action.
As indicated above, in March 2016, the DEA promulgated an interim policy
that clearly and specifically prohibits the establishment of all government or
quasi-government employees or contractors, including TSA employees, as
confidential sources to obtain information related to their official job responsibilities.
Around this time, the DEA also provided the OIG with evidence that it had
deactivated all eight TSA-employed confidential sources. This policy was formalized
in July 2016.
Commercial Airline Employees
The DEA established, utilized, and paid commercial airline employees as
Limited Use confidential sources. 21 When we initiated our audit, DEA officials used
an airline employee as an example of a Limited Use confidential source and stated
that based on their employment and common dealings with the passengers, these
individuals may observe suspicious behavior or identify suspicious travel itineraries
or luggage that they can report to the DEA. Thus, these types of individuals qualify
as Limited Use confidential sources because they are not involved with criminal
activity, are professional employees, and independently provide information to the
21

We attempted to analyze the DEA’s CSSC data to identify confidential sources who were
employed within the airline industry, but due to the numerous types and large number of different
entities involved in this industry, as well as the inconsistencies related to the various methods DEA
employees used to input employer information into CSSC, we could not estimate with any certainty
the universe of DEA confidential sources employed within the airline industry. Therefore, our results
for this industry are strictly based on the universe of airline industry confidential sources whose files
we reviewed.

17


DEA. During our review of six DEA Interdiction Units, we learned that many of
these individuals were recruited by DEA Special Agents because they had access to
corporate airline databases containing detailed passenger information. During our
review of DEA confidential source files, we found that these Limited Use confidential
sources provided DEA Special Agents with passenger travel information including
itinerary information, ticket purchase information, baggage information, origin and
destination airports, connecting flights, dates of birth, flight numbers, and seat
numbers.
According to DEA Special Agents, these confidential sources send this type of
passenger information, or “tip,” to the DEA on a near daily basis via email, text, or
telephone. Similar to the process used with Amtrak confidential sources, if time
allows, Special Agents conduct a brief background investigation on the traveler
information included in the “tip,” otherwise the Special Agents rely on the “tip” as
impetus for attempting a consensual encounter with the traveler. Successful
encounters and consensual searches with commercial airline passengers result in
the seizure of currency or illegal drugs. Because these interdiction encounters take
place in airports, with higher security procedures than other modes of travel such
as trains, it is less likely that illegal drugs will be found by the DEA. Therefore, the
majority of monetary awards to airline employee confidential sources that we
reviewed were received for a “tip” that led to a DEA currency seizure.
We performed an in-depth examination of 19 confidential source files
associated with commercial airline employees. The DEA paid these 19 Limited Use
confidential sources $1,615,232 during our review period, and CSSC indicates that
they received a total of about $3 million since their establishment. These
19 confidential sources were paid for their contributions to 381 cases. The
following table gives an overview of the commercial airline employee Limited Use
confidential sources included in our review.
Table 6

FY 2011 to FY 2015

19 Commercial Airline Employee Confidential Sources

Reviewed by the OIG

Confidential Source File
Information Reviewed
Sources Tested
Number of Payments to
Tested Sources
Amount Paid to Sources
Cases

Totals
19
390
$1,615,232
381

Total Currency Seized
$14,322,107
Number of Instances an Illegal
Substance was Seized
2
Source: OIG analysis of DEA confidential source files

18

Of the confidential source files that we reviewed, we found variances in the
level of the sources’ activity with the DEA. According to Special Agents, some of
these confidential sources are more proactive than others in searching for
suspicious itineraries to provide to the DEA. These Special Agents elaborated that
after receiving award payments, some confidential sources increase their search
activity to provide more “tips” to the DEA in the hopes of obtaining additional
payments. In one file we reviewed, we found that between October 2012 and
July 2015, the DEA paid a Limited Use commercial airline employee confidential
source approximately $617,676 related to “tips” associated with 130 different
interdiction consensual encounter cases. The DEA paid the confidential source
approximately 12 percent of the total amount seized.
Bus Transportation Employees Used as Confidential Sources
The DEA established, utilized, and paid as Limited Use confidential sources,
private intercity bus company employees. 22 Generally, we found that bus
transportation-related confidential sources were established and utilized by one of
the six DEA Interdiction Units we visited. Special Agents explained to us that these
individuals are used as confidential sources because they either worked on the
buses and could provide DEA with information based upon the source’s
observations of suspicious passengers and luggage or because the sources had
access to private bus company databases and could provide passenger itinerary
information to the DEA. According to a DEA Special Agent who specializes in using
these Limited Use confidential sources, he tries to find individuals who can use their
access to the bus company database to obtain passenger manifests for buses en
route. When this DEA Special Agent uses this type of confidential source, he
requests that the source determine, and manually annotate on the manifest,
passengers who purchased their fares with cash and send the entire manifest to the
DEA via email. If time allows, the Special Agent will use the manifest provided to
perform investigative background checks to determine the most ideal persons to
engage for consensual encounters. Successful bus company-related consensual
encounters and searches will result in the seizure of currency or illegal substances,
and arrests.
We performed an in-depth examination of eight confidential source files
associated with bus company employees. The DEA paid these 8 Limited Use
confidential sources $383,112 during our review period and about $450,000
historically. The following table gives an overview of the private bus company
Limited Use confidential sources included in our review.

22

We attempted to analyze the DEA’s CSSC data to identify confidential sources who were
employed within the bus transportation industry, but due to the different entities involved in this
industry, as well as the inconsistencies related to the various methods DEA employees used to input
employer information into CSSC, we could not estimate with any certainty the universe of DEA
confidential sources employed within the bus transportation industry. Therefore, our results for this
industry are strictly based on the universe of bus transportation industry confidential sources whose
files we reviewed.

19


Table 7

FY 2011 to FY 2015

Eight Bus Transportation Company Employee Confidential Sources

Reviewed by the OIG

Confidential Source File
Information Reviewed

Totals

Sources Tested
Number of Payments to
Tested Sources
Amount Paid to Sources
Cases

8
91
$382,112
88

Total Currency Seized
$943,001
Number of Instances an Illegal
Substance was Seized
67
Source: OIG analysis of DEA confidential source files

Of the eight bus company-employed confidential source files reviewed, we
found that one bus company employee confidential source who provided the DEA
with passenger manifests was paid more frequently and higher amounts than the
other bus company sources. Specifically, between October 2012 and January 2016,
this source provided the DEA, on an almost daily basis, the entire passenger
manifest for buses traveling to or from a specific station of their private company
employer. The DEA ultimately paid this Limited Use confidential source
approximately $429,000 for the contributions to 99 interdiction-related cases. 23 In
our judgment, the daily provision of an entire passenger manifest to the DEA is
unlikely to align with the sources’ legitimate and routine employer-assigned duties.
Additionally, it would appear that the provision of this information does not require
the confidential source to make any personal observation or conclusion. The source
is simply using the employment position to procure and transfer private company
manifests to the DEA, which then results in payment from DEA. We find the DEA’s
use of this confidential source particularly concerning because the DEA encouraged
the source to provide the entire passenger manifest of a private company in
exchange for payment. We believe the legal implications of such use should be
further evaluated, as described in the Significant Concerns and Legal Implications
section below.
Parcel Company Employees as Confidential Sources
The DEA established, utilized, and paid as Limited Use confidential sources,
private parcel and courier company employees, as well as employees who work for

23
The payment amount for this source is more than the amount identified in Table 7 for all
sources reviewed because this amount reflects total payments as of January 2016, which is when we
conducted our fieldwork. We found that between September 30, 2015, and January 11, 2016, this
source was paid an additional $67,000.

20


mail reception companies. 24 During our review of confidential source files in two
DEA Interdiction Units, we found that the DEA recruited these types of sources
because they had access to company databases, access to parcels en route, or
authority to administratively open parcels without a search warrant, which
increases the potential for identifying suspicious parcels. We found that these
confidential sources not only provided the DEA with information related to
suspicious parcels, including parcel sender and recipient information, but at times
also transferred customer packages to the DEA at the DEA’s request. The DEA used
information provided by these parcel company Limited Use confidential sources to
perform background checks on the parcel recipients and, in some cases, to contact
the associated customers or to conduct controlled deliveries of the packages in an
attempt to develop a case. Successful parcel company-related consensual
encounters and searches can result in the seizure of currency and illegal narcotics.
We performed an in-depth examination of five confidential source files
associated with parcel industry employees. The DEA paid these Limited Use
confidential sources more than $1.2 million during our period of review and more
than approximately $1.6 million since their establishment. Table 8 gives an
overview of the private parcel and courier company employee Limited Use
confidential sources included in our review.
Table 8

FY 2011 to FY 2015

Nine Parcel Industry Employee Confidential Sources 

Reviewed by the OIG

Confidential Source File
Information Reviewed
Sources Tested
Number of Payments to
Tested Sources
Amount Paid to Sources

Totals
5
210
$1,202,631

Cases
205
Total Currency Seized
$5,801,994
Number of Instances an Illegal
Substance was Seized
1
Source: OIG analysis of DEA confidential source files

During our file reviews, we found that the DEA paid a parcel company
employee confidential source, who was active for more than 12 years, over
24

We attempted to analyze the DEA’s CSSC data to identify confidential sources who were
employed within the parcel and mail reception industry, but due to the numerous types and large
number of different entities involved in this industry, as well as the inconsistencies related to the
various methods DEA employees used to input employer information into CSSC, we could not estimate
with any certainty the universe of DEA confidential sources employed within the industry. Therefore,
our results for this industry are strictly based on the universe of parcel and mail reception industry
confidential sources whose files we reviewed.

21


$1 million between FY 2011 and FY 2015 for contributions to 184 parcel interdiction
seizures. As part of the confidential source’s employment duties, the confidential
source was allowed to administratively open packages that were in-process for
delivery. When this confidential source administratively opened packages and
found currency, the source would call the DEA to report it. The DEA would instruct
this source to “over-box” the original package, address the new package to the
Special Agent, and mail it to a different facility. Of note, we did not identify any
drug-related cases or seizures associated with this confidential source and found
that the confidential source only provided “tips” to the DEA for packages containing
currency; we found no instances during our review period wherein this individual
reported finding drugs or other contraband. We find this noteworthy, as it appears
the DEA fostered a relationship with this source wherein the source provided
packages that led to currency-only seizures, thus focusing the interdiction work
toward cases that do not result in the prosecution of drug trafficking offenses. The
DEA deactivated this source in April 2015, 5 months prior to our site visit, which
according to a Special Agent was at the direction of DEA management due to
scrutiny surrounding the use of these “professional” confidential sources. The same
agent told us that the DEA’s parcel interdiction work was negatively affected and
almost eliminated by the deactivation of this parcel industry confidential source.
In a different office, we identified a confidential source who was a canine
handler who appeared to provide services to a parcel company. Documentation in
the file indicated that the source and his canine identified and notified the DEA of
suspicious packages at the parcel company. After the DEA interdicted the packages
reported by the confidential source, the DEA seized over $100,000. Consequently,
the confidential source received an award payment of $19,600 for the “tip” that led
to the seizure.
Significant Concerns and Legal Implications
We identified significant concerns and potential legal implications related to
how the DEA field offices we tested used interdiction-related Limited Use
confidential sources. These issues stemmed from the DEA’s direction and guidance
to the sources, long-term and lucrative relationships with these sources, and
reliance on the sources to accomplish interdiction activities. Together, these factors
call into question whether the source is truly providing information independently or
is acting as DEA’s agent, the latter of which could have implications relating to
compliance with the Fourth Amendment’s protections against unreasonable
searches and seizures. In addition, these issues raise the question of whether
these confidential sources fit the definition and spirit of a Limited Use confidential
source.
During the OIG’s prior investigations related to the DEA’s use of Amtrak and
TSA employees as confidential sources, the OIG found that the DEA’s procedures
did not provide for adequate DEA headquarters review over the establishment and
use of these confidential sources. Based on both those investigations and this
audit, we believe that the DEA’s establishment, use, and payments to Amtrak and
TSA employees were the consequence of insufficient oversight and weak controls
22


over the Confidential Source Program. These deficiencies are also persistent in the
DEA’s process for establishing, utilizing, and paying professional transportation and
parcel industry employees as confidential sources in order to have access to private
company information.
To obtain additional perspective, we discussed our concerns with the DEA’s
Chief Counsel’s Office, an official within the Deputy Attorney General’s office, and a
Deputy Assistant Attorney General in the DOJ Criminal Division. 25 These officials
told us that they could not provide an opinion on the appropriateness of these
confidential sources because they had never reviewed or assessed the use of these
confidential sources by the DEA for its interdiction program. Furthermore, the
Deputy Assistant Attorney General stated that he was unaware of the frequency
and large sum of payments to these confidential sources. The following sections
provide specific information related to our concerns with the DEA’s use of
interdiction-related Limited Use confidential sources.
Direction to Limited Use Confidential Sources
As previously described, according to the DEA Special Agents Manual, the
Limited Use confidential source is a professional business person who, independent
of direction from the DEA, provides information to the DEA that could be
independently corroborated by the DEA. The DEA compares its Limited Use
confidential source category to what the AG Guidelines describe as a Source of
Information. However, because the DEA travel and parcel industry confidential
sources we have discussed here are generally utilized on a daily basis, for long
periods of time, and with high compensation, we do not believe that these sources
fit the definition of a Limited Use confidential source or Source of Information, as
envisioned by the DEA Special Agents Manual or the AG Guidelines.
One of the foundational elements of the Limited Use confidential source
relationship is that, while they may be recruited by the DEA, they must provide
information “independently (without direction by DEA).” We found that some of the
conduct we examined tested the boundaries of what it means to provide
information without direction. We found that Special Agents asked sources with
access to passenger travel databases to search for and provide the DEA with
suspicious travel itineraries, as defined by the DEA, or for entire passenger
manifests that contain manually entered markers to denote suspicious travelers.
Further, Special Agents requested parcel employees to provide the DEA with
information related to DEA-defined suspicious parcels and, at times, directed the
25
The Deputy Assistant Attorney General for the Criminal Division we interviewed is the
designated Department representative who participates on the DEA Sensitive Activity Review
Committee (SARC). The SARC is responsible for performing the AG Guidelines-required review of
long-term confidential sources and examining certain operational proposals to ensure the plans for
proposed sensitive investigative activities are well founded and all issues of concern are sufficiently
addressed. We discussed our concerns about activities related to DEA’s Limited Use confidential
sources with the DAAG because this official is knowledgeable of the DEA’s Confidential Source Program
and DOJ’s narcotics-related law enforcement and prosecutorial activities.

23


employees to resend suspicious packages directly to the DEA. Moreover, during our
review of confidential source files we noted instances wherein, subsequent to a
seizure or in relation to other cases, Special Agents contacted these Limited Use
confidential sources to obtain specific additional passenger information to further an
investigation. In one of these instances, Special Agents requested a confidential
source query private company systems and provide travel itinerary information for
an airline passenger, and in another case the DEA requested the travel history for a
passenger. In addition to appearing to constitute “direction,” some of these DEA
requests of confidential sources also are unlikely to align with the sources’
legitimate and routine employer-assigned duties, and therefore present additional
factors that conflict with the definition and spirit of a Limited Use confidential
source. This practice also may not align, depending on the individual
circumstances, with the AG Guidelines instruction that a law enforcement agency is
never permitted to authorize a confidential source to participate in an act designed
to obtain information for the agency that would be unlawful if conducted by a law
enforcement agent.
When asked if the confidential sources informed their employers that they
were working with the DEA, Special Agents stated that, similar to any confidential
source, their work with the DEA should be confidential. Further, some Special
Agents speculated that the employers would not condone the sources’ relationships
with the DEA and would likely terminate the confidential sources’ employment if
they knew of the relationships. Special Agents stated that the potential for
termination is part of the inherent risk in cooperating and becoming a source for
the DEA.
Based on our review of DEA policies and documentation, the Limited Use
confidential source category coincides with confidential sources who provide “tips”
to the DEA of pertinent facts passively observed during the course of routine duties
related to employment. Yet we found that the relationship created by DEA Special
Agents with some Limited Use confidential sources went beyond that of a
professional person established as a confidential source who occasionally, and
independently, provides “tips” related to suspicious activity observed during the
course of their duties. Rather, certain of the confidential sources we reviewed
appeared to be recruited and groomed to act on behalf of, or in partnership with,
the DEA to continually provide pertinent, real-time information and at times take
DEA-directed actions to advance investigations, all with an expectation of receiving
potentially significant compensation.
Moreover, the long-term, lucrative relationship between the DEA and these
travel and parcel industry employees, wherein the DEA recruits and requests that
these Limited Use confidential sources perform inquiries on company systems or to
provide information to the DEA about customer packages, and the emphasis on and
necessity of these sources to the success of the DEA’s interdiction efforts, further
raises the question of whether these employees are truly acting independently, or
acting as DEA’s agents, the latter of which could have implications relating to
compliance with the Fourth Amendment’s protections against unreasonable
searches and seizures.
24


Tracking and Handling of Confidential Source “Tips,” and the Consequences for
Subsequent Discovery Obligations
According to Special Agents from the field offices we visited, the DEA
receives interdiction-related “tips” from Limited Use confidential sources so
frequently that the Special Agents working interdiction efforts spend the majority, if
not all, of their time acting on confidential source “tips.” Further, these “tips” can
be the primary basis for reasonable suspicion for stopping a passenger, requesting
a consensual search, or intercepting a package to conduct a controlled delivery.
We identified significant concerns with how the DEA tracks the receipt of
these tips. We found that Special Agents have various ways of receiving these
“tips,” but generally receive the information on a daily basis via email or text
message, some of which are sent to government accounts and others to
non-government private accounts that are established and controlled by the Special
Agents. Additionally, we found that although some Special Agents estimated
receiving up to 20 “tips,” or passenger itineraries, per day from their Limited Use
commercial airline confidential sources, the DEA does not maintain a record of
receipt of the totality of the confidential source “tips.” Rather, information about
the tip is generally only maintained when there is a subsequent consensual
encounter that leads to an arrest or seizure, and the retained information pertains
only to the individual encounter.
The DEA requires that its confidential source files contain routine debriefing
reports, applicable case initiation reports, and all contacts, events, or activity
reports that document any activity of a confidential source. In addition, DEA policy
requires that consensual searches be reported on a DEA-6 (Report of Investigation)
investigative report within 5 working days of the search. However, during our
review of the confidential source files, we did not find any documentation of any
“tips” received from the confidential source unless there was a corresponding
successful investigative activity, namely seizures of currency or drugs and arrests.
Special Agents in the DEA field offices with Interdiction Units we reviewed informed
us that the DEA does not keep track of the number of “tips” it receives from these
Limited Use confidential sources or the total number of “tips” that DEA acts upon.
Therefore, the files do not convey an accurate or complete view of the relationship
between the confidential sources and the Special Agents. In addition, without
tracking all of the confidential source “tips” and activities, we found that the DEA
could not always provide detailed justification for payments to the confidential
sources. Specifically, Special Agents told us that in order to keep sources
motivated to continue providing “tips,” they may pay sources for “tips” even if they
do not result in arrests or seizures. As a result, in these instances the confidential
source files may not contain documentation that connected those “motivational”
confidential source payments to specific confidential source activity.
Because the DEA does not track or record this information, we could not, nor
could the DEA, evaluate the totality of these confidential sources’ contributions to
DEA-related activities, to include how many “tips” the confidential sources provided
25


to the DEA, how often these “tips” resulted in consensual encounters, and whether
those encounters led to searches and ultimately seizures or arrests. Moreover, the
DEA is unable to examine whether the information DEA agents acted upon resulted
in DEA mostly identifying individuals involved in illegal activity or instead caused
them to regularly approach innocent civilians for questioning. 26 Consequently, the
DEA does not have a full picture of all of the activity between DEA Special Agents
and these confidential sources, which significantly diminishes the DEA’s ability to
oversee and manage the Confidential Source Program.
Further, we found that DEA Special Agents do not always include evidence
that the investigation involved confidential source information in the applicable
DEA-6 investigative report and do not always accurately cross-file the DEA-6 to the
applicable confidential source file. Special Agents in one field office stated that they
do not always mention the confidential sources’ contributions because the DEA
hopes to minimize exposure of the confidential source in the event that the DEA-6
must be provided for legal proceedings. One Special Agent also said that
prosecution and defense lawyers know that this information is derived from
confidential source “tips,” so it is not necessary to explicitly explain this fact in the
DEA-6. We believe that, in connection with DEA cases that lead to criminal
charges, the failure to document all confidential source activity presents challenges
to the tracking and retrieving of such activity, and therefore could increase the risk
that some information relating to confidential sources may not be available to
prosecutors when needed in connection with legal proceedings.
In addition, by receiving personally identifiable information on
non-government private accounts, DEA Special Agents are risking that the
information is not safeguarded with appropriate controls and, as a result, may be
putting individuals’ personally identifiable information (PII) at risk. Further, the use
of non-government accounts has other implications. For example, such accounts
may not be generally accessible by DEA in connection with required record
searches, such as for legal processes and Freedom of Information Act inquiries. In
addition, they may not be maintained in accordance with records retention
regulations. We discussed this matter with DEA officials, who stated that they will
continue to explore methods to improve DEA’s operational security, vulnerability
awareness and training, and evidence retention when interacting with confidential
sources through electronic means.

26

In the OIG’s report on The DEA’s Use of Cold Consent Encounters at Mass Transportation
Facilities, January 2015, we found that the DEA did not collect sufficient data on cold consent
encounters to enable it to assess whether the encounters were being conducted in an unbiased and
effective manner. Our current audit revealed that DEA confidential sources are making significant
contributions to DEA’s interdiction activities, including providing tips leading to consensual encounters
and searches. Because DEA’s files did not provide sufficient detail on the universe of information
provided by the sources, we similarly found that the DEA would be unable to determine if the
confidential sources were applying unbiased or objective methodologies to their efforts to provide the
DEA with information.

26


Extensive Reliance on Limited Use Confidential Sources
As described above, the DEA’s interdiction activities are heavily reliant on the
use of Limited Use confidential sources. While the DEA Interdiction Manual
discusses the use of commercial airline and parcel company employees to obtain
information for cases, the Interdiction Manual does not refer to these employees as
confidential sources, nor does it contemplate that a paid relationship with these
sources would or should be established. Nevertheless, we found that the DEA
Interdiction Units we reviewed established many of these Limited Use confidential
sources solely because the sources have access to private company databases and
facilities, can provide DEA with “real-time” information pertinent to DEA’s
interdiction-related activities, and can also provide immediate responses for other
investigative research. We confirmed this through a review of deactivation forms,
which specifically indicated that the reason for deactivating many
interdiction-related Limited Use confidential sources was that they no longer had
access to an employer’s passenger record system or package facility.
DEA Special Agents stated that these private companies would not otherwise
provide the information to the DEA and that it could take months for a company to
respond to an administrative subpoena request for the same information provided
by the confidential sources. Moreover, these Special Agents also noted that the
information provided by these Limited Use confidential sources could not be
replicated or requested through any other process. Moreover, because it
presumably takes time for confidential sources to learn how to identify suspicious
itineraries and packages, Special Agents told us that when they find a source who is
proficient with the process, they strive to keep them active through monetary
incentives. These considerations, combined with the importance of these Limited
Use confidential sources to the DEA’s interdiction efforts, provided strong incentives
for the DEA field offices in our review to create a system that encourages these
sources to develop lucrative long-term relationships with the DEA.
The full extent to which these relationships can be lucrative to a confidential
source is best illustrated by examining the 4 confidential sources who worked for a
commercial airline, Amtrak, a private bus company, and a parcel company,
respectively, and were paid an average of more than $100,000 per year between
FY 2011 and FY 2015. The following table provides an overview of the payments
made to these four individuals, who were the highest paid Limited Use confidential
sources within our sample from each industry discussed in our report.

27


Table 9

FY 2011 to FY 2015

Highest Paid Limited Use Confidential Sources Reviewed by Type

Confidential Sources
Amtrak Employee
Commercial Airline Employee
Bus Company Employee
Parcel Industry Employee

No. of
Payments
FYs 11-15
74
133
78
186

Amount Paid
FYs 11-15
$726,439
$617,676
$362,112
$1,042,117

Total
Years
Active
18½
3a
4a
14

Total Paid
Historically
$962,615
$655,744
$429,212
$1,430,292

a

These confidential sources were active and receiving payments at the time of audit testing. The
total years active was calculated based on the date of audit testing.
Source: OIG analysis of DEA confidential source files and CSSC data

The frequency of payments to these confidential sources and the large dollar
amounts involved underscore the importance of properly classifying sources,
properly overseeing the payments made to them, and fully understanding the
extent to which these individuals are used and relied upon. Yet we determined
that, because these sources have been categorized as Limited Use and the types of
interdiction cases they contribute to are generally resolved through non-criminal
forfeitures, or are, as DEA Special Agents generally described them, “open and shut
cases,” there is minimal internal oversight of the DEA’s extensive use of these
Limited Use confidential sources. As mentioned, representatives from the DEA’s
Chief Counsel’s office stated that they have not reviewed the propriety of this type
of activity. We believe that the deficiencies we identified in the DEA’s use,
handling, and compensation of Limited Use confidential sources discussed in this
report raise serious questions about the appropriateness of these activities.

28


THE DEA INTELLIGENCE DIVISION’S OVERSIGHT OF

CONFIDENTIAL SOURCE ACTIVITIES AND

THE DEA’S USE OF SUB-SOURCES 

The DEA’s Intelligence Division paid approximately $30 million to
confidential sources between FYs 2011 and 2015 to provide
narcotics-related intelligence and assist in law enforcement operations.
We found significant weaknesses in the DEA’s management, oversight,
and accountability of intelligence-related confidential source
information, activities, and payments. In addition, we found that
some DEA confidential sources, including some used in
intelligence-related work, employed “sub-sources” and that this
practice was condoned by the DEA. Because the DEA has not
established processes or procedures to manage the use of
“sub-sources,” such as a risk assessment or other oversight and
control mechanisms, we believe that the use of “sub-sources” pose
significant risks to the DEA and should be further evaluated.
DEA Intelligence Division’s Confidential Source Payments and Utilization
The DEA’s Intelligence Division collects and produces narcotics intelligence
through a variety of operations, programs, and initiatives. There are seven primary
sections that comprise the Intelligence Division, as identified in the following figure.
Figure 1
Intelligence Division Organizational Chart

Source: DEA

These DEA’s Intelligence Division sections coordinate with the DEA
operational offices to initiate new investigations and enhance ongoing investigations
and prosecutions. In addition, the DEA’s Intelligence Division works with outside
agencies that produce or use narcotics intelligence to increase the efficiency in the
reporting, analysis, storage, retrieval, and exchange of narcotics-related
intelligence information within the U.S. Government. The DEA’s Office of National
Security Intelligence, which falls under the DEA’s Intelligence Division, is a member
29


of the Intelligence Community, and through this Office the DEA coordinates the
provision and receipt of drug-related national security information with other
members of the Intelligence Community.
During our audit, we found that the majority of offices within the DEA’s
Intelligence Division do not establish confidential sources or directly work with
sources, but rather provide funding to domestic or international field offices,
including the Special Operations Division, to pay for confidential source-related
activities associated with the collection of information or provision of services for
intelligence programs. We reviewed documentation related to six Intelligence
Division programs for which the DEA paid confidential sources for information and
services. 27 In general, these intelligence-related programs focus on obtaining
insight into operational activities of drug trafficking organizations. In addition,
these programs attempt to identify drug trafficking-related intelligence gaps, risks,
and threats in field offices’ areas of operation, as well as to predict the amount of
drugs produced in certain parts of the world.
We also reviewed 10 confidential source files associated with sources who
were used by the Intelligence Division. Based on our review of documentation and
confidential source data, we estimate that the DEA’s Intelligence Division paid
approximately $30 million to confidential sources between FYs 2011 and 2015.
Overall, we found that the Intelligence Divisions’ tracking process and oversight did
not adequately account for payments to confidential sources or the services and
information provided by these sources that would justify payments. As a result, the
DEA’s Intelligence Division is not ensuring that the funding it spends on these
payments are advancing DEA’s intelligence-related programs, as described in the
following sections. Further, for all but one program, the Intelligence Division has
relied on a decentralized approach for ensuring that the confidential sources who
provide drug-trafficking related intelligence are properly vetted and managed, and
this approach does not provide for adequate oversight and review.
Confidential Source Validation
Intelligence Community entities often utilize human sources of information to
assist in accomplishing their missions. As previously noted, the DEA’s Office of
National Security Intelligence is a member of the Intelligence Community and,
although this Office has not specifically established or controlled any confidential
sources, it often includes confidential source information in its intelligence products.
The Office of the Director of National Intelligence has promulgated standards for the
appropriate handling of these individuals, including validation of the sources and
27

Throughout this audit finding, we do not provide specific details about the DEA Intelligence
Division’s operations, programs, and confidential sources because of the sensitivity and classification
of the subject matter. Some of the DEA’s activities in this realm are controlled through restricted
access limitations, which the DEA developed in consultation with the Department. The DEA exercises
these controls by limiting access to individuals who have been briefed by the DEA on certain classified
programs on which the DEA works. Therefore, we will separately provide more detailed information
on our audit results specific to these areas to authorized individuals with an appropriate clearance.

30


the information they provide. In comparison, the DEA currently does not
implement an independent validation or review process for its confidential sources
because, according to DEA officials, all of its confidential sources are used primarily
for law enforcement purposes, not solely for national security or Intelligence
Community work. DEA officials told us that further validation of information or of
the confidential sources could result in delays to act on or provide the information
to its Intelligence Community partners, which could reduce the value of the
information. In addition, DEA legal and intelligence officials expressed concern over
applying the Intelligence Community’s validation and rating process to the DEA’s
confidential sources because they believe this would impact the ability of
prosecutors to effectively utilize DEA confidential sources during narcotics-related
criminal proceedings.
However, the DEA’s Intelligence Division uses information obtained from
confidential sources for its narcotics intelligence-gathering programs. In FY 2013,
the DEA transferred Special Agents to one of its Intelligence Division offices so that
it could establish, utilize, and pay its own confidential sources in connection with
one of its programs. 28 According to DEA officials associated with this program, the
DEA also instituted a multi-faceted review process to assess the validity and utility
of the information provided by these confidential sources, which we believe, based
the officials’ description, could be a very lengthy process.
Although the DEA, for the above-referenced program, has begun some
information validation and reliability assessments, the DEA has not implemented a
reliable and responsive process for all of its intelligence-gathering programs.
According to officials associated with other Intelligence Division programs, those
programs have not instituted processes for ensuring the validity and reliability of
information provided by confidential sources. These Intelligence Division programs
are thus relying upon the field offices’ determination that the information is
accurate and the confidential sources are reliable. As a result, the Intelligence
Division has not implemented a consistent process to ensure the integrity of
confidential sources and of their information that DEA uses for its
intelligence-gathering programs.
In contrast to the DEA, the Federal Bureau of Investigation (FBI), DOJ’s other
Intelligence Community member, has implemented an independent validation
process that applies to its confidential human sources, including those used for
intelligence purposes, for law enforcement efforts, or both. This independent and
centralized process requires the FBI to assess the reliability, authenticity, integrity,
and overall value of a given source based on various risk factors. According to the
FBI, the validation process requires a periodic independent FBI headquarters review
of sources, including an evaluation of sources in a broad, national context. We
believe that the DEA would benefit from discussing with the FBI its procedures for
28
The DEA Special Agents Manual requires that confidential sources be handled by Special
Agents. Employees in other types of positions, such as Intelligence Analysts, are prohibited from
handling confidential sources. Prior to FY 2013, the referenced office did not have any Special Agent
positions.

31


independently assessing sources and the impacts of this process both on the
timeliness of information sharing and on subsequent criminal prosecutions, with the
goal of implementing an independent review process that better ensures the
reliability and accuracy of confidential source information, and better reflects the
standards employed at other Intelligence Community entities. Additional oversight
by the Intelligence Division is particularly important given the deficiencies in field
office oversight of confidential sources, as described throughout this report and in
our 2015 report.
Intelligence Division Oversight of Confidential Source Payments
According to Intelligence Division officials, Intelligence Division funds
provided to field offices generally are used to pay confidential sources to provide
intelligence-related information to the DEA, which may entail also having to pay for
a sources’ travel expenses associated with intelligence-gathering endeavors or for
sources to participate in drug buys. For confidential source payments, DEA
Intelligence Division officials told us that the process to request funding generally
requires field offices to provide an email to the Intelligence Division that describes
how a confidential source can address an intelligence gap and references a case
number associated with the confidential source’s information and services. Once
Intelligence Division officials approve the request, the funds are transferred to the
field office, and the Intelligence Division presumes that the funds are used as
described. However, according to Intelligence Division officials the Intelligence
Division does not follow up with field offices to determine if the desired information
or service was actually provided, or whether the information adequately satisfied
the intelligence gap.
We asked DEA Intelligence Division officials to provide us with an overall
total, and an itemized list, of payments associated with intelligence-related
confidential sources during our review period of FY 2011 through FY 2015. The
Intelligence Division was unable to do so because it did not aggregate this
information and, although the Intelligence Division keeps a tracking log for fund
transfers to field offices for some of its intelligence-related programs, it did not
always track these payments to the level of detail that would allow them to discern
confidential source-related payments in particular. Officials instead provided us
with the overall tracking log, which we found did not always include payment
information by field office, confidential source number, or investigative case file.
We also found that not all of the programs employing confidential sources were
included in the log. However, based on our review of this log, we concluded that
the Intelligence Division spent approximately $1 million each year between FY 2011
and FY 2015 on payments to field offices for 5 intelligence-related programs, which
included (but was not limited to) payments to confidential sources.
In addition, we identified at least nine confidential sources who were
specifically associated with another intelligence program run by the DEA’s
Intelligence Division during our review period. Of those 9 confidential sources, we
found that according to CSSC the DEA paid 8 individuals approximately $25 million
between FYs 2011 and 2015. However, the DEA did not keep records of all of the
32


confidential sources paid for information and services related to intelligence
programs, so we cannot definitively determine how many sources or how much
money the DEA paid sources for this program in total.
Through our file reviews, we identified that the DEA paid one of these
confidential sources whom the DEA categorized as Protected Name more than
$30 million over a 30-year period. We found that the DEA’s Intelligence Division
would transfer funds through a wire transfer to the field office that established the
source for Special Agents to pay the confidential source. This is divergent from the
DEA’s standard process of utilizing a field offices’ Imprest Fund account to obtain
cash for confidential source payments because the payment amounts were so
large – more than $400,000 in certain instances – the cash was not available
through the Imprest Fund account. 29 We found that the non-standard process used
to pay this source resulted in the improper tracking of $2.7 million in payments to
this source between FYs 2011 and 2013, and that not all payments to the source
were recorded in the DEA’s electronic confidential source system, CSSC. DEA
officials told us that they stopped this practice.
As described, in FY 2013 the DEA’s Intelligence Division began controlling
and paying some confidential sources associated with this program directly rather
than relying on assistance from domestic field offices. DEA officials believe that this
is a marked improvement from the previous process established by the Intelligence
Division for this program. However, the oversight employed by the DEA’s
Intelligence Division still is not commensurate with the significant amount of money
that it pays to confidential sources. Specifically, of the nine sources that we
reviewed, DEA initially categorized eight of them as Limited Use or Regular Use.
While the DEA eventually revised that categorization to Protected Name, for five of
these sources the Intelligence Division received an exception from DEA’s Chief of
Operations Management that allowed the DEA to follow the oversight and review
requirements of a Limited Use confidential source. 30 According to Intelligence
Division officials, they requested this exception because the requirements
associated with the Protected Name source category would have caused security
concerns for the sources, and would have required the handling Special Agents to
travel excessively to accomplish quarterly debriefings. Yet this exception also
resulted in the DEA exercising less oversight of these highly-compensated sources,
and requiring a lower level of supervisory approval and assessment for their
establishment, use, and overall management.
The DEA’s Use of Sub-sources in Enforcement and Intelligence Activities
During our review of confidential source files at DEA field offices and the
Intelligence Division, we found that some confidential sources enlisted the
29
Imprest funds are fixed or petty-cash funds held in the form of currency and coins outside
the Department of Treasury that are advanced to designated cashiers, who in turn advance the funds
to employees for mission-related expenses.
30

Table 2 provides the requirements related to the different confidential source categories.

33


assistance of additional individuals to acquire information or to perform services for
both DEA law enforcement investigations and intelligence programs. The DEA
generally refers to these individuals, who have no formal or direct association with
the DEA, as “sub-sources.” Our review found some sources received a substantial
amount of compensation from the DEA and the file indicates that the source was
expected to provide some of those funds to sub-sources. In some instances we
reviewed, the DEA explicitly agreed to pay confidential sources for information
provided or work conducted by “sub-sources.” However, it was not always clear
from the documentation whether the confidential source had informed the “sub­
source(s)” of their relationship with the DEA, or whether the DEA knew the identity
of or amounts paid to the “sub-source(s).”
We found that although DEA officials were aware of this “sub-sourcing”
practice by some of its confidential sources, the DEA had not established processes
or procedures to govern the risks inherent in paying for and using information
provided by a “sub-source.” These risks are substantial. For example, if the DEA
cannot identify the individual who is providing information or services, it cannot
perform assessments to ensure that the individual is reliable, trustworthy, and not
an adversary. The use of “sub-sources” to provide services and information
intended to assist the DEA without the DEA’s full knowledge and awareness also
increases the chance that individuals may be conducting unauthorized illegal
activity on the DEA’s behalf.
In 2005, the OIG identified the DEA’s use of sub-sources as a concern and
noted in the report that the OIG observed 17 payments totaling $52,240 specifically
made to sources for sub-sources. At the time, the OIG did not make a
recommendation related to the DEA’s use of sub-sources, but alerted the DEA to
the matter. However, our identification of this continued practice and the lack of
guidance for the use or prohibition of “sub-sources” indicates that the DEA has not
adequately evaluated this area of the Confidential Source Program. Furthermore,
we believe that the DEA has not fully considered all of the significant risks involved
with condoning the use of “sub-source(s).”

34


DEA CONFIDENTIAL SOURCE

OVERSIGHT AND MANAGEMENT

DEA Confidential Source Program oversight and management are
carried out by both DEA field office and headquarters personnel. We
identified numerous deficiencies with the DEA’s oversight and
management of confidential sources, some of which were previously
identified in the OIG’s 2005 audit report. We found that the
headquarters-based Confidential Source Unit relies too heavily on the
judgment of field office personnel for many aspects of its Confidential
Source Program and has not provided adequate oversight to ensure
that decisions related to confidential source establishment, use, and
payments are appropriate. In addition, the DEA does not perform
comprehensive reviews of the field offices’ activities related to
confidential sources, and what oversight the DEA does perform has
been inconsistent and inadequate. As a result, we noted substantial
variations in how confidential sources are categorized, as well as
concerning instances wherein confidential sources were deactivated
due to unsatisfactory behavior yet continued to receive payment after
deactivation. In addition, we found that the DEA did not adequately
review or ensure that the information in its electronic data system
concerning confidential sources was complete, consistent, and
accurate. Finally, based on the significant deficiencies we identified
related to the DEA’s tracking, justification, and documentation of
payments to confidential sources, we concluded that the DEA did not
institute sufficiently strong internal controls over confidential source
payments. Given the sensitivity and importance of this program, we
believe there is a vital need for enhanced oversight to mitigate the
risks we have identified.
In our July 2015 audit report, we identified various instances where the
DEA’s Confidential Source Unit did not adequately coordinate with other DEA
entities involved in confidential source-related activities. 31 The lack of coordination
caused problems for the DEA in terms of implementation, oversight, and
compliance with certain policies and procedures. Throughout our continued audit
work, we concentrated on the risks associated with DEA Limited Use and
intelligence-related confidential sources. Nevertheless, in conducting our audit we
identified numerous deficiencies with the DEA’s oversight and management of
confidential sources more generally, some of which were previously identified in the
OIG’s 2005 audit report of the DEA’s payments to confidential sources. 32 These
deficiencies, which indicate a need for more proactive and coordinated
headquarters oversight and monitoring of the Confidential Source Program, are
described below in further detail.
31

OIG, Audit of the DEA's Confidential Source Policies and Oversight of Higher-Risk
Confidential Sources, Audit Report 15-28 (July 2015).
32

OIG, The DEA's Payments to Confidential Sources, Audit Report 05-25 (May 2005).

35


Confidential Source Program Oversight Responsibilities
The DEA’s processes for confidential source oversight, management, and
review are generally implemented by field office Special Agents and management
officials, the Confidential Source Unit, and the Inspections Division.
The field offices have the primary responsibility for assessing, establishing,
using, and paying confidential sources. Special Agents debrief sources, perform
risk assessments, and complete administrative forms to activate and deactivate
confidential sources. Depending on the categorization of a confidential source, the
establishment of a source must be approved at the field office level by either the
Group Supervisor, an Assistant Special Agent in Charge, or the Special Agent in
Charge. The personnel in these positions also determine and approve the
justification and amount for confidential source payments. Additionally, at each
field division, a Confidential Source Coordinator is assigned to maintain the
confidential source file and to serve as liaison between the field offices and the
Confidential Source Unit in DEA headquarters. Based on interviews with personnel
from the 9 field offices we visited, we found that many Special Agents and
Supervisory Special Agents often identified their initial training as a Special Agent,
but stated that they rely upon “on-the-job” training and the advice of their peers
regarding establishing, approving, utilizing, and paying confidential sources. In
addition, Confidential Source Coordinators we interviewed stated that they do not
validate or perform a comprehensive review of confidential sources and generally
provide only administrative support to Special Agents and Supervisory Special
Agents.
The DEA’s Confidential Source Unit is the primary DEA headquarters entity
responsible for managing the Confidential Source Program for the DEA. The unit’s
responsibilities include approving establishment and continued suitability forms,
assigning confidential source numbers, approving requests that require senior
official approval, providing guidance to Confidential Source Coordinators, and
managing aspects of CSSC. An official from this Unit referred to the Unit as the
field’s “customer service” office for confidential source-related matters, while
another official from this Unit stated that they generally accept field offices’
confidential source decisions and approvals.
The DEA’s Inspections Division’s processes are one of the main sources of
confidential source review. Generally, the Inspections Division conducts on-site
field office inspections every 4-5 years. Inspections include a review of confidential
source files and require inspectors to conduct interviews with at least 50 percent of
active confidential sources. In addition, the Inspections Division requires field
offices to conduct annual self-inspections, which also entail confidential source file
reviews and interviews. According to DEA officials, the Inspections Division’s
review is a “check” to ensure that the field offices are appropriately self-reporting
issues related to the Confidential Source Program. Based on our assessment of the
office inspection process for confidential source matters, we found that it generally
focuses on compliance and does not incorporate a substantive review of confidential
source establishment, utilization, and payment. This finding is consistent with the
36


statement of an Inspections Division official, who told us that the purpose of the
Inspections process, as it relates to confidential sources, is to ensure that proper
documentation is available in the field for field office managers to assess the
utilization of sources; the inspections process does not assess confidential source
establishment and utilization decisions, or justification for payments. We also found
that the Inspections Division reports do not include a summary assessment of the
totality of all compliance issues found or any overarching areas of improvement
needed in a field office’s Confidential Source Program.
In light of the deficiencies we identified during this audit, including the DEA’s
use of Limited Source confidential sources, the Intelligence Division’s substantial
payments to confidential sources, the lack of guidance concerning the use of “subsources,” and other deficiencies described below, we believe that the Confidential
Source Unit and Inspections Division, as the primary offices with oversight and
management responsibilities, should execute more robust oversight methods to
review field offices’ establishment, use, and payments to confidential sources.
These offices are unique within the DEA for their broad perspectives on the
Confidential Source Program, and we believe they should use that perspective to
ensure that the field offices’ decisions related to confidential sources are consistent,
appropriate, and thorough.
Confidential Source Categorization and Use Inconsistencies
The confidential source establishment process, which generally includes a
risk assessment, happens primarily at the field office level. Appropriate
categorization of sources is imperative to ensure adequate oversight and
compliance with both DEA and AG Guidelines directives for certain sources. In
addition, we believe that a consistent and accurate process for source
categorization is necessary for a well-functioning and effective Confidential Source
Program. During our confidential source file reviews, we identified the following
concerns regarding inconsistencies in the decision process for confidential source
categorization.
Application of Confidential Source Category Based on Criminal History
The DEA Special Agents Manual stipulates that Special Agents must check
the National Crime Information Center (NCIC) database for criminal histories,
warrants, and recent arrests. 33 However, the DEA Special Agents Manual does not
provide clear and consistent guidance to Special Agents for how a confidential
source’s criminal history affects the categorization of the source. Specifically, the
DEA Special Agents Manual allows for the use and payment of confidential sources
with criminal histories under the category of Restricted Use. (See Table 2 for the
requirements associated with the various categories of confidential sources.) For
the Restricted Use confidential source category, the DEA requires a greater degree
33

NCIC is an electronic clearinghouse of crime data, managed by the FBI that can be
accessed by virtually every criminal justice agency nationwide, 24 hours a day, 365 days a year to
obtain criminal history information.

37


of supervisory control and specifically cites the need for additional oversight if the
confidential source has previous offenses involving acts of violence against persons,
felony sex offenses, felony or misdemeanor offenses involving dishonesty or false
statements, or perjury. Although the Restricted Use category is the only category
that references the existence of a criminal history, other categories, such as
Regular Use and Defendant, contemplate the lack or existence of a criminal history
through the category definition. However, the DEA Special Agents Manual does not
specifically prohibit confidential sources with criminal histories from being
categorized as Limited Use. Rather, this section of the DEA Special Agents Manual
only states that to meet the categorization criteria for Limited Use, the confidential
source must not provide information that is the result of any type of criminal
association. We also determined that DEA policy does not preclude a single source
from being simultaneously placed into different categories by different DEA field
offices, a practice that would increase the risk of inconsistent and potentially
improper direction and supervision.
During our review of confidential source files, we identified instances where
the Limited Use category was used inconsistently for confidential sources with
criminal histories. Specifically, at two field offices we visited, we identified Limited
Use confidential sources whose criminal history reports included arrests for
providing false information to law enforcement, allegations of drug trafficking, and
battery. Special Agents and managers from these field offices stated that according
to their interpretation of the DEA Special Agents Manual, criminal history does not
exclude a person from being established as a Limited Use confidential source.
These DEA officials also told us that for these Limited Use confidential sources, the
individuals’ criminal histories did not affect their ability to provide services or
informational “tips” to the DEA, a statement that we found implausible for at least
some of the criminal histories we reviewed. For example, using for interdiction
activities a Limited Use confidential source who was arrested previously for
providing false information to law enforcement significantly increases the risk that
the source is unreliable and therefore that person should be subject to more
oversight than normally afforded to those in the Limited Use category.
In contrast, we found that a different field office established a “tipster,” who
was a parcel employee with a criminal history record and used in an Interdiction
Unit, as a Restricted Use confidential source rather than a Limited Use confidential
source. According to a Special Agent from that field office, the individual did not
qualify as a Limited Use confidential source due to the criminal history and instead
had to be established as a different category of source to be in compliance with the
DEA Special Agents Manual. Thus, in handling the source, this field office followed
the enhanced supervision requirements associated with Restricted Use sources, as
displayed in Table 2.
We believe that the absence of definitive policy regarding this aspect of
confidential source management increases the risk that inappropriate individuals
will be established as confidential sources or that sources will not be adequately
handled and supervised. As such, we believe that the DEA should reevaluate its
policy to ensure that it establishes appropriate procedures and controls for
38


confidential sources with criminal histories, and for ensuring that concurrent use
sources are categorized, used, and supervised appropriately.
Payments to Deactivated Confidential Sources
The DEA Special Agents Manual stipulates that Special Agents may not pay
any deactivated confidential source who was deactivated due to the source being
the subject of an arrest warrant or who committed any serious offenses. During
our review, we found two instances of payments to previously-deactivated sources
that, under the circumstances, raise serious questions of propriety.
In the first instance, the DEA reactivated a confidential source who was
deactivated for unsatisfactory behavior or performance because the source had
previously provided false testimony in trials and depositions. 34 This reactivation
was approved by DOJ officials, as well as executive-level DEA officials. During the
period of reactivation, which lasted approximately 5 years, we found that 13 DEA
field offices used this “unsatisfactory” confidential source, categorized the source as
Restricted Use, and paid the source more than $400,000. According to documents
in the confidential source’s file in one DEA field office, the confidential source
provided false statements to a prosecutor during the course of an investigation and
engaged in behavior that created adverse publicity for the DEA. The DEA field
office involved in that particular investigation deactivated the confidential source for
unsatisfactory behavior on June 24, 2013 – the second time this source had been
designated “unsatisfactory.”
DEA policy states that any confidential source declared “unsatisfactory” in an
investigation generally would not be considered for award payments or monetary
compensation. However, based on our review of CSSC data, we concluded that
both the deactivating field office and another concurrent use field office continued
to pay the confidential source after the second “unsatisfactory” designation.
Specifically, according to CSSC, between June 24, 2013, and October 24, 2014, the
DEA paid this confidential source more than $61,000 in both award payments and
payments for information – increasing the total amount paid to this source to
$469,158.
In the second instance, we found that on July 31, 2014, the DEA deactivated
a Limited Use confidential source who was the subject of an ongoing OIG
investigation. The OIG reported that as of January 2014, the DEA inappropriately
paid the confidential source, who was an Amtrak employee, over $850,000 for
34

The DEA Special Agents Manual identifies procedures to deactivate a confidential source for
unsatisfactory behavior or performance. Situations that warrant such an unsatisfactory deactivation
include a confidential source providing false statements; committing perjury; committing a felony
offense; failing to obey DEA instructions; absconding with DEA funds, equipment, or controlled
substances; withholding or planting drug or nondrug evidence; compromising an investigation; failing
to appear for trial or pretrial conferences; or engaging in behavior that is likely to endanger DEA or
other law enforcement personnel or operations, pose a threat to public safety, or create adverse
publicity for DEA. Declaring a confidential source unsatisfactory prohibits the use of the source by any
DEA office, unless formally re-established pursuant to heightened levels of approval and notification.

39


information that was available at no cost to the government, thereby wasting
substantial government funds. 35 However, according to CSSC and our review of
this confidential source’s files, the DEA paid this confidential source a total of
$962,615, of which more than $44,000 in award payments was paid after
deactivation.
While DEA policy allows deactivated confidential sources to receive payments
that are already in process, we believe that in these instances the payments to the
previously-deactivated confidential sources were not warranted because of the
issues surrounding the sources’ deactivation. In the first case, the source
committed wrongful acts that negatively impacted the DEA and twice resulted in his
being labeled “unsatisfactory.” In the second instance, the DEA scrutinized the
overall use of these confidential sources and deemed their use ill-advised, which
not only makes payments to these confidential sources during activation
questionable, but also challenges the DEA’s reasoning for post-deactivation
payments to these sources, which only added to the waste of taxpayer funds. In
these instances, we believe that the DEA officials who requested and approved the
payments did not thoroughly assess the justification for payments and, thus,
unnecessarily wasted government funds.
In addition, based on our analysis of the DEA’s CSSC data, we estimated that
the DEA paid approximately $9.4 million to more than 800 deactivated confidential
sources between FYs 2011 and 2015. While we describe in this report some
concerns about the accuracy and completeness of the data available from the DEA,
and we did not review the circumstances of all of these payments, it appears from
the information available that paying deactivated sources is common enough at the
DEA to justify much closer managerial oversight and review of such payments.
Confidential Source System Concorde Use and System Deficiencies
The DEA uses CSSC to manage and record payments to confidential sources.
While CSSC is not the official system of record for confidential source information,
it retains electronic information related to the utilization of confidential sources. It
also contains payment information that is either ingested in daily feeds from the
Unified Financial Management System (UFMS) or is manually entered by DEA
personnel. 36 For security reasons, the DEA restricts access to CSSC information to
select personnel. In the field, only the Confidential Source Coordinator, controlling
Special Agents, and their supervisors have routine access to CSSC and the official
confidential source files. Within DEA headquarters, CSSC access is generally
restricted to personnel from the Confidential Source Unit and the Office of
Information Systems.
35

OIG, DEA’s Use of Amtrak Employees.

36
The United Financial Management System is an integrated solution that provides electronic
financial transaction processing across numerous DOJ components. The DEA uses UFMS for financial
management and this system contains transaction-level information for the DEA’s payments to
confidential sources.

40


During FY 2011, the DEA implemented CSSC as a system that assists in the
management of confidential sources. The development and implementation of
CSSC was, in part, responsive to OIG recommendations in our 2005 confidential
source audit report, prior to which the DEA had an inadequate method of source
data management. During this audit, we found that the DEA has not fully deployed
all aspects of CSSC to successfully capture pertinent confidential source information
that can enhance the DEA’s oversight of the Confidential Source Program. In
addition, the control settings within CSSC are insufficient to ensure that information
entered into the system is captured in a complete, consistent, and accurate way.
For instance, CSSC includes fields regarding a confidential source’s employer,
skills, and occupation, which we believe are imperative pieces of information for the
DEA’s risk assessment, categorization, approval, use, and oversight of confidential
sources. In fact, the AG Guidelines and the DEA Special Agents Manual identify
specific occupations and employers that require additional scrutiny, and in some
cases high-level approval. However, during our review of CSSC data, we found
instances where these data fields were not used consistently, not verified, or
sometimes not completed.
We also found weak system controls in CSSC. For example, DEA Special
Agents are able to bypass certain mandatory fields because the system settings do
not identify them as mandatory. Additionally, lack of clear guidance on what
information is required and where certain information should be annotated, as well
as inadequate review of the information entered into the system, has resulted in
inconsistencies in CSSC data and the loss of valuable information. In addition, the
Confidential Source unit does not ensure that fields have a valid value entered and
has not conducted a validation review or statistical analysis of confidential source
data in CSSC. Such a review could have identified the inconsistencies and
incomplete data fields we found during our review. 37
We believe the inaccuracy and incompleteness of this data reduces the value
of CSSC in at least three ways. First, it inhibits the DEA’s ability to monitor
confidential source activity and to identify confidential sources who have certain
skill sets or associations that are needed for DEA operations or oversight. For
example, as mentioned in the section entitled Limited Use Confidential Source
Involvement in DEA Interdiction Activities, DEA headquarters officials were unaware
that field offices continued to establish and utilize Amtrak employees as confidential
sources after the OIG issued investigative reports addressing these practices. We
believe that improved internal controls over the accuracy and completeness of
information entered into CSSC could have allowed the DEA to more readily
determine and track the number of Amtrak and TSA-related confidential sources for
headquarters review and oversight.
37
For example, during our review of Limited Use confidential sources used in interdiction
activities, we attempted to identify sources by employer and occupation using various data fields.
Through basic data queries, we found that 6 percent of Limited Use confidential sources did not have
such information recorded in CSSC. Such a query would have been easy for the DEA to replicate.

41


Second, inaccurate and incomplete data can inhibit the DEA’s strategic and
proactive use of CSSC to manage and oversee the Confidential Source Program.
Although DEA officials within the Confidential Source Unit told us that they do not
currently use CSSC as an oversight tool to identify strengths, weaknesses, and
trends, nor as a means to more strategically manage the Confidential Source
Program, we believe that such uses will become increasingly beneficial as controls
are improved and the data becomes more reliable and complete.
Third, DEA officials stated that they may use information from CSSC or
directly from confidential source files to comply with discovery obligations during
criminal proceedings. Thus, it is imperative that CSSC and confidential source file
information is accurate, consistent, and complete.
Payment Oversight and Management
Based on our analysis of the DEA’s CSSC data, we found that between
FY 2011 and FY 2015, the DEA paid approximately $237 million to its domestically
established confidential sources. During our review of confidential source files, we
found deficiencies in the DEA’s tracking and oversight of payments to confidential
sources, as described below.
Payment Tracking Discrepancies
We examined 120 confidential source files and compared the payment
information to that within the CSSC data we analyzed. We also completed a limited
reliability check of CSSC data, which is discussed in the Objective, Scope, and
Methodology appendix to this report. We found numerous exceptions, including
those listed below:
•	 Payments missing from CSSC – We found documentation in a confidential
source file that supported payments to a confidential source totaling
approximately $3 million, but CSSC did not reflect these payments. We
asked DEA officials about these missing records and were told that these
payments did not appear in CSSC because they were mistakenly identified as
payments to the Special Agent who requested the payments to the
confidential source. Based on this discrepancy, a DEA finance official queried
UFMS and found more than $650,000 in additional confidential source
payments that were incorrectly associated with Special Agents rather than
confidential sources. This DEA official corrected these payment entries in
UFMS to associate them to the confidential source who received the
payments.
•	 Duplicate payment entries in CSSC – During our testing of three confidential
sources, we identified numerous instances where the CSSC record indicated
payments that were not supported by hard-copy documents in the source
file. In analyzing these payments, we found that they appeared to duplicate
other payments because they included the same amount and case number.

42


We informed DEA officials of this issue, and after reviewing CSSC and UFMS,
they confirmed that the entries were duplicates, but that the sources had
only been paid once. The DEA officials believed that this was possibly the
result of payments being entered twice, once into UFMS by finance personnel
and a second time into CSSC by a Confidential Source Coordinator.
•	 Incorrect payment reason type in CSSC - We found instances wherein
confidential source payment reasons entered into UFMS included transaction
categories for which confidential sources should not be compensated, such as
a lease or extended temporary duty. We inquired with a DEA official to
determine why these payment categories were used for confidential source
payments. According to the official, these are examples where an incorrect
payment reason type was input when the payment was entered into UFMS.
As CSSC imports confidential source payment information directly from
UFMS, the information related to these payments was also incorrect in CSSC.
These missing payments, duplicate payment entries, and incorrect payment
reasons appear to be widespread and negatively impact the accuracy of the
payment information contained within CSSC, and therefore the usefulness of CSSC
itself. Although the physical confidential source file containing confidential source
paperwork is the official file, CSSC allows Special Agents and Confidential Source
Coordinators to track and monitor annual and lifetime payments. The accuracy of
the information is therefore imperative to ensure compliance with the DEA Special
Agents Manual and AG Guidelines requirement for additional levels of approval for
many confidential sources who receive more than $100,000 annually and $200,000
in a lifetime. 38 In addition, we found that some of the DEA Confidential Source
Coordinators we interviewed use CSSC data to report payment information during
the discovery phase of a criminal prosecution. Thus, the accuracy of the CSSC
payment information is not only essential to DEA’s management of the Confidential
Source Program, but also to ensure that the government satisfies its discovery
obligations during a criminal proceeding.
When we discussed this issue with DEA officials in the Inspections Division,
the Confidential Source Unit, and field offices, they all agreed that developing a
process to reconcile payment information within CSSC and confidential source files
was a good idea. Inspections Division officials stated that this procedure could be
incorporated into the inspections process. Therefore, we recommend that the DEA
develop a process to reconcile payment information in CSSC with documentation in
the confidential source file to ensure consistency, completeness, and accuracy of
confidential source payment information.

38
This audit did not attempt to conduct a full assessment of how the DEA implements this
requirement. However, the evidence we reviewed suggested that the requirement does not trigger
additional levels of approval for some highly paid DEA confidential sources, either because of how the
confidential sources are classified or because the form of some payments to these sources are not
counted towards the annual or lifetime amounts.

43


Payment Support and Documentation Discrepancies
To begin processing payments to confidential sources, Special Agents are
required to submit to fiscal personnel both a DEA-12 form (Receipts for Cash or
Other Items) and a DEA-103 form (Voucher for Purchase of Evidence or Payment
to Confidential Source). In addition, award payments to confidential sources from
the Assets Forfeiture Fund require the completion of a specific form called a
DEA-499 (Request for Payment). The DEA Special Agents Manual requires the
"Remarks Section" of the DEA-103 to contain a brief synopsis of the basis or
justification for the payment; identify the source of funds, if provided by another
agency; and cite the investigative file document, source debriefing, or teletype that
explains or justifies the payment. The DEA Special Agents Manual requires that
the paper copies of the DEA-103s be maintained in the confidential source file.
The DEA Special Agents Manual also stipulates that all payments to
confidential sources shall be commensurate with the value of the information
provided or the assistance rendered. We found that the DEA provides its field
offices broad discretion to determine how much to pay confidential sources. 39
According to field office Supervisory Special Agents, they are aware of the
confidential sources’ involvement in cases through regular contact with Special
Agents handling the confidential sources so they do not always thoroughly examine
all of the paperwork related to the justification for payment to the confidential
sources. In general, we believe that this indicates that supervisors do not always
conduct a careful review of documentation and justification for payments, which
increases the risk that payments to confidential sources may not be appropriate.
We compared the DEA-103 forms to the CSSC payment information for
1,492 payments from 111 confidential source files. We found 289 instances
(19 percent of the payments reviewed) in which the case number and payment
reason on the DEA-103 forms did not match the information contained in CSSC.
Also, the DEA Special Agents Manual states that payments for different purposes
must be made on separate DEA-103 forms. Yet, we found 103 instances (7 percent
of payments reviewed) wherein the DEA-103 forms listed multiple payment
reasons.
Furthermore, we attempted to reconcile payments and the DEA-103 forms
with documentation in the confidential source file, to include activity and debriefing
reports that justified those payments. We found that some synopses on
DEA-103 forms only referred to an investigative file document, debriefing report, or
39
The current oversight structure allows Group Supervisors to approve individual non-award
payments up to $2,500 and Assistant Special Agents in Charge (ASACs) to approve individual nonaward payment amounts up to $25,000, which are the majority of payments to confidential sources.
Any individual non-award payments above $25,000 must be approved by DEA’s Special Agents in
Charge (SACs) with the concurrence of the Chief of the Office of Operations Management or the Chief
of International Operations. The Office of Operations Management also approves all field offices’
requests for award payments to confidential sources, but field offices determine the percentage and
amounts of award payments to confidential sources.

44


teletype rather than providing specific information to justify the payment. In some
of these instances, we could not locate the investigative file document or debriefing
report in the file and could not reconcile the payment with any justification. Other
DEA-103 forms we reviewed included a vague statement about the confidential
source’s activities to justify payment, but did not refer to an investigative file
document, debriefing report, or teletype, so we could not reconcile the payment to
any case-related report or activity. Specifically, from our review of 1,492 payments
to confidential sources, we found that 272 of those payments, or almost
17 percent, lacked appropriate justification.
Additionally, the DEA requires Special Agents to document on a DEA-103 the
purpose of the reimbursement of expenses and, whenever possible, to attach a
receipt to the DEA-103 to be included in the confidential source file. 40 If the Special
Agent does not obtain a receipt from the confidential source, the Special Agent
should provide an explanation of why a receipt was not obtained and included. We
reviewed 111 confidential source files with a total of 134 confidential source
payments associated with reimbursement for expenses. During this review, we
found that 93 of 134 of these reimbursement payments, or 69 percent, had
inadequate documentation or lacked sufficient justification for the DEA’s payment of
confidential source expenses.
The issues we found related to inadequate payment documentation and
support are longstanding problems for the DEA. Some of these deficiencies were
identified by the OIG in 2005 and by the DEA Inspections Division between
FYs 2011 and 2015. However, the DEA has not implemented adequate internal
controls and oversight mechanisms for confidential source payments to ensure that
payments to confidential sources are justified and commensurate with the
information and services provided. Therefore, we believe that the DEA should
develop internal control and review procedures that include a thorough review and
approval of the justification and documentation for confidential source payments.

40

As shown in Table 3, confidential sources can be compensated for reasonable expenses
incurred during investigation. Based upon our review of confidential source files, these expenses
could include travel costs and assistance with living expenses such as rent and cellular telephones.

45


CONCLUSION AND RECOMMENDATIONS
According to the DEA, its Confidential Source Program is one of the most
important aspects of DEA operations. DEA officials often refer to confidential
sources as the “bread and butter” of the organization and say that confidential
sources are critical to the DEA’s pursuit of combating illegal narcotics trafficking.
However, there are significant risks in using and paying confidential sources to
assist in law enforcement activities, as these individuals are often associated with
criminal activity and motivated by the potential for monetary compensation or
consideration for a reduced criminal sentence. Effective management and oversight
are imperative to optimizing the use of confidential sources, while also mitigating
the risks associated with sources. We found that, despite these significant risks,
the DEA’s management of this program did not provide sufficient oversight and
controls related to the DEA’s establishment, use, and payment of confidential
sources, in particular Limited Use and DEA intelligence-related sources.
We found that the DEA’s reliance on Limited Use confidential sources
to accomplish interdiction operations, the DEA’s direction and guidance to
these sources, and the DEA’s long-term and lucrative relationships with these
sources calls into question whether the source is truly providing information
independently or is acting as DEA’s agent, the latter of which could have
implications relating to compliance with the Fourth Amendment’s protections
against unreasonable searches and seizures. However, neither the DEA, nor
the Department, has comprehensively reviewed the use and payments to
these sources for interdiction-related purposes.
In addition, although the DEA’s Intelligence Division relies on the use of
confidential sources to support intelligence-related programs and operations and
allocates significant funding to pay confidential sources, it has not established
sufficient oversight and control procedures to independently review sources and the
information they provide, and to track payments made to these individuals. The
DEA also has not established controls over the use of “sub-sources” by its
confidential sources, which is a practice condoned by DEA Supervisory Special
Agents and Special Agents that introduces significant risks for DEA and for the
confidential sources themselves.
Further, the identification of administrative deficiencies related to the review
and approval of confidential source information is indicative of weak program
management. Inadequate documentation and insufficient internal controls and
review processes, coupled with the broad discretion used by the field offices to
determine payment amounts, are concerning because they increase the risk for
fraud, waste, and abuse in the Confidential Source Program. Given the high
frequency by which DEA offices utilize and pay confidential sources, there is a vital
need for more robust oversight to mitigate these risks.
The totality of these deficiencies highlight significant concerns related to the
adequacy of the current policies, procedures, and oversight associated with the

46


DEA’s Confidential Source Program. We believe that the DEA should evaluate all
aspects of its Confidential Source Program to ensure that it is managed effectively
and consistently. As we concluded our audit work, we informed DEA management
and program officials about our findings and concerns. These officials expressed a
firm commitment to improve the Confidential Source Program, to implement
appropriate controls over confidential sources, and to ensure that confidential
sources remain a productive and essential element used by the DEA to accomplish
its mission. To begin this process, we offer the following recommendations to help
the DEA reengineer its Confidential Source Program.
We recommend that the DEA:
1.	 Examine the practices employed related to Limited Use confidential sources
for interdiction operations as described in our report and, in coordination with
the Department, perform an assessment of the risks, benefits, and legality of
the practices.
2.	 Develop clear guidance and additional controls related to the
appropriate use of the Limited Use confidential source category to
ensure that these sources are used according to the category definition
and receive appropriate oversight that is commensurate with the
amount of compensation these sources are paid.
3.	 Establish controls to ensure complete and appropriate handling of
documentation and tracking of interactions and information received from all
confidential sources.
4.	 Develop and promulgate policy to prohibit DEA Special Agents from

using unauthorized private correspondence (e.g., e-mail accounts, text 

messages) for government business, including interactions with 

confidential sources.

5.	 Examine the practices employed related to the use of confidential

sources who provide intelligence-related information. The DEA should:

a.	 Confer with the Department and the FBI to ascertain the need for
procedures to implement an independent review of confidential
sources to assess the reliability, authenticity, integrity, and
overall value of a given source for intelligence-related purposes.
b. Require the Intelligence Division to establish procedures to
review intelligence-related information and services provided by
confidential sources to ensure the requirements of the DEA’s
intelligence efforts are met.
c.	 Ensure that the Intelligence Division adequately tracks all funds
used for confidential source-related activities.

47


6.	 Evaluate the appropriateness of the use of “sub-sources” and determine
if this practice should either be prohibited or formalized through the
issuance of policies and procedures to mitigate associated risks.
7.	 Enhance the oversight and management of the Confidential Source Program,
including measures to:
a.	 Employ more frequent and rigorous confidential source

management and oversight training to ensure consistent 

understanding and application of DEA policies.

b. Address the consistency of confidential source categorization for
sources with criminal histories and who are concurrently used by
multiple DEA offices.
c.	 Ensure controls over payments to deactivated sources include
requirements for adequate justification and approval.
d. Develop stricter internal controls for CSSC to ensure the consistency,
accuracy, and completeness of information.
e.	 Implement a reconciliation process to ensure payment records are
accurate, complete, and consistent within the confidential source files,
UFMS, and CSSC.
f.	 Establish internal control and review processes at field offices to
ensure consistent, thorough review of documentation and justification
for confidential source payments.
g. Evaluate the roles and responsibilities related to the management and
administration of the Confidential Source Program, to ensure robust
oversight of the establishment, use, and payments to confidential
sources and to ensure that the field offices are consistently and
thoroughly applying DEA policy and the AG Guidelines.
h.	 Evaluate the headquarters-level use of CSSC for strategic, DEA-wide
oversight and the review and monitoring of confidential source
information.

48


STATEMENT ON INTERNAL CONTROLS
As required by Government Auditing Standards, we tested, as appropriate,
internal controls significant within the context of our audit objectives. A deficiency
in an internal control exists when the design or operation of a control does not
allow management or employees, in the normal course of performing their assigned
functions, to timely prevent or detect: (1) impairments to the effectiveness and
efficiency of operations, (2) misstatements in financial or performance information,
or (3) violations of laws and regulations. Our evaluation of DEA’s internal controls
was not made for the purpose of providing assurance on the agency’s internal
control structures as a whole. DEA’s management is responsible for the
establishment and maintenance of internal controls.
Throughout our audit, we identified deficiencies in the DEA’s internal controls
that are significant within the context of the audit objectives. Based upon the audit
work performed we believe the deficiencies identified adversely affect the DEA’s
ability to ensure that the Confidential Source Program is appropriately and
adequately managed. These matters are discussed in detail in the Audit Findings
section of this report.
Because we are not expressing an opinion on the DEA’s internal control
structure as a whole, this statement is intended solely for the information and use
of the DEA. This restriction is not intended to limit the distribution of this report,
which is a matter of public record.

49


STATEMENT ON COMPLIANCE WITH

LAWS AND REGULATIONS

Government Auditing Standards require that we perform tests, as
appropriate given our audit scope and objectives, to obtain reasonable assurance
that DEA’s management complied with federal laws and regulations, for which
noncompliance, in our judgment, could have a material effect on the results of our
audit. DEA’s management is responsible for ensuring compliance with applicable
federal laws and regulations applicable to the Department of Justice. Although we
did not identify any federal laws or regulations that would apply specifically to the
DEA’s Confidential Source Program, we did identify such DOJ and DEA-level policies
that we considered to be significant within the context of the audit objective,
namely the Attorney General’s Guidelines Regarding the Use of Confidential
Informants and the DEA Special Agents Manual. Our audit included examining, on
a test basis, DEA’s compliance with the aforementioned policies that could have a
material effect on the DEA’s Confidential Source Program. We did so by examining
applicable DEA confidential source policies, interviewing DEA and DOJ personnel,
assessing internal control procedures and management practices, and reviewing
confidential source files and payments.
As noted in the Introduction section of this report, we previously found that
the DEA’s policies for confidential sources were not congruent with the Attorney
General’s Guidelines Regarding the Use of Confidential Informants. Throughout this
audit, the DEA has coordinated with the DOJ Criminal Division to update its policies
to ensure compliance with the AG Guidelines. However, these policies were not
implemented during the scope of our audit. As discussed in our report, we found
that DEA’s non-congruent policies and inadequate procedures related to its
Confidential Source Program resulted in significant oversight and management
deficiencies.

50


APPENDIX 1

OBJECTIVE, SCOPE, AND METHODOLOGY
Objective
The audit objective was to assess the DEA’s management and oversight of it
Confidential Source Program, to include the DEA’s oversight of payments to
confidential sources. This audit is a continuation of work reported in the OIG’s July
2015 report on The DEA's Confidential Source Policies and Oversight of Higher-Risk
Confidential Sources. Our previous audit report included findings related to the
examination of the DEA’s confidential source policies to ensure consistency with the
AG Guidelines requirements, reviewing the DEA’s oversight of certain high-risk
confidential sources and high-risk activities involving confidential sources, and
evaluating the DEA’s administration of death and disability benefits to confidential
sources.
Scope and Methodology
We conducted this performance audit in accordance with generally accepted
government auditing standards. Those standards require that we plan and perform
the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for
our findings and conclusions based on our audit objectives. We believe that the
evidence obtained provides a reasonable basis for our findings and conclusions on
our audit objective.
To accomplish our audit objective, we focused on DEA confidential sources
who were ever active in any of the DEA’s domestic offices from FY 2011 through
FY 2015. We examined DEA confidential source data and conducted work at the
following nine DEA field site locations: Albuquerque, New Mexico; Chicago, Illinois;
El Paso, Texas; Los Angeles, California; Phoenix, Arizona; Sacramento, California;
San Francisco, California; DEA Office of Special Intelligence; and the Special
Operations Division.
We interviewed DOJ officials from the Office of the Deputy Attorney General,
the Criminal Division, and two United States Attorneys’ Offices. In addition, we
interviewed DEA headquarters officials from the Office of Operations Management,
Policy and Source Management Section, Confidential Source Unit, Inspections
Division, Office of Professional Responsibility, Intelligence Division, Office of Special
Intelligence, Office of Finance, Office of Security Programs, Office of Information
Systems, and Office of Chief Counsel. We also interviewed field office and Special
Operations Division personnel, including Special Agents, Task Force Officers, Group
Supervisors, Assistant Special Agents in Charge, and Confidential Source
Coordinators. In total, we interviewed more than 50 DEA and DOJ officials.
CSSC Data Reliability Testing, Analysis, and Utilization
We coordinated with the DEA’s Confidential Source Unit and Office of
Information Systems and requested that the DEA provide the OIG with a data file

51


containing records for all confidential sources that were ever active in any DEA
domestic office between FY 2011 and FY 2015, as tracked in the Confidential
Source System Concorde (CSSC). The DEA provided an electronic file that
contained CSSC data related to the establishment, risk assessment, annual
certification, deactivation, and payments for 18,726 confidential sources. We
reviewed the DEA’s requirements for confidential source forms and payment
information to verify completeness, accuracy, and reliability of the data file we
received from the DEA. We identified that certain required fields did not have
complete, consistent, and reliable information. Specifically, we found null and
invalid values in fields such as occupation, employer name, establishment approval
date, and criminal history. Although these fields are expected to be filled out by
Special Agents, DEA officials explained that CSSC allows for exceptions, which
result in blank values, in the event that the confidential source is unemployed or
established for the purpose of a special payment. According to DEA officials, the
system controls in CSSC were not designed to prohibit Special Agents from not
entering information in required fields and, therefore, CSSC allows Special Agents
to hit the space bar to skip certain fields that they do not want to include or do not
have the information needed to complete. Officials from the DEA’s Office of
Information Systems stated that CSSC controls could be enhanced to ensure that
information is entered in a complete and consistent method.
In addition, through our data analysis and confidential source file testing, we
found that payment data was duplicated, missing, or inaccurate. DEA officials
stated that these deficiencies were generally caused by weak internal controls and
the absence of a reconciliation process between CSSC, the confidential source files,
and the Unified Financial Management System. In addition, DEA officials found that
the methodology used by the DEA’s Office of Information Systems to generate our
data file, as requested by the OIG, resulted in the creation of erroneous duplicate
information. In order to ensure data accuracy, the DEA tried to identify and delete
these duplicate errors in our data file, but, mistakenly also excluded some valid
payments because they were misidentified as erroneous duplicates. We worked
with the DEA to identify the universe of missing payments but we cannot be
assured that all were identified.
As a result of these weaknesses, we could not fully rely on the CSSC data file
to provide statistical information upon which we could base audit conclusions.
However, because this was the only data available to the OIG during the scope of
our audit related to the DEA’s Confidential Source Program, we conducted data
summary analysis, as identified in the following section, to select DEA offices for
field site visits, to identify areas of risk for further review, and to contribute to the
corroboration of certain issues identified through other analysis.
Data Analysis, Field Site Selection, and Confidential Source File Testing
We used the DEA’s CSSC data to identify sources in the following categories
that we assessed to be high-risk: confidential sources identified as requiring
special approval, confidential sources with high-risk employment, confidential
sources with large payments, and confidential sources with high frequency of
52


payments. We analyzed the CSSC data file to determine how much money the DEA
paid to the 18,726 domestically used confidential sources during the scope of our
review. According to the data, the DEA paid 9,540 sources approximately
$237 million between FY 2011 and FY 2015.
We judgmentally selected a sample of 120 confidential sources for detailed
review; these sources were paid more than $36 million during our review period.
The source files that we reviewed were located in the following offices:
Albuquerque, New Mexico; Chicago, Illinois; El Paso, Texas; Los Angeles,
Sacramento, and San Francisco, California; Phoenix, Arizona; DEA Office of Special
Intelligence; and the Special Operations Division. In addition, we reviewed a
sample of 19 investigative case files that were associated with some of the
confidential sources in our source sample. Our sample selection methodologies
were not designed with the intent of projecting our results to the population from
which the samples were selected.

53


APPENDIX 2

THE DRUG ENFORCEMENT ADMINISTRATION’S

RESPONSE TO THE DRAFT AUDIT REPORT

U. S. Department of Justice
Drug Enforcement Administration

www.dea.gov

Washington. D.C . 20537

" \)
MEMORANDUM
TO:

Carol S. Taraszka
Regional Audit Manager

g~~~~ir~~;tEt~y
FROM:

MichaMt~~1 V 1

r

Deputy Chief InspeclOr
Office of Inspections

SUBJECT: Drug Enforcement Administration's Response to the OIG Draft Report, "The Drug
Enforcement Administration '05 Management and Oversight of lIS Confidential Source Program "

The Drug Enforcement Administration (DEA) has reviewed the Department of Justice (DOJ)
Office of the Inspector General's (O IG) September 2016 Draft Report entitled, "The Drug
Enforcement Administration's Management and Oversight oj lIs C01?fidenlial Source Program. "
DEA acknowledges and appreciates OIG's effo rts in conducting a review to assess DEA's
management and oversight of the Confidenti al Source (CS) Program 10 ensure that the risks posed
by the use of CSs are appropriately handled.

Confidential sources provide invaluable contributions and assistance to DEA investigations.
However. DEA recognizes the inherent ri sk involved when relying on persons whose motivations
can be suspect. Thus, steps have been taken to mitigate identified risks.
Since the issuance ofOIG's previous report in July 20 15 regarding DEA's CS policies and its
oversight of higher-risk CSs, DEA has wo rked wit h the DOJ Criminal Division and the Office of the
Deputy Attorney General to develop clear policy in compliance wi th the Attorney General's
Guidelines regarding the use ofConfidential lnfonnants (AG Gu idelines). In July 2016. DEA issued
new policy that addresses most of the OIG's concerns in the prior report and current draft report.
However, DEA continues 10 review the program to identify areas for improvement, clarification. and
stricter guidelines.

54


Page 2

Carol S. Taraszka, Regional Audit Manager
The OIG provided seve n recommendations in the report and DEA co ncurs wi th each
recommendation. Below are DEA' s re sponses to the recommendations.

Recommendation I: Examine the practices employed related to Limited Use confidential
sources for interdiction operations as described in our report and, in coordination with the
Department, perform an assessment of the risks, benefits, and legality of the practices.
DEA Response
DEA acknowledges iss ues raised in the Report concerning the practices employed related to the
use of Limited Usc CSs for interdiction operations. For the past several months, DEA Executive

Management has been reviewing its policies governing Limited Use CSs and, in coordination
with the Department, will adopt or amend po licies as appropriate to address these concerns and
ensure that all practices arc consistent with the AG Guidelines.
Recommendation 2: Develop clear guidance and additional controls related to the
appropriate usc of the Limited Usc confidential source category to ensure that these
sources are used according to the category definition and receive appropriate oversight
that is commensurate with the amount of compensation these sources arc paid.
DEA Response
See respon se to Recommendati on I .

Recommendation 3: Establish controls to ensure complete and appropriate handling of
documentation and tracking of interactions and information received from all confidential
sources.
DEA Response
DEA has iss ued global notifications of the revised CS polices in order to enSLIre awareness
among DENs workforce and to provide clear guidance and controls related to the appropriate
use of the Limited Use CS category. Fo rmal Confidential Source Coordinator (CSC) training

has been conducted to ensure complete and appropriate handling of documentation, tracking. and
information received from all CSs. The training has been identified as annual training,
Documentation of the training has been provided 10 OIG under separate cover.

Based on these actions. DEA requests closure o f this recommendation upon issuance of the final
report.
Recommendation 4: Develop and promulgate policy to prohibit DEA Special Agents from
using unauthorized private correspondence (e.g., e-mail accounts, text messages) for
government business, including interactions with confidential sources.

55


Carol S. Taraszka, Regiona l Audit Manager

Page 3

DEA Response
DEA policy currentl y requires that Specia l Age nts preserve communicati o ns with CSs,
regardless of the method o f s uch correspo ndence. D EA ' s O ffi ce of In vesti gati ve Technology, in
conjunction w ith other DEA o ffi ces, is ex plo rin g methods to improve DEA's o pe rati ona l
security, vulnerability awareness and tra ining, and evidence retenti on w hen interacti ng with CSs
through e lectroni c mean s. Once methods and best practices are identifi ed, these gui de lines will
be formali zed into agency po licy 10 ensure compl iance in utili zing onl y authori zed modes of
co rrespondence w hen interactin g with CSs .

Recommendation 5: Examine the practices employed related to the use of confidential
sources who provide intelligence-related information. The DEA should:
a. Confer with the Department and the FBI to ascertain the need for procedures to
implement an independent review of confidential sources to assess the reliabilit)',
authenticity, integrity, and overall value of a given source for intelligence-related purposes.
DEA Response
Executi ve Manage ment is consulting w ith the FBI to di scuss their methodology re lative to CSs.
DBA will co mpare FBI' s methodology w ith DEA procedures and evaluate the applicabili ty to

DEA "s mission.
b. Require the Intelligence Division to establish procedures to review intelligence-related
information and services provided by confidential sources to ensure the requirements of
the DEA's intelligence efforts are met.
DEA Response
The Intelli gence Di vision is deve loping fo rma l standard o peratin g procedures to rev iew
intelli gence-related info rm ati on and services provided by CSs.

e. Ensure that the Intelligence Division adequately tracks all funds used for confidential
source-related activities.
DEA Response
The standard operating procedures noted in recomme ndati o n 5b above will al so address trac king
funds used fo r inte lli gence CS re lated acti vities.

Recommendation 6: Evaluate the appropriateness of the use of "sub-sources" and
determine if this practice should either be prohibited or formalized through the issuance of
policics and procedures to mitigate associated risks.

56


Carol S. Taraszka, Regional Audit Manager

Page 4

D EA Response

DEA currently is reviewing its policies and practices on the use of sub-so urces. As part of that
review, DEA Executive Management is consulting with the FBI to discuss their methodology
re lative to CSs and the use of sub-sources. DEA will compare FBI ' s methodology with DEA
procedures and evaluate the applicability to D EA's missio n and , in coordination with the

Department. will adopt or amend policies as appropriate to ensure all practices arc consistent
with the AG Guidelines.
Recommendation 7: Enhance the oversight and management of the Confidential Source
Program, including measures to:
Employ more frequent and rigorous confidential source management and oversight
training to ensure consistent understanding and application of DEA policies.

3.

b. Address the consistency of confidential source categorization for sources with criminal
histories and who are concurrently used by multiple DEA offices.
c. Ensure controls over payments to deactivated sources include requirements for
adequate justification and approval.
d. Develop stricter internal controls for
completcness of information.

esse to ensure the consistency, accuracy, and

c. Implement a reconciliation process to ensure payment records are accurate, complete,
and consistent within the confidential sourcc files, UFMS, and CSSe.
f. Establish internal control and review proccsses at field offices to ensure consistent,
thorough review of documentation and justification for confidential source payments.
g. Evaluate the roles and responsibilities related to the management and administration of
the Confidential Source Program, to ensure robust oversight of the establishment, usc, and
payments to confidential sources and to ensure that the field offices are consistently and
thoroughly applying DEA policy and the AG Guidelines.

h. Evaluate the headquarters-level use of CSSC for strategic, DEA-wide oversight and the
review and monitoring of confidential source information.
DEA Responsc
In addi tion to pu bli shing a revised CS policy in Jul y 201 6, a corresponding global message was
al so broadcast in Jul y 20 16, to highli ght ··notable changes· to the CS policy, to instruct personnel
to review the revised policy, and to prov ide notifi cation ofa new requirement for CS

documentation re lati vc to acc uracy and completeness of the establishment form (DEA-5 12).
Formal CSC training began in September 20 16. at the DEA Academy to ensure more frequent
and ri gorous management and oversight training occurs, and to foster greater understanding and

57


Page 5

Carol S. Taraszka, Regional Audit Manager
consistent application of policies. The training also focuses on the assurance that adequate
justification and approval for payments to deactivated CSs have controls in place.

DEA's Office of Inspections has also revised the CS checklists for utili zation during the
inspection process to ensure compliance by DEA field offices regarding the newly implemented
policy directivess. The checklists have been provided to 010 und er separate cover.
Executive management continues to discuss ways to further evaluate and enhance DEA's
oversight, effecti veness, and consistency relative to the overall management and oversight of the
CS program.

Based on these actions, DEA requests closure of recommendations 7a, b, c, and f upon issuance
of the final report.
Thank you for the opportunity to respond to the recommendations made in the 010 report . If
you have any questions regarding this response, please contact the Audit Liai son Team. on 202-3078200.

58


APPENDIX 3

OFFICE OF THE INSPECTOR GENERAL

ANALYSIS AND SUMMARY OF ACTIONS

NECESSARY TO CLOSE THE REPORT

The OIG provided a draft of this audit report to the DEA. The DEA's response
is incorporated in Appendix 2 of this final report. The following provides the OIG
analysis of the response and summary of actions necessary to close the report.
Recommendations to the DEA:
1.	 Examine the practices employed related to Limited Use confidential
sources for interdiction operations as described in our report and, in
coordination with the Department, perform an assessment of the
risks, benefits, and legality of the practices.
Resolved. The DEA concurred with our recommendation. The DEA’s
response acknowledges issues raised in the report related to the use of
Limited Use confidential sources for interdiction operations. The DEA stated
that DEA Executive Management has been reviewing the policies governing
Limited Use confidential sources and, in coordination with the Department,
will adopt or amend policies as appropriate to address these concerns and
ensure that all practices are consistent with the Attorney General’s Guidelines
Regarding the Use of Confidential Informants (AG Guidelines).
This recommendation can be closed when we receive evidence that the DEA
has examined practices employed related to Limited Use confidential sources
for interdiction operations as described in our report and, in coordination with
the Department, performed an assessment of the risks, benefits, and legality
of the practices.
2.	 Develop clear guidance and additional controls related to the
appropriate use of the Limited Use confidential source category
to ensure that these sources are used according to the category
definition and receive appropriate oversight that is
commensurate with the amount of compensation these sources
are paid.
Resolved. The DEA concurred with our recommendation. The DEA referred
to its response for Recommendation 1, which acknowledged issues raised in
the report concerning the DEA’s use of Limited Use confidential sources for
interdiction operations. The DEA stated that DEA Executive Management has
been reviewing its policies governing Limited Use confidential sources and, in
coordination with the Department, will adopt or amend policies as
appropriate to address these concerns and ensure that all practices are
consistent with the AG Guidelines.

59


This recommendation can be closed when we receive evidence that the DEA
has developed clear guidance and additional controls related to the
appropriate use of the Limited Use confidential source category to ensure
that these sources are used according to the category definition and receive
appropriate oversight that is commensurate with the amount of
compensation these sources are paid.
3.	 Establish controls to ensure complete and appropriate handling of
documentation and tracking of interactions and information received
from all confidential sources.
Resolved. The DEA concurred with our recommendation. The DEA stated in
its response that it notified all of its employees of the revised confidential
source policies in order to ensure awareness within the DEA’s workforce and
to provide clear guidance and controls related to the appropriate use of the
Limited Use confidential source category. In addition, the DEA stated that
formal Confidential Source Coordinator training has been initiated to ensure
complete and appropriate handling of documentation, tracking, and
information received from all sources. The DEA stated that it has identified
this training as annual training and provided the OIG with the training
documentation.
The DEA requested closure of this recommendation based on these actions.
However, based on the OIG’s review of the documentation provided by the
DEA, we do not believe that this recommendation has been fully addressed.
While the DEA provided its workforce with clear and specific guidance related
to revised confidential source policies that were issued in July 2016, these
new policies primarily addressed the recommendations from our July 2015
report and the DEA’s more recent prohibition to establish as confidential
sources government or quasi-government employees, to include Amtrak and
Transportation Security Administration personnel. However, the revised
confidential source policies do not include specific instructions related to the
appropriate handling of documentation and tracking of interactions and
information received from all confidential sources.
This recommendation can be closed when we receive evidence that the DEA
has established controls to ensure complete and appropriate handling of
documentation and tracking of interactions and information received from all
confidential sources.

60


4.	 Develop and promulgate policy to prohibit DEA Special Agents
from using unauthorized private correspondence (e.g., e-mail
accounts, text messages) for government business, including
interactions with confidential sources.
Resolved. The DEA concurred with our recommendation. The DEA stated in
its response that DEA policy currently requires that Special Agents preserve
communications with confidential sources, regardless of the method of such
correspondence. Further, the DEA’s Office of Investigative Technology, in
conjunction with other DEA offices, is exploring methods to improve the
DEA’s operational security, vulnerability awareness and training, and
evidence retention when interacting with confidential sources through
electronic means. The DEA stated that once methods and best practices are
identified, guidelines will be formalized into DEA policy to ensure compliance
in utilizing only authorized modes of correspondence when interacting with
sources.
This recommendation can be closed when we receive evidence that the DEA
has developed and promulgated policy to prohibit DEA Special Agents from
using unauthorized private correspondence (e.g., e-mail accounts, text
messages) for government business, including interactions with confidential
sources.
5.	 Examine the practices employed related to the use of
confidential sources who provide intelligence-related
information. The DEA should:
a. Confer with the Department and the FBI to ascertain the
need for procedures to implement an independent review
of confidential sources to assess the reliability,
authenticity, integrity, and overall value of a given source
for intelligence-related purposes.
Resolved. The DEA concurred with our recommendation. The DEA
stated in its response that DEA Executive Management is consulting
with the FBI to discuss its methodology relative to confidential sources.
The DEA stated that it will compare the FBI’s methodology with the
DEA’s procedures and evaluate the applicability to the DEA’s mission.
This recommendation can be closed when we receive evidence that the
DEA conferred with the Department and the FBI to ascertain the need
for an independent review of confidential sources to assess the
reliability, authenticity, integrity, and overall value of a given source for
intelligence-related purposes.

61


b.	 Require the Intelligence Division to establish procedures
to review intelligence-related information and services
provided by confidential sources to ensure the
requirements of the DEA’s intelligence efforts are met.
Resolved. The DEA concurred with our recommendation. The DEA

stated in its response that the DEA Intelligence Division is developing

formal standard operating procedures to review intelligence-related

information and services provided by confidential sources.

This recommendation can be closed when we receive evidence that the
DEA’s Intelligence Division has established procedures to review
intelligence-related information and services provided by confidential
sources to ensure the requirements of the DEA’s intelligence efforts are
met.
c.	 Ensure that the Intelligence Division adequately tracks all
funds used for confidential source-related activities.
Resolved. The DEA concurred with our recommendation. The DEA

stated in its response that the standard operating procedures noted in 

Recommendation 5b will also address tracking funds used for 

intelligence-related confidential sources.

This recommendation can be closed when we receive evidence that the
DEA’s Intelligence Division is adequately tracking all funds used for
confidential source-related activities.
6.	 Evaluate the appropriateness of the use of “sub-sources” and
determine if this practice should either be prohibited or
formalized through the issuance of policies and procedures to
mitigate associated risks.
Resolved. The DEA concurred with our recommendation. The DEA stated in
its response that it is currently reviewing its policies and practices on the use
of sub-sources. The DEA stated that as part of the review, DEA Executive
Management is consulting with the FBI to discuss its methodology relative to
confidential sources and the use of sub-sources. The DEA will compare the
FBI’s methodology with DEA procedures and evaluate the applicability to the
DEA’s mission and, in coordination with the Department, adopt or amend
policies as appropriate to ensure all practices are consistent with the
AG Guidelines.
This recommendation can be closed when we receive evidence that the
DEA has evaluated the appropriateness of the use of “sub-sources” and
determined if this practice should either be prohibited or formalized
through the issuance of policies and procedures to mitigate associated
risks.
62


7.	 Enhance the oversight and management of the Confidential Source
Program, including measures to:
a. Employ more frequent and rigorous confidential source
management and oversight training to ensure consistent
understanding and application of DEA policies.
b.	 Address the consistency of confidential source
categorization for sources with criminal histories and who
are concurrently used by multiple DEA offices.
c.	 Ensure controls over payments to deactivated sources
include requirements for adequate justification and
approval.
d.	 Develop stricter internal controls for CSSC to ensure the
consistency, accuracy, and completeness of information.
e. Implement a reconciliation process to ensure payment records
are accurate, complete, and consistent within the confidential
source files, UFMS, and CSSC.
f.	 Establish internal control and review processes at field offices
to ensure consistent, thorough review of documentation and
justification for confidential source payments.
g.	 Evaluate the roles and responsibilities related to the
management and administration of the Confidential Source
Program, to ensure robust oversight of the establishment, use,
and payments to confidential sources and to ensure that the
field offices are consistently and thoroughly applying DEA
policy and the AG Guidelines.
h. Evaluate the headquarters-level use of CSSC for strategic,
DEA-wide oversight and the review and monitoring of
confidential source information.
Resolved. The DEA concurred with our recommendation. The DEA stated in
its response that in addition to publishing a revised confidential source policy
in July 2016, a corresponding global message was also broadcast to all
personnel to highlight “notable changes” to the confidential source policy,
instruct personnel to review the revised policy, and provide notification of a
new requirement for confidential source documentation relative to accuracy
and completeness of the source establishment form. In addition, the DEA
stated that formal Confidential Source Coordinator training began in
September 2016 to ensure more frequent and rigorous management and
oversight training occurs, and to foster greater understanding and consistent
63


application of policies. The DEA stated that its Executive Management
continues to discuss ways to further evaluate and enhance the DEA’s
oversight, effectiveness, and consistency relative to the overall management
and oversight of the Confidential Source Program. As a result of these
actions, the DEA requested that the OIG close recommendations 7a, b, c,
and f, upon issuance of the final report.
The OIG reviewed the DEA’s response and corresponding documentation and
we do not believe that we can close these subparts of recommendation 7 at
this time. The DEA has taken important first steps in employing more
rigorous confidential source management and oversight training by providing
training to its Confidential Source Coordinators and making this training an
annual requirement. However, recommendation 7a, to employ more
frequent and rigorous confidential source management and oversight training
to ensure consistent understanding and application of DEA policies, also
applies to DEA Special Agents, supervisors, and managers who are
responsible for executing the confidential source policies and requirements.
Therefore, we believe that the DEA should determine how it may provide
these employees with additional and more frequent Confidential Source
Program training.
Specific to recommendation 7b, which relates to the consistency of
confidential source categorization for sources with criminal histories and who
are concurrently used by multiple DEA offices, the DEA provided the updated
confidential source policy that now requires Senior Executive Service (SES)
mangers from concurrent use offices to coordinate the establishment and
utilization of a confidential source by both offices. However, based on our
review of the documentation that the DEA provided, there is no specific
guidance that addresses our identification of occurrences of inconsistent
categorization of Limited Use confidential sources with criminal histories.
Moreover, as noted in recommendations 1 and 2, policies governing Limited
Use sources are under DEA Executive Management review.
For recommendation 7c, which recommends that the DEA ensure controls
over payments to deactivated sources include requirements for adequate
justification and approval, the DEA stated that the training provided to
Confidential Source Coordinators focused on the assurance that adequate
justification and approval for payments to deactivated sources have controls
in place. However, the training documentation the DEA provided to the OIG
did not contain evidence that the DEA had reevaluated the controls over
payments to deactivated sources or reinforced to Confidential Source
Coordinators the requirements for adequate justification and approval of such
payments.
Finally, in response to recommendation 7f, to establish internal control and
review processes at field offices to ensure consistent, thorough review of
documentation and justification for confidential source payments, the DEA
stated that the Office of Inspections has revised the confidential source
64


checklists utilized during the inspections process to ensure field office
compliance with the newly implemented policy directives. The DEA provided
these checklists to the OIG during the audit and based on our review, we
believe that the updated checklist demonstrates an improvement in this
compliance area, as it requires inspectors to identify if documentation to
support payments is contained in the confidential source file and if the
payments in the source file correspond to the data contained in CSSC.
However, we found that this checklist does not provide instructions or a
requirement to thoroughly review and assess DEA field offices’ justification
for confidential source payments to ensure that all payments are appropriate
and supported.
For the above-mentioned reasons, the OIG believes that this
recommendation, in its entirety, should remain open. The DEA’s response
indicates that DEA Executive Management continues to discuss ways to
further evaluate and enhance the oversight, effectiveness, and consistency
relative to the overall management and oversight of the DEA’s Confidential
Source Program. We look forward to the results of this evaluation and the
resulting enhancements in the DEA’s management and use of confidential
sources. This recommendation can be closed when we receive evidence that
the DEA has enhanced the oversight and management of the Confidential
Source Program, including measures to address all subparts of this
recommendation.

65


The Department of Justice Office of the Inspector General
(DOJ OIG) is a statutorily created independent entity
whose mission is to detect and deter waste, fraud,
abuse, and misconduct in the Department of Justice, and
to promote economy and efficiency in the Department’s
operations. Information may be reported to the DOJ
OIG’s hotline at www.justice.gov/oig/hotline or
(800) 869-4499.

Office of the Inspector General
U.S. Department of Justice
www.justice.gov/oig
66