[House Hearing, 116 Congress]
[From the U.S. Government Publishing Office]



 
         DEPARTMENT OF HOMELAND SECURITY APPROPRIATIONS FOR 2020

_______________________________________________________________________

                                 HEARINGS

                                 BEFORE A

                           SUBCOMMITTEE OF THE

                       COMMITTEE ON APPROPRIATIONS

                         HOUSE OF REPRESENTATIVES

                      ONE HUNDRED SIXTEENTH CONGRESS

                              FIRST SESSION

                                _________

                    SUBCOMMITTEE ON HOMELAND SECURITY

              LUCILLE ROYBAL-ALLARD, California, Chairwoman

  HENRY CUELLAR, Texas                   CHUCK FLEISCHMANN, Tennessee
  C. A. DUTCH RUPPERSBERGER, Maryland    STEVEN M. PALAZZO, Mississippi
  DAVID E. PRICE, North Carolina         DAN NEWHOUSE, Washington
  DEBBIE WASSERMAN SCHULTZ, Florida      JOHN H. RUTHERFORD, Florida
  GRACE MENG, New York
  PETE AGUILAR, California

 
  NOTE: Under committee rules, Mrs. Lowey, as chairwoman of the full 
committee, and Ms. Granger, as ranking minority member of the full 
committee, are authorized to sit as members of all subcommittees.

             Darek Newby, Michael S. Herman, Robert Joachim,
            Kris Mallard, Karyn Richman, and Elizabeth Lapham
                            Subcommittee Staff

                                  _____

                                  PART 2
                     DEPARTMENT OF HOMELAND SECURITY

                                                                   Page
  Department of Homeland Security--
Office of Inspector General......................................     1
                                                                     
 Federal Emergency Management Agency............................     67
                                                                    
Securing Federal Networks and State 
Election Systems................................................    123
                                                                    
  United States Coast Guard.....................................    167
                                                                   
  Transportation Security Administration .......................    199
  
                                                                    

 GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]                                  

                              _______

          Printed for the use of the Committee on Appropriations
          

                    U.S. GOVERNMENT PUBLISHING OFFICE
 37-150
                           WASHINGTON : 2019
                            



                      COMMITTEE ON APPROPRIATIONS

                                ----------                              
                  NITA M. LOWEY, New York, Chairwoman


  MARCY KAPTUR, Ohio                   KAY GRANGER, Texas
  PETER J. VISCLOSKY, Indiana          HAROLD ROGERS, Kentucky
  JOSE E. SERRANO, New York            ROBERT B. ADERHOLT, Alabama
  ROSA L. DeLAURO, Connecticut         MICHAEL K. SIMPSON, Idaho
  DAVID E. PRICE, North Carolina       JOHN R. CARTER, Texas
  LUCILLE ROYBAL-ALLARD, California    KEN CALVERT, California
  SANFORD D. BISHOP, Jr., Georgia      TOM COLE, Oklahoma
  BARBARA LEE, California              MARIO DIAZ-BALART, Florida
  BETTY McCOLLUM, Minnesota            TOM GRAVES, Georgia
  TIM RYAN, Ohio                       STEVE WOMACK, Arkansas
  C. A. DUTCH RUPPERSBERGER, Maryland  JEFF FORTENBERRY, Nebraska
  DEBBIE WASSERMAN SCHULTZ, Florida    CHUCK FLEISCHMANN, Tennessee
  HENRY CUELLAR, Texas                 JAIME HERRERA BEUTLER, Washington
  CHELLIE PINGREE, Maine               DAVID P. JOYCE, Ohio
  MIKE QUIGLEY, Illinois               ANDY HARRIS, Maryland
  DEREK KILMER, Washington             MARTHA ROBY, Alabama
  MATT CARTWRIGHT, Pennsylvania        MARK E. AMODEI, Nevada
  GRACE MENG, New York                 CHRIS STEWART, Utah
  MARK POCAN, Wisconsin                STEVEN M. PALAZZO, Mississippi
  KATHERINE M. CLARK, Massachusetts    DAN NEWHOUSE, Washington
  PETE AGUILAR, California             JOHN R. MOOLENAAR, Michigan
  LOIS FRANKEL, Florida                JOHN H. RUTHERFORD, Florida
  CHERI BUSTOS, Illinois               WILL HURD, Texas
  BONNIE WATSON COLEMAN, New Jersey
  BRENDA L. LAWRENCE, Michigan
  NORMA J. TORRES, California
  CHARLIE CRIST, Florida
  ANN KIRKPATRICK, Arizona
  ED CASE, Hawaii     
 

                 Shalanda Young, Clerk and Staff Director

                                   (ii)


        DEPARTMENT OF HOMELAND SECURITY APPROPRIATIONS FOR 2020

                              ----------                              

                                          Wednesday, March 6, 2019.

           OVERSIGHT HEARING--DHS OFFICE OF INSPECTOR GENERAL

                                WITNESS

JOHN V. KELLY, SENIOR OFFICIAL PERFORMING THE DUTIES OF 
    INSPECTOR GENERAL, OFFICE OF INSPECTOR GENERAL
    Ms. Roybal-Allard. The subcommittee will come to order. I 
welcome everyone to the first Department of Homeland Security 
Subcommittee hearing of the 116th Congress and my first hearing 
as chair.
    I would also like to welcome and acknowledge two new 
members of the hearing, Debbie Wasserman Schultz and Grace Meng 
on the Democratic side, and I have been--and Mr. Rutherford 
also is a new to the committee and Mr. Aguilar.
    I have been a member of this subcommittee since it was 
established in 108th Congress, following the horror and the 
tragedies of 9/11. I served as ranking member in the 114th and 
the 115th Congress. My first experience as chair of the 
subcommittee was finishing the fiscal year 2019 DHS spending 
bill. Based on that experience, I can attest to the fact that 
the role of chair is never easy and much more than merely 
funding the various DHS agencies.
    Members of the subcommittee do not always agree. In fact, 
at times, we strongly disagree on funding and policy matters. 
My experience, however, is that those disagreements are founded 
on the belief of what is in the best interest of our country. 
Our subcommittee has always had a strong tradition of 
collegiality, professionalism and bipartisan support for the 
Department's many important missions.
    As our members work together to protect our homeland, it is 
my intent that my tenure as chair will continue that tradition 
of commitment to bipartisanship, fairness and public service. I 
can think of no better partner to join me in that effort and 
the distinguished gentleman from Tennessee, Ranking Member 
Fleischmann, also a longtime member of this subcommittee. I 
would now like to turn it over to Ranking Member Fleischmann 
for his opening remarks.
    Mr. Fleischmann. Thank you, Madam Chairman, and I wish to 
congratulate you on your ascension to this position. It's not 
only well-deserve but we all look forward to working with you.
    And to my colleagues on both sides of the dais, this 
subcommittee is a subcommittee I have actually been on since I 
have been with--been an appropriator. So it's a privilege and 
we look forward to working together.
    I would also like to join in welcoming are Acting Inspector 
General Kelly to the subcommittee today. Thank you, sir, for 
being here. We look forward to hearing from your testimony.
    And Madam Chairman, I want to thank you for your work in 
the efforts of all your staff--we have already started work 
very well with staff on both sides of the aisle, and I 
appreciate that--to keep on the details and oversight of this 
massive Department across the billions of dollars, the 
multitude of programs and the thousands of agents, officers, 
mariners and all the employees to help protect our Nation and 
keep our people safe without waste, fraud or abuse.
    Thank you, Mr. Kelly; I look forward to hearing your 
testimony.
    And Madam Chairman, I yield back.
    Ms. Roybal-Allard. Thank you.
    I would like to go over some housekeeping matters. The 
order in which members will be called for questioning will be 
based on the seniority of those who were present when the 
hearing was called to order, alternating between majority and 
minority members. Also, to ensure that everyone has ample 
opportunity to ask questions, I would ask each member to keep 
their turn to the allotted 5 minutes per round.
    Mr. Kelly, thank you for joining us this morning. There are 
many critical areas for oversight of the Department of Homeland 
Security. Therefore, it is fitting to formally begin our 
hearings with the Office of the Inspector General, which is 
perhaps in the best position to inform us how the Department of 
Homeland Security is doing. Mr. Kelly, we look forward to your 
testimony, we will submit the full text of your official 
statement for the record. Please begin.
    Mr. Kelly. Madam Chairwoman, ranking member and members of 
the subcommittee, thank you for inviting me today.
    My testimony will focus on four areas: family separations, 
unannounced inspections at ICE detention facilities, 
Departmental efforts to hire and train border patrol agents and 
immigration officers, and finally oversight of FEMA disaster 
assistance work.
    Concerning family separations, in May 2018, DHS in concert 
with DOJ established a zero-tolerance policy for adult aliens 
illegally arriving in the United States minor children. In 
response to that action, I deployed a team in June to conduct 
unannounced visits at CBP and ICE facilities.
    As a result of those visits, we had six observations. 
First, DHS was not fully prepared to implement the zero-
tolerance policy. Second, the lack of fully integrated 
immigration information technology systems made it difficult 
for DHS to track separated parents and children.
    Third, DHS urged asylum-seekers to come to ports of entry 
for processing, but, at the same time, CBP regulated the number 
of asylum-seekers entering the ports. This likely resulted in 
additional illegal border crossings. Fourth, CBP detain 
children for extended periods and in facilities for short-term 
detention. Fifth, the lack of reliable data poses an obstacle 
to accurate reporting on family separations. Sixth, DHS 
dissemination of inconsistent or inaccurate information 
resulted in confusion among detained parents about the 
separation and reunification process.
    We also had four observations of the CBP facilities we 
visited; our observations cannot be generalized to other times 
or locations. First, the facilities we looked at, they 
generally appear to be in compliance with the detention 
facility standards. Second, the children had access to hygiene 
items and clean bedding.
    Third, we did not encounter issues with temperature, 
ventilation, access to emergency medical care, supervision, or 
access to phones. Fourth, for all the CBP facilities we visited 
children had access to food and snacks and did not complain of 
hunger.
    As for ICE inspections, we have conducted unannounced 
inspections at ice detention facilities since 2016. In 2017, we 
inspected five detention facilities and have significant 
concerns about the treatment and care at four of those 
facilities, where we observed potentially unsafe and unhealthy 
conditions.
    In 2018, we issued two reports. Our inspection of ICE's 
Essex County center we observed extreme mishandling of meats, 
including spoiled meat. This can spread salmonella, listeria 
and E. coli.
    This resulted in detainees filing grievances. One detainee 
wrote, for dinner, we were served meat balls that smell like 
fecal matter. Another detainee wrote, the food we received has 
been complete garbage, it's becoming impossible to eat. It gets 
worse every day. It literally looks like it came from the 
garbage dumpster. ICE agreed with our recommendations and are 
working on resolving those findings.
    For ICE's Adelanto center, we issued a Management Alert 
because we observed braided bed-sheets, referred to as nooses, 
hanging from 15 cells we visited. This is a real threat. In 
March of 2017, a detainee died after being found hanging from 
his bed sheet in a cell at this facility. Again, ICE agreed 
with our recommendations and are addressing our findings.
    Concerning the hiring and training of law enforcement 
officials, CBP and ICE continue to face significant challenges. 
In November 2017, CBP awarded Accenture a contract totaling 
nearly $300 million to recruit and hire 7,500 agents and 
officers. We determined the Accenture contract did not provide 
the promised hiring results, yet CBP Accenture--paid Accenture 
over $13 million for start up costs, recruiting expenses and 
other expenses. In return, Accenture processed two job-accepted 
individuals.
    If CBP achieved its hiring goals, our recent audit 
determined that the Federal Law Enforcement Training Centers 
did not have the capacity to train all the law enforcement 
officers CBP and ICE intended to hire. This is because FLETC 
does not have the facilities or the funding to satisfy the 
increase in training required by the hiring goals.
    As for FEMA oversight, Hurricanes Harvey, Irma and Maria 
made landfall in a four-week period during August and September 
2017. These storms rank as three of the five most expensive 
storms in U.S. history. One of the chief challenges FEMA faces 
in post-disaster environment is a vulnerability of fraud and 
abuse. Thus, OIG's criminal investigators play very active role 
during the post-disaster period. Currently, investigations 
related to FEMA represent about 30 percent of our open 
investigative caseload.
    For almost a decade we have been issuing annual FEMA 
capping audit reports. Those reports consolidate FEMA audit 
related findings and recommendations. We designed them to 
inform FEMA about significant and systemic issues of non-
compliance and program deficiencies. These reports show that 
FEMA does not manage disaster relief grants and funds 
adequately, hold states accountable for properly managing 
disaster relief funds, or provide adequate monitoring and 
technical assistance to sub-grantees.
    Madam Chairwoman, this concludes my testimony. I will be 
pleased to answer questions from you or the members of the 
committee.
    [The prepared statement of Mr. Kelly follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
        
    Ms. Roybal-Allard. Thank you, Mr. Kelly.
    In January, the OIG issued a report finding that ICE has 
repeatedly issued waivers to contract detention facilities that 
are in violation of performance standards. Largely in response 
to that report, the statement accompanying the fiscal year 2019 
funding act for DHS directs that the ICE director shall have 
sole authority to provide waivers. It also requires the 
director to notify the House and the Senate subcommittees when 
waivers are issued.
    At what point does the issuance of waivers to performance-
based standards at a facility begin to make those standards 
meaningless?
    Mr. Kelly. It is--Madam Chairwoman, it is not good to issue 
waivers to the standards. Because if you start issuing waivers 
to the standards, the compliance starts to decrease and it 
creates an environment where they will be asking for additional 
waivers.
    Ms. Roybal-Allard. So what you are saying is----
    Mr. Kelly. That they are not----
    Ms. Roybal-Allard. That there really aren't any 
circumstances where a waiver should be given?
    Mr. Kelly. We shouldn't be--they should reduce the number 
of waivers.
    Ms. Roybal-Allard. Last June, the OIG issued a report 
finding significant weaknesses in ICE's detention facility 
inspection process. In response to that report, Congress 
provided significant new funding to the Office of Detention 
Oversight with the intention of increasing the number of 
inspections for each facility from once every three years to 
twice per year.
    How do you think more frequent inspections by the Office of 
Detention Oversight will impact compliance with performance 
standards? And what other steps could ICE or this committee 
take to improve compliance?
    Mr. Kelly. Madam Chairwoman, if you are encouraging them to 
conduct more frequent inspections that is good. The report that 
you refer to pointed out that there were multiple types of 
inspections that ICE performs. And we pointed out that some of 
the inspections are not thorough enough and other inspections 
that are thorough enough are not done as frequent as possible--
as need be.
    If your recommendation is to make sure that those thorough 
inspections are done more frequently, that should improve 
quality.
    Ms. Roybal-Allard. And what plans does your office have to 
continue its oversight over ICE's detention facility 
management?
    Mr. Kelly. We can--have been doing unannounced inspections 
at the ICE facilities, as I mentioned, since 2016. And our goal 
is to continue those unannounced inspections.
    Ms. Roybal-Allard. On another topic, we continue to hear 
reports about the slow speed of disaster recovery from recent 
disasters, in particular from the 2017 hurricane season. Next 
week, we will hold a hearing on FEMA's recovery efforts related 
to 2017 and 2018 disasters.
    Members of this subcommittee and the Subcommittee on 
Transportation, and Housing and Urban Development will be 
traveling to Puerto Rico next month to see and hear firsthand 
how the recovery process is proceeding. And based on funding 
specifically provided by Congress to provide oversight of these 
activities, what is your current assessment of how things are 
going, particularly in regard to recovery efforts in Puerto 
Rico and the U.S. Virgin Islands, and are the delays we hear 
about real? And if so, what do you believe to be the crux of 
the problem?
    Mr. Kelly. Madam Chairwoman, I have been doing disaster-
related work since Hurricane Katrina, and it is sad to say that 
the recovery process is not nearly as quick as it needs to be.
    Ms. Roybal-Allard. And when do you expect to publish formal 
findings on FEMA's activities related to Puerto Rico and the 
U.S. Virgin Islands?
    Mr. Kelly. We have a number of audits going on at this 
time. We have some audits published on Puerto Rico response. 
But we have a large body of work addressing the 2017 disasters 
and we will continue to--to issue reports on--on those 
disasters.
    Ms. Roybal-Allard. And I would like to highlight the fact 
that the Inspector General for DHS is serving two customers, 
both Congress and the secretary----
    Mr. Kelly. That is correct.
    Ms. Roybal-Allard. And the relationship between an Office 
of Inspector General and the leadership of the agency it 
oversees varies across the government and--during different 
administrations.
    How closely do you work with the secretary, her senior 
leadership and her senior leaders within the Department's 
components? And is your strategic planning done in isolation or 
with input from these agency leaders?
    Mr. Kelly. Madam Chairwoman, I would say that the 
relationship that I and the--my agency has with the 
Department's senior leadership is very good. Every month, I 
meet with the deputy secretary to go over issues. Every month, 
either I or my chief counsel meets with the Department's chief 
counsel to discuss issues of concerns.
    I am--I communicate almost on a weekly basis with the 
Deputy Secretary concerning issues. I would say that we have an 
excellent relationship with the--the highest levels within the 
Department. The relationship with the components is--is a work 
in progress, depending upon which agency it is, it is better 
than the others but it is not--it is good, but it can improve.
    Mr. Fleischmann. Thank you, Madam Chairman.
    General Kelly, good morning again, sir. I went to the 
border--southwest border about a month ago to see the situation 
at three land ports of entry. It was a powerful trip to see 
what we were asking our border agents to do, to manage the 
influx of people presenting at and between the border 
situations.
    I think everyone on the trip felt that CPB needs more 
agents. However, your audit report of last week regarding CPB 
hiring outlines a troubling situation with planning and hiring 
at the agency. My first question, sir, is how best would you 
describe the Department's response to not hiring up to the 
level mandated by this committee nearly eight years ago? 
Apathy, confusion, good intentions overrun by other demands, 
how would you characterize it, sir?
    Mr. Kelly. I would say probably the latter. They have good 
intentions. They want to hire the agents; I don't think there 
is any desire for the Department or CBP not to hire the Border 
Patrol and ICE officers.
    But there is a challenge to hiring them. There's a 
relatively--the number of people that are applying for the 
positions are not always adequate to fill all those positions. 
They have to have a very rigorous process of bringing them 
onboard. We have been critical of the Department and CBP 
specifically for not strategically addressing this issue.
    The report that you refer to pointed out that back in 2011 
this committee demanded that they have a plan. They provided 
that plan to this committee in 2013, you said that that plan 
was inadequate and they haven't really come up with a better 
plan since then. And that--that is pretty much what that report 
said, I believe.
    It--the--but it is a challenging situation to get those men 
and women to perform those functions, it's a difficult issue 
and it's not an issue that just--the Border Patrol and ICE has 
with hiring with law enforcement officers, that is a 
government-wide problem.
    Mr. Fleischmann. Yes, sir. The fiscal 2019 statement of the 
manager's direct CPB to brief the committee's monthly on its 
progress toward the development of the staffing model. How 
confident are you that the agency is up to this task? And then 
as a follow-up, what questions should we be asking, sir, to 
keep the Department on track?
    Mr. Kelly. I don't want to judge as to how good they are 
going to be able to do something that they are planning to do 
that we have not looked at. We have historically found that 
they have had challenges in this area. The--we have identified 
problems with polygraphing and making sure that they are 
interviewing the right individuals in the past.
    I would look for their metrics, because often the 
Department has had poor metrics as to evaluate how well they 
are doing their job. And I would hold them accountable to their 
metrics, and try to make sure that their metrics make sense and 
that they are sufficient to achieve their goals.
    Mr. Fleischmann. Combining the issues in the report about 
hiring with the issues you highlight in the November 26th audit 
report about training capacity, I see that the Department has 
had a busy year ahead to--to address the stated 
recommendations. Say CPB successfully completes a staffing by 
the end of the year, other than issues of training and specific 
dollars for new hires are you also looking at CPB's 
capabilities to successfully onboard many new agents?
    Mr. Kelly. The answer to that is yes, we have looked at 
that. We issued a report, I believe, in 2017 or 2018 addressing 
issues with onboarding the individuals. The--it is going to be 
a challenge. The CBP--or, I am sorry, FLETC simply does not 
have the facilities or the funding to perform all the training 
that is required.
    Mr. Fleischmann. As a follow-up to that comment, sir, would 
the agency be able to successfully undertake a massive hiring 
effort?
    Mr. Kelly. They would be challenged.
    Mr. Fleischmann. Can the agency administratively field 
successful applicants?
    Mr. Kelly. They will be challenged to achieve their goals. 
They have not achieved their goals in the past. I believe last 
year was the first year that they actually had a net increase 
in the number of Border Patrol agents and it's a relatively 
small increase that--it doesn't address the 7,500 increase that 
is the goal.
    Mr. Fleischmann. Thank you, General Kelly.
    Madam Chair, I yield back.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. Yes, thank you for being here today. I 
want to get into what our chairwoman talked about a little bit, 
about your unannounced inspections.
    I think in the fiscal year 2019 spending bill the 
congressional report obligated the Office of Inspector General 
to continue its program of unannounced inspections at all the 
CBP and ICE facilities. We know that--that you have found in 
some of those unannounced inspections some really bad 
conditions that needed to be dealt with.
    And my question, to our knowledge, the OIG has been able to 
conduct a relatively few amount and is that because of your 
budgetary restraints? What do you need to be able to do more to 
have these unannounced inspections? Because from what I have 
seen so far, that is probably the best accountability we have 
when you have these unannounced inspections.
    Mr. Kelly. We appreciate the funding that this committee 
provides to the DHS OIG. The--and we will use the funding that 
you provide--provide us, and the instructions that you provide 
concerning that funding to achieve the goals that you are 
looking for. We do have to balance a lot of different issues. 
We have disaster issues, we have Coast Guard issues, there are 
other issues with CBP and ICE, we also have the Secret Service 
and we have a lot of the departmental programs that we also 
have to address.
    The chairman mentioned a strategic process that we have for 
hiring individuals--or, I am sorry, for performing the work 
that we do. And that looks at the highest risk programs within 
the Department. After becoming the Acting Inspector General, I 
revamped our jobs start process to make sure that we are 
addressing the highest risk areas within the Department.
    Homeland Security is not like some of the other agencies 
that are--that is relatively static. We have a very dynamic 
environment that we need to be able to adjust our goals and--
and priorities to what is the most important thing to both the 
Congress and to the Department because we are dual----
    Mr. Ruppersberger. And you are right about that. I believe 
that when we started the Homeland Security we had way too many 
missions with not a lot--not enough manpower or resources to do 
the job in many areas. And thank goodness, when the Coast Guard 
came over, they too do a lot without resources, but they at 
least are an old organization that was well managed, so it's a 
real challenge.
    I am going to get into one area before my time is up that 
you weren't prepared to talk about today, but that is in the 
issue of cybersecurity.
    Mr. Kelly. Yes.
    Mr. Ruppersberger. You know, the--again Homeland Security 
has a tremendous amount of responsibility and missions because 
of the new laws we passed throughout the years. And could you 
discuss with me where you think our cybersecurity programs are 
today? Do you feel that we need more--more manpower and 
technology to do the job that we have been given?
    You know, I think this is so important. One the biggest 
threats we have in our country, cybersecurity. That I would 
hope that maybe it would be considered a separate agency with a 
direct line to the President or whatever, to just make sure we 
get the funding and--and the priorities.
    But at this point, I also know that cybersecurity has been 
elevated in the Department too maybe that might help. Could you 
discuss that issue, please?
    Mr. Kelly. I would say that it is a work in progress. And I 
agree with your assessment that this is one of the highest risk 
areas that the--the Federal Government has. I have directed 
some of our staff to do that work in the cybersecurity area. 
That is a very technical area and is very difficult to attract 
and hire the people with the right capabilities to do that 
work.
    Mr. Ruppersberger. Do you work at all with NSA? I know they 
have no jurisdiction in our country, but they have a lot of 
expertise. Do you meet with Inspector General?
    Mr. Kelly. Actually, I belong to the Inspector General of 
the Intelligence Community. And we meet regularly once a 
quarter. So the answer to your question is yes, I do meet with 
him and I know Bob Storch personally.
    Mr. Ruppersberger. Are you in the process of rendering a 
report on cybersecurity--you know, with these----
    Mr. Kelly. I believe I have an ongoing engagement in that 
area.
    Mr. Ruppersberger. Well, I would like to hear more about 
that and I will have my staff contact you.
    Mr. Kelly. OK.
    Mr. Ruppersberger. OK, thank you.
    I yield back.
    Ms. Roybal-Allard. Mr. Newhouse.
    Mr. Newhouse. Thank you, Chair Roybal-Allard, I appreciate 
the--having this hearing.
    Welcome, General Kelly----
    Mr. Kelly. Thank you.
    Mr. Newhouse. I appreciate you being here and giving us an 
update on what you found at the border and some of the areas of 
responsibility that you have. I, you know, certainly this is an 
issue that is occupying a lot of our time, as it should, the 
issue of issue immigration--the bigger issue of immigration but 
also the securing our border, both on the south and the north, 
which I happen to have in the state of Washington is a concern 
as well.
    And I don't think any of us on the panel or in Congress 
would agree--or disagree that something has to change. And to 
that end I, myself, went to the border to see firsthand. In 
fact, I think I was there a similar time that your inspectors 
were at McAllen.
    Mr. Kelly. I was down there with that group myself.
    Mr. Newhouse. Oh, is that right?
    Mr. Kelly. Yes.
    Mr. Newhouse. Yes, it was kind of warm that day, if I 
recall.
    Mr. Kelly. It was. [Laughter.]
    Mr. Newhouse. I came away fairly certain in the opinion 
that we have to ensure that DHS has the tools that they need to 
do their job that we are asking them to do, and that we should 
also have proper oversight on how we treat people that are 
wanting a better life for themselves and their families.
    And in my time there, I--like I said, I toured some of 
those same areas. And while I don't--I am not going to say I 
disagree with your report, there are just parts of it that I 
think need some clarification for me. And if you would----
    Mr. Kelly. Okay.
    Mr. Newhouse. If you could address some of that, it has to 
do with the separation of the family units, whether they would 
be at a port of entry or between ports of entry. I would also 
make the point, I don't--I would agree with you that we don't 
have enough men and women at the border, as either Customs 
officials or Border Patrol agents. Like I said, we are asking 
them to do a near impossible job and we need to give them all 
the tools that they need in order to be successful.
    So could you talk a little bit more about the zero-
tolerance policy and what you witnessed there? Can you tell me 
if--in your opinion, if a family came and presented themselves, 
was that an immediate--because of the zero tolerance, was that 
an immediate flag to separate these family units?
    I would just like to have further clarification because I 
think--from what I understand in the DHS's response to your 
report--that they are, in my words, saying that you 
misrepresented or at the very least conflated their process 
that they use. So I would just like some clarification on 
whether you witnessed families automatically being separated.
    Mr. Kelly. The response that the Department had to that 
report, they said that we presented it not as clearly as--that 
there was a difference between family separations and the zero 
tolerance. And that is correct, there--that is two different 
policies. But one is caused by the other, so you can't really 
separate them but they are two different policies.
    And that is what--how we responded to that question as to 
what was the--why--when they pointed out that we didn't 
describe it--they said it made it--we made it sound as if it 
was the same policy, when in fact it was not. And if you 
actually look at the report, we don't say it is the same policy 
but one does cause the other. So that is--does that answer your 
question?
    Mr. Newhouse. But did you see families being separated?
    Mr. Kelly. When I was physically there, did I observe the 
separation of individuals? I didn't. I don't know if some of 
the other inspectors that--when we were down there did.
    Mr. Newhouse. But you, I am sure, talked to people about 
that----
    Mr. Kelly. Yes.
    Mr. Newhouse. The fact that some of that happened. Any 
reasons given for that?
    Mr. Kelly. Well, the policy is--DHS's policy is that an 
unaccompanied child--or a child should not be with someone who 
has been violating the law or needs to go to--for processing. 
At that point in time, the child is separated from the adult.
    Mr. Newhouse. I see, okay. Got you----
    Mr. Kelly. There was--there were situations where they 
talked about when the parent went to see the judge, sometimes 
that the child was--when the parent came back, the child might 
have been moved off to some other place because of some of the 
time requirements for moving the children--because they are 
only supposed to be there for a limited amount of time.
    Mr. Newhouse. Well, I see my time is expired. But I 
appreciate your answers. And like I said, this an area of great 
interest----
    Mr. Kelly. Yes.
    Mr. Newhouse. And concern. So thank you very much.
    Mr. Kelly. The issue that was--the Department had with us 
was a nuance on which--there are two policies but one causes 
another--the problem.
    Mr. Newhouse. Thank you, Madam Chair.
    Ms. Roybal-Allard. Ms. Meng.
    Ms. Meng. Thank you, chairwoman. Thank you, Ranking Member 
Fleischmann.
    And thank you to, General Kelly, for being here and for 
your service to our country. I wanted to ask about processing 
delays at USCIS. They have reached crisis levels threatening 
American families, businesses and many vulnerable populations 
seeking humanitarian relief.
    USCIS's proposed fiscal year 2019 budget requested the 
transfer of over $200 million in fee revenue out of USCIS into 
ICE. The budget specifies that that money would be used for the 
hiring of over 300 ICE enforcement officers. And this appears 
to represent part of USCIS's larger shift towards prioritizing 
immigration enforcement over the service-oriented adjudications 
at the core of the agency's mandate. What is the OIG doing to 
ensure that USCIS carries out its duties and services?
    Mr. Kelly. We do have some engagements at USCIS, but I do 
not think that we are looking into that specific issue. I can 
get back to you at a later date to let you know whether or not 
we actually do. But off the top of my head, I don't know of any 
engagements that we have in that area but I can get back to you 
on that.
    Ms. Meng. That would be great. As you probably know, the 
backlog has more than doubled in just the last year, from about 
1 million to the current backlog of 2.3 million. So I would 
appreciate that.
    I also wanted to ask about an article that came out last 
week, I think it was the Huffington Post, about Adnan Asif 
Parveen, a Muslim man who was arrested and detained in Texas. 
According to this article, CPB officers gave him pork 
sandwiches to eat for the entire duration, 6 days, of his 
detainment and ignored his religious dietary restrictions.
    Has there been or will there be any investigations into CBP 
and its treatment of detained individuals? And in the interest 
of time, I will just ask my other question. What protocol is in 
place to ensure that religious and dietary restrictions of 
detained individuals are met?
    Mr. Kelly. I don't know the answer to that question but we 
can get back to you on that. And I am not sure if we have 
opened up an investigation. We could have, but I am not sure. 
And that would be probably different than an audit but we can 
get back to you on both of those issues.
    Ms. Meng. Okay, thank you.
    And then back to the family separation issue real quick. 
What is the policy of families which are--who are separated at 
the border in terms of phone calls? If a mother is separated, 
whether her children are still at the border or elsewhere in 
the country, what are the policies for making calls?
    Mr. Kelly. There are phones available. But at times it's 
difficult to make some of those calls because it is--you don't 
know where the individual necessarily might be.
    So as I mentioned in my oral remarks, we did notice that 
there were phones available. But that doesn't necessarily mean 
that they are going to be able to communicate because they 
might not know the telephone number that they would need to be 
calling to. They might not know the area code and a variety of 
different things.
    Ms. Meng. Right. When--I know that you mentioned the 
ability to access phones. However, when many of us were at the 
border Port Isabel and McAllen, we spoke with moms who said 
that they hadn't been able to make phone calls.
    Many of these moms had the piece of paper with the phone 
numbers of relatives in this country that they wanted to call 
and it was very inconsistent across the board. Some moms were 
allowed to call once a week, some mom hadn't--moms hadn't been 
able to make phone calls for weeks on end.
    Mr. Kelly. I know some of the detention facilities that we 
went into there were phones in the areas where the mothers were 
at. Whether or not they could get through to those locations, I 
can't tell you the answer to that.
    Ms. Meng. Okay. Thank you. I yield back.
    Ms. Roybal-Allard. Mr. Aguilar.
    Mr. Aguilar. Thank you, Madam Chair.
    Mr. Kelly, thank you for your service and for being here 
today. I am concerned about the second point in your testimony 
regarding technology. The OIG report published in September 
2018, you noted that DHS did not have readily the technology 
infrastructure that was needed to track family separations when 
the President's zero-tolerance policy was created.
    You also note that there is inoperability between HHS, CBP 
and ICE that have all separate information technology systems 
to track immigrants entering the United States. The big issue 
was that CBP did not have a category for family units, as we 
understand, and unaccompanied children in their records, 
including allowing a system that didn't match those records.
    Last week, I attended a meeting with the Congressional 
Hispanic Caucus and HHS Assistant Secretary Johnson. And during 
the meeting, she expressed that she would like DHS to share 
with HHS the list of parents who were separated from their 
children and that contact information. Can you share with us 
whether DHS has access to the I.T. portals that currently house 
information related to undocumented parents and children who 
were separated specifically between CBP, and ICE and ORR?
    Mr. Kelly. As a result of that report, I ordered a audit of 
the information technology systems that exist within CBP and 
ICE to see if they can--how well they can track the--both 
parents and the children that were--that came across through 
to--into the United States. That is an ongoing audit and as 
soon as that is completed we can get that to the Department. We 
expect it to be completed sometime this summer.
    Mr. Aguilar. And how long will the Department have to 
comment on that before it's released?
    Mr. Kelly. Thirty days.
    Mr. Aguilar. Will your report also talk about the 
operability between ORR and CBP and ICE?
    Mr. Kelly. We have worked with ORR when we are down at the 
border. We did see the individuals from HHS. And there has been 
a recent HHS-OIG report addressing the--also the challenges 
with the data that is sent to them.
    Mr. Aguilar. In your opinion, should there be one portal 
that is--that can be accessed by HHS and ORR as well as CBP and 
ICE?
    Mr. Kelly. Ideally? Personally the answer is yes. And we 
are trying to--we are--we have an audit going on that is 
addressing some of those challenges, though----
    Mr. Aguilar. Okay. Will your audit--will the result of that 
audit shed better light on this issue and whether that is 
possible?
    Mr. Kelly. I intend--I expect that the answer is yes.
    Mr. Aguilar. Thank you, sir.
    In January of 2019, there was an HHS-I.G. report that 
indicated that the total number of children separated from 
their parents is unknown. With that in mind, do you anticipate 
that report will also shed some light on--on that number moving 
forward?
    Mr. Kelly. The answer is yes, but I do not know if we are 
going to be able to give a definitive answer to the--your 
question.
    Mr. Aguilar. But you might get to some of the issues that 
cause the answer being unknown?
    Mr. Kelly. That is the goal of that work, yes.
    Mr. Aguilar. Okay. Would you say that the President's--that 
President Trump's decision to announce a zero-tolerance policy 
with little notice highlighted the existing weaknesses between 
the information systems related to unaccompanied children? And 
would you say that DHS is prepared to handle any other surprise 
policies that the president may announce with?
    Mr. Kelly. I am on record for saying that they were 
unprepared for the zero-tolerance policy. And that caused 
difficulties. I am also on the record that the Department was 
not prepared for the travel ban that was established in January 
of 2017. And I--our major management challenge report that we 
issued late last year talks about the challenges that the 
Department has addressing some of these policies that they 
don't get an adequate time to plan for the consequences of.
    Mr. Aguilar. I appreciate your answer. Following up on Mr. 
Newhouse's point, when the secretary went on TV and said, 
quote, we do not have a policy of separating families at the 
border, period. And she indicated that that was misreporting, 
that it was irresponsible and unproductive, what was--what was 
your reaction to that?
    Mr. Kelly. I don't know. I don't have an answer to that 
question.
    Mr. Aguilar. I appreciate it. Thank you.
    Thank you, Madam Chair.
    Ms. Roybal-Allard. Mr. Cuellar.
    Mr. Cuellar. Thank you, Madam Chair.
    Mr. Kelly, thank you for what you do. Let me talk to you 
about the staffing model for Border Patrol.
    Mr. Kelly. Yes.
    Mr. Cuellar. I believe in 2011, this committee directed CBP 
to submit a five-year staffing and deployment plan for Border 
Patrol. They came up with a plan but it did not meet the goals 
for border security. So again, the committee requested them to 
come up with a staffing and deployment plan by December 1st, of 
2013. I believe we still don't have that plan, is that correct?
    Mr. Kelly. That is correct. We issued a report just 
recently that pointed out that you did require them in 2011 to 
prepare a plan. The plan that they provided to you in 2013, 
that was delivered to you, the committee said was unacceptable 
or not--it did not satisfy their needs.
    And our report that we just issued said that the plans are 
still not adequate to satisfy the needs of the committee. The 
Department concurred with our recommendations; however, they 
tried to minimize our findings. But we also, in our response to 
their comments, told them that we think that our findings are 
solid and that they need to get a plan to satisfy the needs for 
the committee, and it is not simply to satisfy the needs of the 
committee, it's actually to satisfy the needs of what their--
their responsibilities.
    Mr. Cuellar. Yes. And I think under a recent report, you 
said that you found that Border Patrol lacks the data 
procedures needed to determine whether it is meeting workload 
requirements related to investigative law enforcement 
activities, and Border Patrol officials are not consistently 
schedule agents work duties, or accurately document actual work 
hours and duties completed.
    Mr. Kelly. Yes. And I think we identified a large number of 
hours that they couldn't account for.
    Mr. Cuellar. Did they respond to that?
    Mr. Kelly. They concurred with our recommendations. They 
did--we are seeing an uptick in concurrence with our 
recommendations, but then tried to address the message to say 
that they are doing a better job than we are portraying. And I 
don't think that that is an accurate assessment.
    And you will see in our reports, when they tried to take 
that approach, we point out that their positions are--they are 
doing improvement--they have improvements. But it is not 
adequate to address the challenges. And so we are not saying 
that they are not trying to improve and we are not making--we 
are not saying that they are not making any improvements, but 
they are just not up to what they needed to do.
    Mr. Cuellar. Right. And as you know, Border Patrol is short 
I think about 2,200 personnel.
    Mr. Kelly. Yes.
    Mr. Cuellar. CBP or, you know, the folks at the ports are 
doing a little better. In fact, we added money to hire--what is 
it, about 600 and then if they use some of the fees they can 
double the amount. Air Marine, there are three uniforms down 
there----
    Mr. Kelly. Yes, yes.
    Mr. Cuellar. I keep telling my friends that. They said it--
there are three colors there, the green Border Patrol, blue the 
folks at the ports of entry----
    Mr. Kelly. Right.
    Mr. Cuellar. And then the brown--not UPS as one of my 
friends said, but it's actually Air Marine. And Air Marine is 
short on pilots also.
    Mr. Kelly. And we have a report out that points that out. 
We pointed out that the request--CBP requested flights from Air 
and Marine, and over fiscal years 2015, 2016 and 2017 Air and 
Marine was only able to provide--I believe it was 18, 20 and 17 
percent of the requested number of flights.
    Mr. Cuellar. Right and that is--we see at the border, 
Border Patrol is asking for more air coverage and--but they 
just don't have the hours or the personnel to cover that.
    Let me ask you a quick question. Based on your evaluations 
of compliance with ICE detention standards, how do ICE 
detention standards fare compared to other U.S. law enforcement 
agencies?
    Mr. Kelly. I can only evaluate what DHS is doing and what 
ICE is doing. We have not initiated a review that goes across 
to look at what is going on at the Justice Department or for 
the Bureau of Prisons. That is something that is probably 
beneficial but we have not done that. We would have to do that 
in concert with the Inspector General up at Department of 
Justice.
    Mr. Cuellar. If you all decide to do that, let us know.
    Mr. Kelly. Okay.
    Mr. Cuellar. Thank you so much.
    Ms. Roybal-Allard. All right, Mr. Price.
    Mr. Price. Thank you, Madam Chairman.
    Good morning, Mr. Kelly, glad to have you here and I 
appreciate your responding to what appears to have been a wide 
array of topics.
    Mr. Kelly. I try to answer them. Some of the questions, I 
don't have answers to but we will try to get back to the 
members on the questions we don't have answers to.
    Mr. Price. Well, your, of course, your mandate covers the 
entirety of the Department and I am going to ask you about 
another subject that we have actually asked you to investigate.
    And I am not--this was in December, I am not going to ask 
you to anticipate the results of that investigation, although I 
would appreciate some kind of timeline as to when we might 
expect an answer. And also, I want to ask you about a couple of 
questions the investigation involves that perhaps you do have a 
ability to respond to at this point.
    Just very quickly, I won't go into the details of the case 
except to say that that this involves an arrest and deportation 
of one Samuel Oliver-Bruno in November 23 of last year, a 
decades-long resident of North Carolina, no significant 
criminal history, U.S. citizen, teenage son, a very seriously 
ill wife. He received a stay of deportation in 2014, the use of 
prosecutorial discretion by ICE in subsequent years but he was 
denied further relief by ICE under this administration in 2017.
    Forced into taking sanctuary in a local church to avoid 
being deported and being separated from his ill wife. His 
second stay of deportation was denied by ICE in 2017, so he 
decided to seek deferred action status from USCIS, from another 
agency. He was given strict instructions to appear at a USCIS 
office to provide biometrics for that application. But when he 
did so, guess who was waiting there, ICE. And he was sent to a 
detention facility in Georgia and--to await what looked like a 
sham appeal and he was shipped out of the country.
    This was, of course, an obvious case where prosecutorial 
discretion, and compassion and commonsense might have been 
applied. But I want to ask specifically about this interagency 
aspect which is unique and, I think, needs to be addressed.
    It appears that ICE officials used the CIS request to lure 
Mr. Bruno--Oliver--Bruno out of sanctuary and to apprehend him. 
Now, the ICE officials say they learned about this from social 
media, they may or may not have. But in any case, when he went 
to CIS, there--there they were. And they took him--took him 
into custody and all appeals up the line have failed.
    So you can imagine, coupled with the--these random and 
unnecessary ICE raids proliferating throughout North Carolina, 
we just have a significant erosion in public trust. So I am 
very concerned about this. But I know you will have particular 
focus on this interagency problem. And so that is what I want 
to ask you about.
    Are there any protections within the overarching DHS 
framework to ensure that two DHS agencies don't coordinate 
arrests in a fashion that seems to entrap immigrants? What more 
needs to be done to establish a clear separation between these 
two different legal processes?
    The man in good faith is leaving sanctuary to go to CIS and 
there they are waiting for him. That certainly looks like 
entrapment, but I am not asking you to judge that. I am asking 
you to judge if there is any protections within the existing 
law or practice to prevent that kind of coordination.
    And then, when this does exist, can you point out where 
in--where this may exist or where there is a double interest 
and interest in a person from two agencies, who says ICE 
prevails? ICE's interests prevail or ICE priorities are given 
more weight than the laws that are guiding USCIS? So why--why 
should that be or is it so?
    So not anticipating your investigation, although I do want 
to know when we can expect some evaluation from you, I wonder 
if you could address those two issues.
    Mr. Kelly. I am familiar with your request. The--I am not 
familiar with the specifics of what we have done on your 
request, so I will have to get back to you at a later date. 
And--but I don't know the answer, nor do I know the answer to 
whether or not--how the two components within Department of 
Homeland Security are sharing information.
    Mr. Price. So you have never dealt with this in prior 
investigations, or?
    Mr. Kelly. I have not. We have--I am not familiar with that 
issue.
    Mr. Price. As far as you know, is this a unique case? Any 
other similar situations that have come to your attention? 
That--see, I think if they did come to your attention probably 
you would know about it. It is a--quite a striking set of 
circumstances.
    Mr. Kelly. It coming to my attention, the answer is no. But 
that does not mean that it--that other people within my 
organization are not aware of that and can speak more to the 
point on that. Right--so I would--I would have to get back to 
you on that question. I can't give you a definitive answer.
    Mr. Price. All right. Well, my--I know my time is expired. 
But to the extent you can respond to my two questions regarding 
the provisions for coordination between these two agencies and 
which agency takes precedence in a situation like this, I--it 
is obviously pertinent to this case, but it also is more 
broadly pertinent. So I would appreciate your response.
    Mr. Kelly. I agree with you. But I can't give you a 
definitive answer. I will have to get back to you at a later 
date.
    Mr. Price. All right. Thank you.
    Thank you, Madam Chairman.
    Ms. Roybal-Allard. That completes round one and we do have 
time for a second round----
    Mr. Kelly. Okay.
    Ms. Roybal-Allard. Mr. Kelly.
    Mr. Kelly, as you know, the mission of the DHS is vast. And 
carrying out its mission ranges from disaster relief grants to 
states to massive procurements of aircraft and vessels, to 
developing cutting-edge technologies to protect the public. And 
your office produces a number of documents, including a five-
year strategic plan, and annual performance plan and semi-
annual reports, which ideally outline your priorities and 
performance.
    How do you assess DHS's major vulnerabilities and allocate 
your resources to ensure you are focused on the best use of the 
Department's funds? And is there a direct relationship between 
the strategic documents that you produce and the priorities of 
your budget request?
    Mr. Kelly. As an oversight agency, we have our most--the 
only reason why we exist is to keep you, the Congress, and the 
administration timely informed about problems that exist within 
programs under their purview. So within our strategic plan, our 
goal is to make sure that is basically three issues. Is the 
Department operating efficiently and effectively? Are we hiring 
the right people? And do we have the right tools to execute our 
mission?
    The issue concerning the work that we do, as I mentioned 
earlier, we have recently revamped and established a new start 
process where we are looking at what is the most important 
issues that affect the Department. When I took responsibilities 
as the Acting Inspector General--actually, my predecessor 
stopped the annual work plans that they had because they 
basically represented what was important 2 years before they 
started work. And in a dynamic agency like Homeland Security 2 
years is almost a lifetime.
    We can't decide what was important 2 years ago for what we 
are doing right now because we would be doing completely 
different things. So we are taking all the requests coming in 
from Congress, we are taking the requests that we get in from 
the department and we also take the subject matter expertise of 
the people that have been doing this work for an extended 
period of time and blend that and have all the senior 
executives sit down on a weekly basis to make sure that we are 
doing the right work.
    I think that has been very beneficial. We have been 
operating this--in this fashion for nearly a year and it 
enabled us to immediately go down to the border last summer. 
And to address some of the ICE detention facilities that we 
believe are a higher risk and that--they are the facilities 
that you need to hear about, such as the facility in Newark, 
New Jersey and Adelanto, California, as I mentioned in my oral 
statement.
    Ms. Roybal-Allard. You mentioned that your primary mission 
is to keep Members of Congress informed.
    Mr. Kelly. Yes.
    Ms. Roybal-Allard. So are your resources sufficient to 
effectively carry out that mission and if you had more 
resources where would you focus?
    Mr. Kelly. If we had more resources we would focus those 
efforts on the highest risk areas and those right now are some 
of the border issues and also some of the disaster issues that 
we would be that are important issues to get into.
    We do appreciate the funding that the department--I am 
sorry--that the committee provides to us. But we could use more 
resources and each year both my predecessor and I have 
petitioned for additional resources to address our needs.
    We do appreciate the supplemental funding that we received 
for the 2017 disasters. That enabled us to do some very 
important work in those areas; it has kept our criminal 
investigators very active and--but we certainly can use more 
resources. The issues that affect the department are high-risk 
areas, they are very dynamic and they need to be addressed 
quickly, not the typical I.G. audit that talks about issues 
that are 3 or 4 years old and said that things didn't go well. 
That is not a very effective way of running an I.G. shop and I 
have tried to modify that process.
    Ms. Roybal-Allard. And just finally, do you communicate 
directly with OMB or does your budget request always flow 
through the department?
    Mr. Kelly. We communicate and I have had meetings with OMB. 
We do submit our budgets to the department but we also have 
separate meetings with OMB, I have met with them personally on 
a number of occasions and I know my predecessor has. And then 
we also have special meetings just with your staff and I have 
worked with member--a number of the staff that are sitting 
behind you on what our needs are.
    So that is one of the nice things about being an Inspector 
General that if we--the department doesn't give us what we need 
we have the authority to come directly to you and let us know--
and let you know what we need.
    I often point out to the members of the staff and the 
members that you are usually our biggest proponents because we 
are your eyes and ears to find out what is going on and we are 
the quickest way of getting information to you about the 
challenges that the department is facing.
    Ms. Roybal-Allard. And we appreciate your responsiveness to 
us. Mr. Fleischmann.
    Mr. Fleischmann. Thank you again, Madam Chairman.
    Mr. Kelly, thank you again, sir. Next week the subcommittee 
is holding a hearing with FEMA regarding the recovery efforts 
in Puerto Rico and the U.S. Virgin Islands after 2017 storms. 
In your testimony you highlighted your work with the affected 
areas, such as deploying staff and establishing joint field 
offices. And you state that as a result of that deployment your 
staff identified several areas where additional more 
comprehensive, traditional audit work was needed.
    Can you share what areas that worked you have identified in 
Puerto Rico and are challenges you see in Puerto Rico different 
from what you are seeing in Texas and Florida, sir?
    Mr. Kelly. I also went down to Puerto Rico shortly after 
the disaster and I was quite shocked at the devastation that 
existed on that island. I have spent--visited numerous islands, 
lived in Hawaii for a period of time. I spent an extensive 
amount of time in Guam and I was extremely surprised to see how 
vast the island of Puerto Rico is, it is much larger than 
either of those two islands--or Hawaii, the chain of islands.
    And the challenges that they were facing were far more 
difficult than I have experienced--I have seen FEMA have to 
experience in some of the mainland disasters that they have 
dealt with. So it is a very difficult thing for them to do. But 
FEMA's responsibility--when your name is Federal Emergency 
Management Agency you are expected to be able to manage 
emergencies.
    And the--if you are a U.S. citizen, you are expecting the 
Federal Government to provide the assistance that is necessary 
when you go through a level of disaster that is--was pretty 
unprecedented.
    Mr. Fleischmann. Thank you, sir. I am sure you are working 
closely with the department and FEMA on programs and efforts 
underway in Puerto Rico, when we meet with FEMA next week what 
questions should we be asking the agency on the record in 
regard to the 2017 storm recovery.
    Mr. Kelly. I would ask them to compare their response and 
recovery rate to other disasters and see if their metrics for 
Puerto Rico and the Virgin Islands compare favorably to other 
disasters that they have dealt with.
    Mr. Fleischmann. Thank you. Your testimony highlights 8 
listed persistent and systematic vulnerabilities with FEMA 
programs. Are these challenges you see across the country with 
respect to the disaster programs? Are they limited to one 
state, one storm, or one type of disaster? What is your view?
    Mr. Kelly. The biggest problem that we have with FEMA is 
that they don't hold states accountable. And that is the--that 
is the most significant problem that we have with FEMA because 
by not holding the states accountable they basically tell 
everyone that the policies that they are--that exist, you know, 
you can do them or you can't do them--or you can comply. If you 
don't comply with the policies, we will find a way out of it.
    And it is a lot like the waivers question that I had 
earlier at ICE detention facilities. It is not good to 
basically waive a lot of things because then you are creating a 
culture in which individuals believe that they don't have to 
comply with the requirements, the requirements that were setup 
to protect the tax dollar--the taxpayer and the people that 
were affected by disasters. That balance is important.
    And when you do waivers or don't hold people accountable, 
the taxpayer is the one who loses. Because the American 
taxpayer is very generous, they want to make sure that people 
that are affected by disasters are made whole. But what they 
don't like is when people are getting away with things that 
they shouldn't be getting away with.
    Mr. Fleischmann. Thank you, sir.
    Madam Chairman, I will yield back.
    Ms. Roybal-Allard. Ms. Meng.
    Ms. Meng. Thank you, Madam Chairwoman.
    On June 27, 2018, ICE's New York field office announced 
that starting immediately removal proceedings at the Varick 
Street Immigration Court in New York City would be conducted 
exclusively by video teleconferencing. Immigrants detained by 
ICE would appear by video feed from the county jail at which 
they are held, disconnected from the court, their lawyers, 
evidence presented by the government and their case.
    ICE's policy of denying in-person hearings when immigrants' 
liberty, family unity and potential exile is at stake is a 
cruel extension of the Federal administration's aggressive 
efforts to deny immigrants equal justice and due process. What 
steps can you take to ensure that immigrants and their families 
have meaningful access to due process?
    Mr. Kelly. The facts and circumstances of the--of what you 
just described to me, I am not aware of. The--that is doing 
some more work in those areas are the kind of things that if we 
had more resources we could probably do some more work in those 
areas. If we get requests from members of Congress, we consider 
them to be a--things that we try to do. We do get--I probably 
get a letter from members almost--probably it average nearly 
once a day for various different issues.
    But what you just described does not sound very nice. It 
doesn't sound to be the kind of principles that the United 
States wants to stand for. It is very similar to the issues 
that Congressman Price mentioned earlier about teaming up and 
going after individuals. But I am unaware--I was unaware of 
what you just described.
    Ms. Meng. So would it help if you did receive letters----
    Mr. Kelly. Yes.
    Ms. Meng. And communication information----
    Mr. Kelly. We----
    Ms. Meng. About lawsuits that might be going on?
    Mr. Kelly. Communications from Members of Congress to our 
office are always desired because our statutory requirement is 
two-fold. It is to keep Congress and the administration timely 
informed about problems.
    We take our dual reporting relationship very seriously and 
if anyone in my office--they joke how often I bring up our 
statutory authority and what we need to do in our 
responsibilities. Because it is, you know, here he goes again 
talking about the dual reporting relationship, it is very 
important to us.
    Ms. Meng. Thank you, sir.
    And another situation that is going on around across New 
York state courthouses, reports by the Immigrant Defense 
Project reported that ICE arrests across New York courthouses 
increases by 1,700 percent in 2018 compared to 2016. ICE 
arrests at courthouses impede the ability of the courts to 
effectively deliver justice, deter victims from seeking justice 
and compromise public safety. We have heard from so many public 
defenders and defense attorneys about agents showing up in the 
courthouse, in public areas where folks are trying to be with 
their families.
    This figure is astounding. And in 2018, as you know, ICE 
had issued guidance on civil immigration enforcement actions 
inside these courthouses. Will the OIG investigate or audit the 
immigration enforcement actions at courthouses and its effect 
on public safety?
    Mr. Kelly. Again, I was unaware of what you were just 
describing. We do annually meet with the NGOs to have them talk 
to us about some of the issues of their concern because we 
don't want to be tone-deaf to issues of various different 
groups.
    They have--I don't remember them talking to us about those 
issues, they were typically talking--their biggest concerns 
were border issues and also the travel ban. They were not 
just--I don't remember them mentioning these issues to us. So 
again, you are telling me things that I am a little unaware of 
and the best I can do is try to get back to you on some of 
these things.
    Ms. Meng. Sure. Thank you. As you know, families are being 
separated and defendants are not showing up to court because of 
this issue. So we will make sure that they are getting you the 
proper information.
    Mr. Kelly. Okay.
    Ms. Meng. Thank you, sir.
    Ms. Roybal-Allard. Okay. Mr. Kelly, I think you will be 
getting a letter of request from us on these issues. 
[Laughter.]
    Mr. Newhouse.
    Mr. Newhouse. Thank you, Madam Chair.
    Mr. Kelly, part of your testimony and your written 
testimony in particular, they talk about FEMA and the 
responsibility to manage disasters.
    Mr. Kelly. Yes.
    Mr. Newhouse. And I just wanted to further the thinking--or 
the--some of the questioning Mr. Fleischmann was asking you 
about. You reading between the lines, you--it seems to me you 
are expressing some frustration, some of the systemic problems 
and operational challenges that FEMA has.
    Mr. Kelly. Yes.
    Mr. Newhouse. And it is across administrations, it has been 
a situation for quite some time. But you state that they remain 
ineffective at holding grant recipients accountable for 
properly managing disaster funds. You cite 2016, 2015, 2014, 
even back as far as 2010 issues with accountability holding 
states accountable for managing grants. All of those, if they 
are not frustrating to you, they are certainly--reading that is 
frustrating to me.
    And in your comments you talk about encouraging FEMA to 
take steps to--for corrective action. And I guess, you know, 
part of this is on Congress, too. Is Congress not listening to 
some of the recommendations of the Inspector General on what 
could be done or other things? I would just like to have a 
further conversation so that we don't just measure things after 
the--after all this money goes out the door and then--and then 
the same thing happens the next year.
    Mr. Kelly. Yes. I am very much against the types of 
recommendation or the types of FEMA audits that basically are 
spilt milk type of things. I am looking at more systemic 
problems that exist and how to correct those systemic problems 
and that is holding states accountable.
    My predecessor wrote a letter, and I will share that with 
the committee, to Chairman Johnson about some basic challenges 
that FEMA really needs to take to correct their longstanding 
problems. That letter is about a year and--maybe two years old 
and it is still current. It is something that really needs to 
be addressed and some of it could probably take legislative 
changes to--to hold people more accountable.
    Mr. Newhouse. Okay. Yes, I would appreciate seeing that.
    Mr. Kelly. Yes.
    Mr. Newhouse. And if there is something that we should be 
looking at doing or at least having that conversation, Madam 
Chairman, it seems like it is incumbent upon members of this 
committee to do so----
    Mr. Kelly. Yes.
    Mr. Newhouse. And so--because inevitably we will have more 
disasters and can----
    Mr. Kelly. It is--yes, you can't stop them.
    Mr. Newhouse. Yes. And so we need to get better at this. 
Because, as you say, we are--we have precious taxpayer dollars 
that we are responsible for, and want to make sure that people 
that need the help, and that----
    Mr. Kelly. Yes.
    Mr. Newhouse. The money is used as efficiently as possible.
    Mr. Kelly. It averages more than $10 billion a year that--
--
    Mr. Newhouse. Ten how many?
    Mr. Kelly. $10 billion a year we spend on disasters.
    Mr. Newhouse. Billion, 10 billion. Yes.
    Mr. Kelly. So it is a sizable investment that we make and 
it is an investment that we need to make. And I think our 
citizens and communities deserve to be made whole. But they 
also--FEMA needs to be held accountable and to make sure that 
the people that they are giving the money to are--are also held 
accountable.
    Mr. Newhouse. Absolutely. Because that--any money wasted is 
money that can't go to help the next----
    Mr. Kelly. Correct.
    Mr. Newhouse. Group of people out of their disaster 
situation, so. Thank you very much, again. I appreciate you 
being here today.
    I yield my time back, Madam Chair.
    Ms. Roybal-Allard. Mr. Aguilar.
    Mr. Aguilar. Thank you, Chairwoman Roybal-Allard.
    Mr. Kelly, I wanted to talk with you a little bit about the 
I.G. issue in a report in November that highlighted some of the 
management challenges that DHS faces, and specifically 
mentioned the acquisition program that is--that is high risk. 
And the report stated that building the--the planned wall along 
the Southern Border will highlight continuing challenges that 
DHS faces in its acquisition program, which frequently incurs 
cost overruns as a--and as the report stated, quote, 
contributes little to the mission-related outcomes.
    A separate GAO report published last year recommended that 
DHS analyze costs associated with the barrier segments. And the 
report concluded that, without key information on cost, 
acquisition baselines, and the contributions of previous 
barrier and technology deployments, DHS faces an increases risk 
that the border wall--end of the quote, that the border wall 
program will cost more than expected and take longer to build. 
The report highlighted that DHS agrees with the recommendation.
    Based on GAO's findings and your work within the 
acquisition space, my feeling that key information on the--
these programs is missing. How do we know that the budget 
request that DHS is submitting to us are in line with 
projections? And based on those reports, it seems like the 
agency isn't working with the best data, how should Congress 
respond in your opinion?
    Mr. Kelly. Our major management challenge report highlights 
acquisitions as being a difficult issue. The biggest challenge 
that the Department has in acquisitions is the components 
operate often by themselves and it is difficult for the 
Department to hold those components accountable for--for what 
they are submitting and actually executing.
    The Department does not have--and the entire Federal 
Government does not have a very good track record of delivering 
acquisition projects on time or within budget. The types of 
things that you should be looking for are the performance 
metrics and the underlying support that is being used to come 
up with the--with those cost estimates to see if they are going 
to get things done in a timely fashion.
    Mr. Aguilar. The larger the project, the more risk 
associated as well, correct?
    Mr. Kelly. That is correct.
    Mr. Aguilar. Thank you, I appreciate it.
    In your testimony, you also talked about the Essex County 
Correctional facility issue in New Jersey. And the Fiscal Year 
2019 bill that the chairwoman worked incredibly hard on 
provided over $400 million in additional humanitarian relief 
that is supposed to be spent for food for detainees, medical 
care, infant formula, diapers and those humanitarian expenses.
    Looking forward, how can the OIG help us to keep DHS 
accountable for using these tax dollars in the manner in which 
Congress prescribed and what are some of the priority areas 
that we should be looking for?
    Mr. Kelly. The continuation of doing unannounced 
inspections. Unannounced inspections at ICE detention 
facilities is a very good way to identify deficiencies because 
they don't know when we are coming. So if we--if they know when 
we are coming, they can get everything nice and clean or make 
sure that people are fed, they have got good food.
    But if we just show up there unannounced, there is always 
that element of surprise that a facility needs to be in good 
shape because the--the I.G. might be showing up and identifying 
some significant deficiencies, as the one in Newark and in the 
one in Adelanto, California, so.----
    Mr. Aguilar. Thank you. Thank you, I appreciate it.
    And just building off of what you said earlier, I hope you 
feel from us you are hearing that you don't just have the 
authority to come talk with us if you need additional budget 
dollars to carry out these inspections, but we hope you feel 
the obligation to do that as well.
    Mr. Kelly. I appreciate that support.
    Mr. Aguilar. Yes, thank you.
    Building off of what Mr. Price and Ms. Meng mentioned as 
well, I did want to highlight one article that I will happily 
send to your--to you and your team. A young man named Hector 
Baca Gutierrez, who I have met, at the age of 17 came to the 
United States from Nicaragua. He was given a notice to appear 
and didn't show up in the 1990s. He adjusted his status in 2001 
and--by his father and it was approved in 2018. So he was on 
his path to become a lawful permanent resident.
    He was sent a letter by ERO, by ICE, asked to show up and 
then when he showed up he was detained for 25 days. No criminal 
record, hard worker, worked two jobs, husband, father, detained 
25 days. So when the department comes to us and asks for 
authority, and there are cases like this, where individuals who 
don't have a criminal record are detained it--it frustrates us. 
And when they are sent letters that seem to lure them come 
check in with the sole purpose of detaining them it gives us 
concern.
    So I will share that article with you, just building on 
what my colleagues indicated. Those types of policies I think 
need to be reviewed. Thank you so much.
    Mr. Kelly. Okay. Thank you.
    Ms. Roybal-Allard. Mr. Price.
    Mr. Price. Mr. Kelly, I want to stay on the subject of ICE 
enforcement, the policies and practices attendant to that. 
Again, focusing on what you may have studied or encountered in 
the course of your particular responsibilities. But I must tell 
you I do have a prompt. I had a recent occasion in my 
district--recent occurrence in my district that makes this a 
matter of special urgency for me.
    We, on this subcommittee, I think it is fair to say, have 
focused over the years on the priority enforcement program and 
other efforts to prioritize dangerous people for detention and 
deportation, to make certain that prosecutorial discretion 
was--which must be exercised one way or the other--to make sure 
that it is exercised to prioritize dangerous people for 
removal.
    And you know very well that the administration currently 
has been moving in the opposite direction with--once again, 
workplace raids, a lot of seemingly random pickups of 
individuals and the percentage of those who are criminals who 
are being deported is down.
    But we had an example of this in North Carolina in just the 
last few weeks. The new wrinkle was this though, and this 
frames my question: ICE justified these raids as the direct 
result of several counties lawfully ending their engagement in 
voluntary immigration enforcement agreements with the agency, 
287G agreements.
    These are voluntary agreements. Multiple Federal courts 
have ruled that ICE detainers are either voluntary or that 
they--blanket detainers exceed ICE's own statutory authority. 
So I have two narrow questions and two broader questions. But 
it--they are rooted in this recent experience.
    First of all, just practices that ICE is bound to honor. 
What is the responsibility of ICE officials during enforcement 
actions to identify themselves as Federal immigration 
officials?
    And, secondly, are there internal rules or guidelines that 
prohibit or discourage ICE officials for traveling in vehicles 
that say Police on them? Sure it's not the first time you have 
heard those questions. I would like to clarify what the 
responsibilities are.
    And then two broader questions: Is it department policy, as 
far as you know, to conduct more enforcement operations in 
localities that have recently ended 287G programs? Very simple 
question but an important one.
    And then, finally, what about prosecutorial discretion? Is 
the department focusing any longer on arresting dangerous 
criminals? President Trump says they are, says it many times. 
But nearly 1/3 of the individuals taken into custody by ICE in 
these raids in North Carolina were collateral arrests, wrong 
place wrong time. And, in fact, there's a quote from the 
Atlanta ICE Field Office Director, if they are in the wrong 
place at the wrong time, my officers will take enforcement 
action.
    Is that where we are? Is that ICE policy as far as your 
observations would confirm it?
    Mr. Kelly. I will have to get back to you on that. I don't 
know a definitive answer. I apologize.
    Mr. Price. Get back to me on which of the questions?
    Mr. Kelly. On--you basically had four questions. I don't 
know the answers to any of those questions.
    Mr. Price. Well the two are very narrow questions about 
what the responsibilities are when raids are being carried out. 
The question about identifying themselves as Federal 
immigration officials and using the Police designation--these 
have been debated for year and--and--you know--as you know, 
charges have gone back and forth about what the practices are.
    You--can you tell us that?
    Mr. Kelly. I don't know the answer to your question.
    That--whether or not they can or cannot use Police on----
    Mr. Price. Well that of course doesn't require an 
investigation. That would be a simple statement of department 
policy and I would appreciate you getting back to me on this. 
And then these broader issues, is there or is there not a 
department policy to target jurisdictions that have recently 
terminated 287(G) agreements?
    Mr. Kelly. I do--we have issued a number of reports on the 
287G program. Most of--all of those departments did not paint 
the department in a positive light. But to--I don't know the 
definitive answer as to know--as to whether or not they are 
targeting communities that have terminated those programs.
    Mr. Price. Well we might need to request a more formal 
inquiry on that.
    Mr. Kelly. Okay.
    Mr. Price. But to the extent you can respond to these 
broader issues as well, that question and also the one about 
how discretion is being exercised.
    We obviously would find that information useful and then we 
can maybe follow up with you as to what kind of specific 
inquiry to your office we should frame.
    Mr. Kelly. Okay. All right, to the best of my knowledge we 
have not looked into those specific issues. But if we have I 
will get a definitive answer back to you. If not, we will see 
what we can do on that.
    Mr. Price. Yes, thank you. Thank you, Madam Chairman.
    Ms. Roybal-Allard. Mr. Kelly, I have one final question 
that I would like to add to the record. As you are aware, the 
Sandy Recovery Improvement Act of 2013 authorized FEMA to 
establish a pilot program for public assistance alternative 
procedures. And we understand from FEMA there have been at 
least 7,800 projects with over $14 billion in grant funds 
approved under this pilot program.
    The law specifically tasks the Inspector General to look at 
the effectiveness of the program and focus on six specific 
areas of interest. In 2018 the OIG issued a brief report with 
some recommendations but it largely concluded it was too early 
to evaluate the program's effectiveness.
    Do you believe the report that was issued complied with the 
statutory mandate and, in the near future, do you plan to issue 
a follow up report that more fully evaluates the effectiveness 
of the pilot?
    Mr. Kelly. The answer to your second question is we are 
going to be doing an additional work that answers all those 
questions. To--answer to your first question is: To the best 
extent possible with the limits of data. We couldn't make a 
determination as to whether or not--as to the true benefit of 
the 287G program--I am sorry the 428 alternative procedures 
program because there were only, I believe, about 10 percent of 
the projects completed.
    A lot of the projects were very multi-year, expensive, 
complicated projects that are going to take awhile to complete 
and to make a determination on 10 percent of the projects that 
were completed would--would not be a sound decision. So we--we 
have to see what FEMA has completed on some of these more 
complicated to give a true answer.
    As a general rule, the alternative procedures, which is 
basically a fixed priced type of grant--as a general rule as 
what the--the Federal acquisition regulations say is that 
straightforward uncomplicated projects should be done using a 
fixed price method. More complicated, more sophisticated issues 
require--are better done if there are cost type of contracting 
or the type of--or types of grants that FEMA does 
traditionally.
    So for--for the very complicated multi-year issues, the FAR 
recommends that it is being handled though cost type of 
contracting, or this would be cost type of grants, so. But for 
smaller projects fixed priced are much better.
    Ms. Roybal-Allard. Since there are no further questions, 
the hearing is concluded.
    Mr. Kelly. Thank you.
    [Material submitted for inclusion in the record follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
                                           Tuesday, March 12, 2019.

                  FEDERAL EMERGENCY MANAGEMENT AGENCY

                               WITNESSES

PETER T. GAYNOR, ACTING ADMINISTRATOR
    Ms. Roybal-Allard. The Subcommittee on Homeland Security 
will come to order.
    I welcome everyone to the first Department of Homeland 
Security Subcommittee hearing with the Federal Emergency 
Management Agency of the 116th Congress. I especially welcome 
Mr. Gaynor. I believe this is your first hearing as acting 
administrator, so welcome.
    Mr. Gaynor. Thank you.
    Ms. Roybal-Allard. This subcommittee has a long bipartisan 
tradition, and emergency management issues are a prime 
principle as to why. Disasters do not distinguish where they 
strike by party affiliation, and helping disaster survivors and 
their communities in the wake of a disaster is a goal we all 
share.
    Most of the members of this subcommittee come from States 
that are frequently struck by disasters. My home State of 
California is a prime example. Our State has been struck by 
catastrophic and deadly wildfires, and now is being affected by 
rains and floods that can be devastating, especially in the 
burned areas. We greatly appreciate FEMA's efforts to help 
disaster survivors and their communities in California.
    FEMA has a demanding job. Congress has given FEMA very 
broad and flexible authority and a difficult mission. We ask 
FEMA to help people in communities prepare for, respond to, and 
recover from some of the worst days they will ever face. FEMA 
employees do this frequently, and with long periods away from 
home and family. We fully recognize that no matter how many 
times FEMA does amazing things, it is usually the things that 
don't go well that get reported in the media and to Members of 
Congress.
    While this subcommittee is very supportive of FEMA, its 
employees and its mission, that does not abrogate our 
responsibility for vigorous oversight. During this hearing, as 
we work with you going forward, we intend to ask tough 
questions. This is not to make things more difficult, but to 
ensure we are fully informed as part of our responsibility to 
see that FEMA carries out its mission in a fast, efficient, and 
effective manner.
    Next month, members of the subcommittee and the 
Subcommittee on Transportation and Housing and Urban 
Development will travel to Puerto Rico to see firsthand how 
recovery efforts are faring. While that will be the focus of 
our trip, it is not the exclusive focus of this hearing or our 
oversight activities.
    I would be remiss if I did not convey our thoughts and 
concerns to those impacted by the recent tornadoes in the 
southeast, especially in Alabama. Mr. Gaynor, I understand you 
were recently there and that your colleagues at FEMA have been 
working with State and local partners in response to these 
disasters. We look forward to your assessment of the situation 
during this hearing.
    Again, thank you for appearing before the subcommittee 
today. And now I will turn to my colleague, Ranking Member 
Fleischmann, for his opening marks.
    Mr. Fleischmann. Thank you, Madam Chairman. I want to thank 
you, and let everyone know on both sides of the aisle that, Ms. 
Roybal-Allard, it has been an honor working with you in your 
capacity as chairman. I am the ranking member, but we have had 
several visits so far, and I appreciate the way that things are 
going so far. Thank you very much.
    Ms. Roybal-Allard. Thank you.
    Mr. Fleischmann. Mr. Gaynor, thank you for joining us 
today. I represent the people of the Third District of 
Tennessee, Chattanooga all the way up to the Kentucky border. 
And in my tenure in Congress, FEMA has done an outstanding job 
in dealing with the disasters. We have had tornadoes, now we 
are going through floods, but FEMA has always answered the 
call, and I want to thank you on behalf of my constituents.
    Whenever a disaster hits one of our communities, sir, we 
all hope that FEMA and the first local responders will be on 
the scene to bring a sense of order and safety to the chaos. 
And then with the rebuilding, a process that can take months, 
in some cases even years, we look to FEMA and your partner 
agencies. We devote a lot of money to recovery and rebuilding, 
sir, and we expect FEMA to show communities and States the way 
to get up and running. We expect a lot, the communities expect 
a lot, but we also expect FEMA to be good stewards of the 
billions of taxpayer dollars we provide every year. We are 
looking forward to hear that FEMA did both, effectively and 
efficiently, help communities out of the worst thing that could 
have happened, got them back on their feet, and can say to the 
taxpayers and the Congress, we were good stewards of the funds.
    I look forward to your testimony, sir. And I thank you 
again for being here today.
    Madam Chairman, I yield back.
    Ms. Roybal-Allard. Thank you.
    Before we begin with the testimony, a few housekeeping 
items. The order in which members will be called for 
questioning will be based on seniority of those who are present 
when the hearing was called to order, alternating between 
majority and minority members. Also, to ensure everyone has 
ample opportunity to ask questions, I would ask each member to 
keep their turn to the allotted 5 minutes per round.
    So, Mr. Gaynor, we look forward to your testimony and we 
will submit the full text of your testimony for the record.
    Mr. Gaynor. Good afternoon. Thank you, Chairwoman Roybal-
Allard and Ranking Member Fleischmann and members of the 
committee. My name is Pete Gaynor, and I am the acting 
administrator of FEMA. And on behalf of Secretary Nielsen and 
the administration, I would like to thank you for this 
opportunity to provide this committee with an update on the 
2018 and 2017 disaster recovery efforts.
    The United States experienced six major hurricanes and five 
historic wildfires across these 2 years. Between January 2017 
and December 2018, the President approved 143 major disaster 
and emergency declarations. Additionally, FEMA supported 202 
fire management assistance grants. These two disaster seasons 
were significant in their devastation of life and property, as 
well as the cost to the affected communities and taxpayers.
    Specifically, in Puerto Rico and the U.S. Virgin Islands, 
we faced many unique challenges throughout the long-term 
recovery process. FEMA supports the government's recovery plan 
and will work to continue with our partners in Puerto Rico, the 
U.S. Virgin Islands, other Federal agencies, and with Congress 
to find strategic solutions.
    After working closely for several months, I am pleased to 
announce that FEMA and the government of Puerto Rico came to an 
agreement last week on the government's financial control plan. 
The government of Puerto Rico has certified that they have the 
required fiscal controls, accounting procedures, and project 
administration in place to assume responsibility to facilitate 
their financial--disaster recovery.
    We have found that success in emergency and response and 
recovery depends on a response that is locally executed, State-
managed, and federally supported. We must work with State and 
territorial governments to ensure that they are planning and 
budgeting for emergencies now and building the necessary 
capability to handle such disasters.
    We continue to support recovery efforts from Hurricanes 
Katrina, Rita, and Wilma nearly 14 years ago. FEMA and our 
partners recognize that this legacy recovery model is no longer 
acceptable and fiscally unsound. We will continue to work 
deliberately and methodically to ensure the outcome of any 
recoveries is to build a more resilient and prepared Nation.
    A cultural shift towards outcome-driven recovery was a 
recommendation from FEMA's 2017 After-Action Report. We are 
working hard to meet those findings and make all necessary 
improvements to our internal processes. This unprecedented 
scale, rapid succession, and intensity of disaster in recent 
years has stretched response recovery capabilities across the 
whole emergency management community, to include our private 
sector and voluntary partners. It will take unity effort across 
this community to ensure we are prepared and able to help 
people before, during, and after disasters.
    FEMA helps build capacity through providing preparedness in 
other grant programs to support our citizens and first 
responders. Such efforts are critical in allowing States and 
local governments to focus on small disasters while FEMA 
focuses on catastrophic disaster response. Eighty percent of 
all declared disasters incur obligations of $41 million or 
less, while 50 percent of all disasters cost less than $7 
million.
    Aligned with the key focus areas in the After-Action 
Report, FEMA's 2018 to 2022 Strategic Plan was published 1 year 
ago this week. This plan builds on existing best practices and 
identifies new initiatives geared towards our mission to 
achieving three overarching goals: build a culture of 
preparedness, ready the Nation for catastrophic disasters, and 
reduce the complexity of FEMA.
    As part of our goal of readying the Nation for catastrophic 
disasters, FEMA took the initiative to update the National 
Response Framework. This rewrite focuses on the stabilization 
of critical lifelines in coordination across infrastructure 
sectors. Lifelines provide an indispensable service that enable 
key businesses and government functions that, if not properly 
restored, could risk the health and safety of communities 
impacted by disasters.
    FEMA continues to build a culture of preparedness by 
focusing on pre-disaster mitigation to build resilient 
communities. In 2018, Congress took significant steps to 
support this effort with the passage of the Disaster Recovery 
Reform Act. This transformational legislation will assist the 
Nation in reducing risk and increasing preparedness in a more 
meaningful and tangible way.
    Thank you for support in passing this bill. I look forward 
to our continued partnership and support from this committee, 
and we will continue to meet the disaster needs of the Nation 
and ultimately help people in their time of greatest need. So 
thank you for the opportunity to testify today, and I look 
forward to any questions you may have.
    [The prepared statement of Mr. Gaynor follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
    
    Ms. Roybal-Allard. Thank you, Mr. Gaynor.
    I would like to begin by asking a couple of questions with 
regards to what is happening in California. It is my 
understanding that there are several residents in my home State 
that were impacted by the 2017 Tubbs wildfires who are still 
not back in their homes and are approaching FEMA's 18-month 
limit on temporary housing assistance. What is FEMA doing or 
what can it do to help survivors who have been unable to 
rebuild within the timeframe allowed by FEMA's Housing 
Assistance Program?
    Mr. Gaynor. Yes, ma'am. Just as background, I think post-
disaster housing for this country is a big problem, and I think 
it is even more problematic in locations where wildfires 
occurred and especially in the most recent wildfires in Butte 
County. I don't think FEMA will ever be able to deliver all the 
post-disaster housing needs that may be incurred in a disaster, 
and this is where we need partnership from States and locals to 
help us deliver that housing disaster requirement.
    I spent almost 10 years as a local emergency management 
director and a State director, and I think the solution is not 
for the Federal Government to say this is a housing solution 
that we place upon you, but to have the local and State 
governments develop their unique housing needs, and we will 
help meet those needs with Federal support.
    So with the specifics of your question, I don't know all 
the details, but I will find out if there is a hangup in that, 
and I will be happy to follow up with your staff.
    Ms. Roybal-Allard. Okay. We would appreciate that.
    Mr. Gaynor. Thank you, ma'am.
    [Mr. Gaynor responded for the record:]

    On March 19, 2019 FEMA approved the State of California's request 
to extend the period of assistance for Direct Temporary Housing under 
the Individuals and Households Program for DR-4344, California. The 
period of assistance for pre-disaster owners is extended to July 10, 
2019, and the period of assistance for pre-disaster renters is extended 
through May 10, 2019.

    Ms. Roybal-Allard. Also, Mr. Gaynor, California, including 
Los Angeles, has been struck by devastating wildfires over the 
last 2 years, as we have discussed. Wildfires are sometimes 
only the first part of a disaster cycle that can later include 
flooding and mudslides with heavy rainfalls on the burned 
areas. In fact, I understand from emergency managers back home 
that there have been recent evacuations in California due to 
flooding in these previously burned areas.
    The recently enacted Disaster Recovery Reform Act provided 
FEMA additional authority to mitigate these risks. Can you 
provide an update on the situation in California, steps FEMA 
and the State are taking to mitigate against the occurrence of 
future wildfires, floods, and mudslides, and how FEMA's new 
authority is being used in that regard?
    Mr. Gaynor. Thank you, ma'am. And I think you are 
referencing the DRRA section about post-disaster or hazard 
mitigation post-fire. The new authority gives us the ability to 
add specifically to FMAGs, a post-disaster mitigation. I think 
what we love about DRRA is it also tags on 6 percent of the 
total disaster cost for pre-disaster mitigation.
    If you looked at the numbers today, I think California will 
have access, when all the costs are in, to somewhere between 
$400 million and a billion dollars of pre-disaster mitigation 
funds that they could apply across the State to reducing fire 
risk. I know the State has taken actions over the recent couple 
months; they have a new fire plan that is really their roadmap 
about how they are going to attack fire risk. They also passed 
some laws to improve, the reduction of biomass and trees in the 
forest to, again, reduce that fire risk.
    I think we are all in sync about pre-disaster mitigation. 
And from our point of view, we would rather invest in pre-
disaster mitigation than pay that bill after. It is all tied 
together with landslides and mudslides. It is management of 
this risk that is really what is at the heart of this. But I 
think now with funding from DRRA, we are in much better shape 
to address that problem.
    Ms. Roybal-Allard. Okay. And just quickly in the time I 
have left, I mentioned in my statement what was happening in 
Alabama, that you had recently visited there. Can you provide 
an update on what you saw and how FEMA is assisting disaster 
survivors and their communities?
    Mr. Gaynor. Yes, ma'am. I had the great honor to fly down 
with the President and the Secretary on Friday. Senator Shelby 
and Rep. Rogers accompanied us down there. Lee County was 
impacted by an EF-4 tornado, 170 mile an hour winds. Actually, 
I had never been to a tornado of that scale ever. And if you 
can just imagine taking your house, the contents of your house, 
your clothes, your car, your trees, everything that you own, 
times 300 of your neighbors and put it all into a blender and 
then pouring it back out on the Earth, that is what this place 
looked like. Pretty devastating.
    The President signed an emergency major declaration for Lee 
County, and within a couple hours, we had about 171 FEMA 
employees down there trying to deliver assistance to those 
survivors. A very devastating tornado. And that was just one of 
six or seven tornadoes that touched down between Alabama and 
Georgia that day or early that week.
    Ms. Roybal-Allard. OK.
    Mr. Fleischmann.
    Mr. Fleischmann. Thank you, Madam Chairman.
    And, again, Administrator Gaynor, congratulations in your 
appointment. We look forward to working with you, sir.
    Acting Administrator Gaynor, as you have probably heard, 
many counties in Tennessee, my home State, have been hit hard 
in recent weeks with historic levels of flooding. In some 
neighborhoods, in Hamilton County, my home county, the flood 
waters continued to rise as recently as last week. In response, 
several counties in Tennessee are applying for grants from FEMA 
to mitigate the impact of this disaster. And our Governor, Bill 
Lee, is closely evaluating the situation to determine the 
strain on State resources.
    In cases where the governor, working with State and local 
officials, determines that more help is needed, can you 
describe the process FEMA utilizes to make a recommendation 
concerning a Presidential disaster declaration?
    Mr. Gaynor. Yes, sir. And I will just use my experience as 
a local and State director. What usually happens after 
disaster, there is a series of data collection to see what 
amount of disaster is actually out there. They call them 
preliminary damage assessments. So it is a team of local, 
State, and Federal partners going out there to assess damage. 
From that, the State or the county or the locals will write a 
request for disaster assistance. The governor and the State's 
emergency manager will probably evaluate that to see if it 
stands up to the law and on merit. And then the governor has 
the discretion to forward that to the President for action.
    It comes through the FEMA region, so the FEMA region 
responsible for Tennessee will look at it and they will forward 
it to FEMA headquarters. We will evaluate it again, and then 
ultimately we send it to the President for disposition.
    Mr. Fleischmann. Thank you, sir. Is the process more 
challenging when the damage is more spread out and not 
concentrated?
    Mr. Gaynor. It is challenging in trying to tally up what is 
damaged and what is private, what is public, what has 
insurance, what doesn't have insurance. All those things go 
into economic factors. So it really depends on the uniqueness 
of the location, but I am sure the emergency management 
director in Tennessee has been through this a few times. We 
offer technical assistance if there is any problems trying to 
assess the status of their initial assessments.
    Mr. Fleischmann. My final question on this part, sir, is 
are there steps that the agency can take to reduce the holding 
period and expedite the process, sir?
    Mr. Gaynor. The holding period as in relation to?
    Mr. Fleischmann. I guess the holding period in regard to on 
your all side.
    Mr. Gaynor. It typically doesn't take too long, and I will 
just use Alabama as an example. I think within a few days the 
President approved it. So, again, not every disaster is equal. 
They are all unique in its own way. Some take more because they 
are more complicated, some are pretty straight forward and gets 
a little faster.
    Mr. Fleischmann. Yes, sir. Mr. Gaynor, last week, this 
subcommittee heard from the Acting Inspector General, Mr. 
Kelly, on a number of topics across the department, including 
FEMA. When I asked the IG what questions we should include in 
today's hearing with FEMA and the 2017 and 2018 disasters, he 
did not pause when answering. Ask him to compare their response 
and recovery rate to other disasters and see if their metrics 
for Puerto Rico and the Virgin Islands compare favorably to 
other disasters they have dealt with.
    So I ask you, sir, how do your metrics compare to Puerto 
Rico and the Virgin Islands? And should I assume from Mr. 
Kelly's response that the numbers were not good?
    Mr. Gaynor. I can't reference if there is a report or some 
document that Mr. Kelly is talking about. But I can say in what 
I do know about the scale of Puerto Rico and U.S. Virgin 
Islands from Hurricane Maria. It is a disaster on a scale that 
we have really never seen. And it is not your typical disaster, 
it is complicated. It is obviously on an island. There are lots 
of thorny issues that predated the disaster that we are trying 
to work through.
    It is one of our biggest risks, I think, for FEMA. We are 
all in with the government of Puerto Rico and the U.S. Virgin 
Islands. We have committed a major part of our resources at 
FEMA to be on the island advising them. So it is at the far end 
of the scale when it comes to complexity and recovery.
    Mr. Fleischmann. Thank you, sir.
    Madam Chairman, I will yield back.
    Ms. Roybal-Allard. Mr. Cuellar disappeared.
    Mr. Ruppersberger.
    Mr. Ruppersberger. Thank you for being here. And we know 
you have a very difficult job, and we are just here to help you 
out and give you oversight and ask you some questions.
    So, first thing, I want to talk about, in the last 2 years, 
the 2017 Atlantic hurricane season I know caused 3,300 
fatalities. You know, we had in 2018, the wildfires, and killed 
a hundred people, and, you know, I know how much time that you 
spent on that. But I want to talk about--I guess we are getting 
a little parochial here, but that is who we represent there, 
and I represent the State of Maryland and the Port of 
Baltimore. And I have a lot of water in my district also.
    But I want to talk to you about the issue of the grant 
program, which is really important, I think, in my district, 
Port of Baltimore, and every port, I think, in the Nation. And 
FEMA's Port Security Grant Program is a lifeline to both large 
and small seaports across the country. And my--and for this 
reason, I was discouraged at the administration's deficient 
funding request at $36 million for this Federal assistance 
program.
    Now, this program was included in the original Department 
of Homeland Security authorization, and was funded at $100 
million, was a cut from $100 million to $36 million in the 
recently passed minibus. And this is a clear evidence that 
Congress recognizes the need to support our ports.
    Now, each year, America's ports generate about $4.6 
trillion of revenue and employ over 23 million people 
throughout the country. And the Port of Baltimore, which I 
represent, alone generates $310 million in State, county, and 
municipal tax revenues, and that is not including all the other 
amount of moneys that--it is one of the biggest employers in 
our State and a lot of other States.
    Now, with the expansion of the Panama Canal, which are a 
lot larger ships, you know, coming in, we don't expect to see 
an increase in containers moving in and out of our country, 
especially the East Coast. The bottom line is that the economic 
impact of seaports cannot be understated, and according to the 
Brooking's Center for 21st Century Security and Intelligence, 
it would only take a small attack on our ports to grind U.S. 
Congress to halt within days. I think we saw that in the L.A. 
Port strike years ago. Thus, the need for port security cannot 
be understated.
    So for this reason, I feel strongly that we need to protect 
our maritime infrastructure. And my question, do you believe 
the Port Security Grant Program has been a valuable tool in 
combating terrorism and drugs and building infrastructure 
resiliency?
    Secondly, I can say the Port of Baltimore, which received 
about $1.18 million in 2017, they put these Federal dollars to 
use improving their cybersecurity and upgrading their physical 
access points. And, finally, to me, a cut in this program 
implies the ports have shored up all their vulnerabilities, 
which they have not. So, basically, the question, you know, 
what is--do you feel that it is a valuable tool? What is the 
status? Where are we? And we are going to look at this issue on 
our committee.
    Mr. Gaynor. Yes, sir. And I am going to go back to my time 
as a local emergency manager in the city of Providence, we had 
a port, and I was----
    Mr. Ruppersberger. Is that why you talk a little bit 
differently than--I am teasing.
    Mr. Gaynor. Perfectly fine for me, sir. It sounds perfectly 
logical.
    Mr. Ruppersberger. Boston. Boston-type.
    Mr. Gaynor. I was a recipient of port grants, and I know 
how important those can be to any port. I think if you go back 
to 9/11 and draw a line on non-disaster grants, especially in 
Homeland Security grants, there has been a steady decline in 
funding over those years. I do think that the port grant is a 
valuable tool to all ports.
    There is a great demand on Homeland Security grants. Ports 
are one of those risks in a big portfolio. I was not part of 
determining how much each grant got, really above my pay grade, 
but it is an important tool for States and local ports to buy 
down their risk and be more resilient.
    I will be happy to look into the status of the current 
grant year, where we are on that. And it is a competitive 
grant, so the better program that you put forth, the better 
results you will yield on the far end.
    Mr. Ruppersberger. Okay. And we know, you know, the drug 
issue we have now, I think the majority of our ports, a lot of 
the fentanyl from China is coming in through the ports. And you 
know how many people are dying every day in our country, 
hundreds and hundreds. Thank you.
    Mr. Gaynor. I will be happy to follow up on the number.
    [Mr. Gaynor responded for the record:]

    Yes, the Port Security Grant Program (PSGP) has been a valuable 
tool in reducing security risks and increasing the resilience of the 
Nation's seaports. Since 2005, DHS has awarded more than $2.7 billion 
through the PSGP to port authorities, facility operators, and state and 
local government agencies that are required to provide port security 
services. This funding has been directed toward the implementation of 
Area Maritime Security Plans, Facility security Plans, Vessel Security 
Plans, and Port-Wide Risk Management Plans as a means of addressing 
identified vulnerabilities.
    In fiscal year 2018--the most recent awards under PSGP--recipients 
within the Baltimore port area received a total of $2,749,948 in 
funding. The FY 2019 PSGP was funded at $100 million, the same amount 
appropriated for the program in FY 2018. The FY 2019 PSGP application 
period opened on April 12, 2019. Applications are due by May 29, 2019 
and final awards and allocations are expected in early August 2019.

    Mr. Ruppersberger. Thank you. Okay. Good. Appreciate it.
    Ms. Roybal-Allard. Mr. Newhouse.
    Mr. Rutherford. He is gone.
    Ms. Roybal-Allard. Mr. Rutherford.
    Mr. Rutherford. Thank you, Madam Chair.
    I would like to talk a little bit about the Federal 
contracting regulations versus State and local. And just to 
give you an idea of some of the problems that that has created, 
including the reimbursement procedure, obviously.
    Keys Energy in southern Florida still has a $42 million 
FEMA filing from Hurricane Irma. However, Key Energy to date--
and FEMA's released $15 million to the State so far, yet Key 
has only received $1 million of the $42 million that they are 
owed. And in the meantime, they have to take out loans to make 
up for those costs, and now they are paying interest on those 
loans and the--so the storm is still getting more expensive 
every day, to the tune of $2,400 every day it is costing Key 
Energy.
    And so my question is, is there any way we can break this 
logjam where FEMA gives money to the State, who is then 
supposed to disburse it to the locals, those with the loss? Yet 
oftentimes what comes back is FEMA says, well, your contract 
doesn't fit our regulations exactly, so you have to, you know, 
redraft all these contracts. Well, they fit the State and local 
contracts regulations when they were drafted.
    Is there some way we can agree that if they have--if they 
have met the State and local requirements, that they have met 
Federal requirements?
    Mr. Gaynor. Congressman, I don't know the particulars about 
this exact issue, but, in general, if you receive Federal 
money, you have to follow Federal purchasing guidelines. I 
mean, that is in the statute. We encourage recipients of all 
types of grants, whether it is disaster grants or non-disaster 
grants, to make sure they follow the rules when they use that 
money. We pay particular attention to not only following the 
rules, but documenting along the way what you did to make sure 
that the State can reimburse you. So this is all by 
reimbursement.
    If the State contracted Key Energy to do something, the 
contract is between the State and Key, and the first response 
is to make sure that the paperwork and the contract and all the 
things are right. We will reimburse them based on the document 
they submit. We take a hard look at it because we are concerned 
about waste, fraud, and abuse, and if there is some 
irregularity, it may get kicked back. But I would be happy to 
look into the details of this. I mean, I just don't know them.
    [Mr. Gaynor responded for the record:]

    There are 10 Project Worksheets for the Key West Utilities Board 
for Hurricane Irma (DR-4337). The status of each project, as of April 
5, 2019, is provided below (for exact payments that have been made 
through the state to the utilities board, please contact the Florida 
Department of Emergency Management).

    Mr. Rutherford. Why are these contracts that are--you know, 
why can't they be accepted, number one?
    But let me ask you another question too, because another 
issue that we have is, you know, these cities--for debris 
removal particularly. They enter into a contract with a 
provider for that removal, and so, you know, they give a pretty 
good price, you know, per ton of debris. Yet when the storm 
hits, they get a price from somebody in south Florida for twice 
as much as that contract. They pull all their people out of 
that contract area and they go south or wherever that other 
location is and make twice the money. Somehow we need FEMA to 
help us hold these people accountable for the contracts that 
they have.
    Do you have any recommendations on how we might be able to 
address that issue?
    Mr. Gaynor. Yes, sir. There is a lot of money in debris, 
and the bigger the disaster, the more money there is, and it 
can be pretty competitive. There is not many major debris 
contractors around the country that can perform large-scale 
missions, and so they probably look for the top dollar.
    We advocate for State and locals to have pre-disaster 
contracts with some of these vendors or service providers----
    Mr. Rutherford. The contracts are worthless, though, 
because they leave you and go elsewhere.
    Mr. Gaynor. I am not sure what we can do about that. I am 
just saying the best practice is, we are trying to convince and 
encourage State directors and local directors to have these 
pre-disaster contracts. Better to have a contract than to have 
no contract at all. I would rather be on their list than not on 
their list.
    Mr. Rutherford. Maybe they can't get FEMA dollars if they 
violate a contract. That would be a great idea.
    And let me close with this real quick, because I know my 
time is running out. On your sustained whole community 
logistics operation, I know that for Irma, there was an amazing 
amount of prepositioning of goods for Puerto Rico and the 
Virgin Islands and Jacksonville, particularly. Mike Crowley and 
TOTE, two of our Jones Act maritime vessels. That worked 
exceptionally well when--as soon as the port opened, those 
goods and services were pouring into Puerto Rico there in San 
Juan. The problem was distribution throughout the country, you 
know, because of roads and bridges.
    Was FEMA actually part of that staging or did they do that 
on their own?
    Mr. Gaynor. I can't speak to the exact specifics of that 
storm. I will tell you what we have, we have a very robust 
logistics capability within FEMA. Food, water, generators, 
tarps, you name it, we have it.
    Mr. Rutherford. It was very impressive. If you guys were 
part of it, I don't know.
    Mr. Gaynor. I would like to think that we were a part of 
it. And, again, I will go back to my local and State director 
hat. The hardest part to getting those whether it is a bottle 
of water or an MRE, into a hand of a survivor, is that last 
mile. That is the hardest part.
    Mr. Rutherford. That is the hardest part.
    Mr. Gaynor. And we are built on locally executed, State-
managed and federally supported. So if the local is broken and 
the State is broken, it comes to us.
    Mr. Rutherford. Thank you. My time has expired.
    I yield back.
    Ms. Roybal-Allard. Mr. Price.
    Mr. Price. Thank you, Madam Chairman.
    Welcome, Administrator. I come from a State that has had 
many disasters in recent years, and we are having recovery--we 
are undertaking recovery efforts now and appreciate FEMA's 
cooperation. It has been a good relationship, and we, of 
course, want it to continue.
    And one question that has arisen, I want to raise 
specifically with you today, which has to do with the STEP 
program. That is a funded--that is a program funded jointly by 
the State and FEMA, and what it is aimed at is residents who 
might, with some temporary repairs, continue to live in their 
homes while the longer term repairs are being made. That is a 
good idea for them. It keeps them in the community, it keeps 
them able to work and so on, and it also saves the government 
money in resources, not having to put people in congregate 
shelters and hotel rooms and other disaster housing.
    Now, I know FEMA hasn't standardized the STEP program 
across the States, and so there is a certain lack of 
predicability that makes the program difficult to administer 
for emergency management officials. At least that has been the 
experience in our State. For example, we were denied a recent 
extension request, and given an April 22, 2019, deadline to 
complete STEP repairs on between 3,000 and 4,000 homes, mind 
you, hit by Hurricanes Florence and Michael last fall.
    I am sure you know, Hurricane Florence was the Nation's 
second wettest storm in 70 years. It killed 31 people. It 
caused an estimated $17 billion in damage. Our emergency 
officials, believe me, are making good progress, good progress 
on the STEP program. But the sheer magnitude of the hurricanes 
that hit our State have to be considered, or at least we think 
they should be considered. So I will ask you a couple of 
questions in light of this experience.
    First, can you explain your process for determining the 
length of time States have to implement their STEP program? 
And, secondly, what factors do you consider when a State needs 
an extension or applies for one?
    Mr. Gaynor. Yes, sir. Thank you for the question. This goes 
back, I think, to the original housing question. Post-disaster 
housing is a problem. It would be our preference to keep people 
in their homes, and I think that is why we created the STEP 
program. It is relatively new. We are using it in Puerto Rico 
and U.S. Virgin Islands to great success.
    On this very issue, I talked to Governor Cooper last week 
about this extension, and I heard him loud and clear about why 
he needs it. And so we are going to reevaluate the program. 
Typically, it runs 180 days. We are going to look at it again 
and, hopefully, we will resolve it to everyone's satisfaction.
    Mr. Price. Good. I appreciate that.
    Is there anything in the interim? Maybe I should just take 
that as a good answer and leave it at that.
    What are the questions you are dealing with here as you 
consider how to deal with extension requests?
    Mr. Gaynor. Again, I think each disaster is uniquely 
different. Some jurisdictions are more capable than others. 
Weather gets in the way of repairs. I think we are experiencing 
this out in USVI and Puerto Rico. Weather gets in the way of 
repairs, and it is out of the applicant's control, so we take 
all that into consideration. We are trying to assess our risk, 
making sure that we spend the money correctly within the 
statute that directs it. All of this goes into making, 
hopefully, a good, reasonable decision that benefits both 
parties.
    Mr. Price. Thank you. Thank you. That sounds like a good 
approach.
    Secondly, I want to ask you about the Disaster Recovery 
Reform Act of 2019. I was pleased when the Congress passed the 
Disaster Recovery Reform Act last year, the first comprehensive 
emergency management reform package since Hurricane Katrina. 
The law included a number of reforms. That should be very 
helpful to North Carolina and other States hit by disasters, 
especially some of the changes made to the Hazard Mitigation 
Grant Program. The DRRA established new rates for program--for 
the program and expanded the definition of allowable management 
costs, and that is what I want to focus on.
    Can you please tell me when FEMA will release the new 
management cost guidance? And I also understand FEMA is working 
to implement this policy with a goal of having a system to 
allow States to submit applications for management costs by 
early 2019. Can you please share a timeframe for when you 
expect to have the grant management system fully functional?
    Mr. Gaynor. Yes, sir. Like I said in my opening statement, 
we believe DRRA is transformational. And building a more 
resilient Nation, I think the hazard mitigation 6 percent based 
on a disaster is going to be groundbreaking to actually invest 
those dollars pre-disaster. When it comes to management costs, 
we are trying to work through the 49 unique sections in that 
act. We actually had a meeting a couple weeks ago with 
congressional staffers on our progress. I would like to think 
we are making great progress on many of the sessions.
    I don't know the exact status of the management cost 
section, but I would be happy to follow up with you on that on 
where we are. But overall, I think we are in a positive trend 
to get some of those DRRA sections on the street and 
implemented.
    Mr. Price. Let me just say, Madam Chairman, just to 
respond, that we would appreciate that material on those 
timeframes. That will be very helpful.
    [Mr. Gaynor responded for the record:]

    FEMA published interim guidance in November 2018 implementing DRRA 
1215. Interim guidance and supporting documentation for the Public 
Assistance and Hazard Mitigation Grant Programs can be found on FEMA's 
website, at https://www.fema.gov/media-library/assets/documents/174133.
    Hazard Mitigation Grant Program (HMGP)
    The HMGP Management Costs Interim Policy was published in November 
2018 implementing DRRA 1215. The Interim Policy applies retroactively 
to major disaster declarations on or after August 1, 2017. On February 
28, 2019, FEMA deployed system updates to allow application submissions 
for management costs.
    The Interim Policy provides greater flexibility to state, tribal, 
territorial, and local governments. Specific changes include:
            A revised definition of management costs to include 
        indirect costs and direct administrative costs.
            Revision of the maximum management costs rate of up 
        to 15%, including up to 10% for the Recipient and up to 5% for 
        the Subrecipient.
            Elimination of the $20 million cap.
    FEMA will evaluate this interim policy as it is implemented and 
will incorporate management costs into the next version of the Hazard 
Mitigation Assistance Guidance (2015).
    Further, job aids and training development/delivery are underway. 
Currently, FEMA is evaluating the need for developing a reasonable cost 
policy for HMGP.
    Public Assistance Grant Program (PA Program)
    The PA Management Costs Interim Policy was published in November 
2018 implementing DRRA 1215, and additional supporting documentation 
and resources were published in early 2019. The Interim Policy applies 
retroactively to incidents declared on or after August 1, 2017. 
Recipients and Subrecipients with incidents declared from August 1, 
2017, to October 4, 2018, may choose between using the Interim Policy 
or continuing to use existing FEMA regulations and policies related to 
management costs. The Interim Policy provided recipients and 
subrecipients until March 15, 2019, to notify the Agency of their 
selected option. The deadline was extended to April 15, 2019, for 
Puerto Rico emergency and disaster declarations for Hurricanes Irma and 
Maria.
    The Interim Policy provides greater flexibility to state, tribal, 
territorial, and local governments. Specific changes include:
            A revised definition of management costs to include 
        indirect costs and direct administrative, costs.
            Revision of the maximum management costs rate of up 
        to 12%, including up to 7% for the Recipient and up to 5% for 
        the Subrecipient.
            Elimination of the $20 million cap.
            Elimination of lock-in amounts and the associated 
        process for determining the lock-in amount.
    Further, a Standard Operating Procedure and fact sheet on the 
Interim Policy were issued on February 11, 2019, and job aids, system 
changes, and training development/delivery are underway. Currently, 
FEMA is evaluating the need for developing additional reasonable cost 
guidance. In the interim, FEMA will continue to apply the current 
reasonable cost job aid for PA projects until a working group can 
analyze and recommend more holistic, fulsome guidance.

    Ms. Roybal-Allard. Mr. Palazzo.
    Mr. Palazzo. Thank you, Madam Chairman.
    Thank you, Mr. Gaynor, for being here today. And I agree, 
you started off saying sometimes it is the local and State 
solutions are the best fit for communities, because all States 
and communities are different, and you know, those are the 
professionals on the ground, and, you know, and one size 
doesn't always fit all, especially if it is coming from this 
city.
    I would like to first start out by thanking you for the 12 
storm shelters that FEMA has provided to Forrest County in the 
State of Mississippi. You know, we attract tornadoes, 
hurricanes, ice storms. You name it, we get it. And I want to 
thank FEMA, especially the Hazard Mitigation Program Grant for 
that. I know the supervisors and the community are especially 
appreciative of that, because if we can save one life, it is 
really much worth it.
    I would like to shift to something. In about 60 days, NFIP 
is going to expire again. And I don't know how many times it 
has expired since we reauthorized it. I know in 2013, the 
Biggert-Waters Act was introduced, and soon thereafter, when 
communities all across the Nation started to realize that their 
rates were not only just going to go up $25, $30, but 
thousands, and in some cases, tens of thousands of dollars on, 
you know, the homeowners flood insurance policies, we kind of 
stepped in and realized that--in fact, the author of the bill, 
Congresswoman Waters, said the unintended consequence were 
these drastic rate increases.
    I am continuously nervous about if any reforms that we make 
to the flood insurance program, that we get it wrong again. 
And, you know, if people don't--if they have a mortgage and 
they are required to have flood insurance and they can no 
longer afford the flood insurance, that home can be deemed 
insecure, and the banks are therefore forced to basically begin 
taking back that property to protect their asset.
    I do think there are reforms that can be made to the NFIP 
program, but, you know, this is a program that Congress created 
in 1968, and, you know, I am concerned that, you know, when you 
are messing with people's largest single investment, which is 
their home, we got to be very cautious, we got to be very 
studious on how we approach this.
    And I do appreciate what we have done, some of the past 
actions, some of the reforms weren't good. I know we are trying 
to inject the private market. At the same time, we are tossing 
out terms like we need to make the program actuarially sound. 
Well, that all sounds well and good, but we also got to protect 
our homeowners. And we do have a homeowners protection caucus 
that was created as a result of Biggert-Waters, I am one of the 
co-chairs.
    And I would like to ask you, are you seeing, as the efforts 
of privatization--the private market enter into the flood 
insurance market, is that taking place? And, if so, what do we 
do to prevent private companies from cherry-picking, taking the 
most safe policies and undercutting the government NFIP rate, 
and then leaving all the more unsafe properties in a reduced 
premium pool with probably higher and more increased in rates? 
That is just a concern of mine, and that was a concern of many 
of my colleagues when we made--we killed the last NFIP reform 
bill.
    Mr. Gaynor. All great questions, Congressman. First, at 
FEMA, we believe an insured home is a valuable home. To answer 
your first question how many extensions has NFIP had, 42. It is 
time for some reform, we believe that. This past year or these 
past 2 years, we added about 200,000 new policies.
    I think part of the issue with NFIP is when it comes to 
giving insurance policies, we are the only insurer in those 
locations; there is no other insurers to divide that risk up 
into. So when there is a disaster that requires NFIP, it really 
hits hard.
    Now, 1 inch of water in a home is $25,000 worth of damage. 
FEMA gives individual assistance or you can get up to $35,000 
of assistance if you meet all the different wickets. On 
average, we only give out about $2,600. But if you look at 
insurance, what we have given out for the same kind of damage, 
you get $109,000. So, we would rather have insured homes, 
because, first of all, insurance pays first, but it is better 
for everyone.
    FEMA will not make you whole. FEMA is a bridge to get you 
to the next, safe, warm, and dry location, but we are not going 
to make you whole. So insurance is infinitely important for us.
    Last--in 2017, we bought reinsurance for NFIP, and we saved 
the taxpayers a billion dollars. And I think we are going to 
try to do that again. So we are all in on making sure we try to 
rethink flood insurance, because it rains in every State, 
right? It floods in every State. Look at Houston, it flooded 
where, it had never flooded before. So, again, an insured home 
is a valuable home.
    Mr. Palazzo. And we have seen this in a lot of the storm 
events over the past several years, Madam Chairwoman, where, 
you know, the rivers never flooded out the communities; it just 
seems to be happening more and more, and that is why perhaps in 
the second round of questions I will ask you about all perils 
insurance as well.
    Ms. Roybal-Allard. Ms. Meng.
    Ms. Meng. Thank you, Madam Chairwoman.
    And thank you, Administrator, for being here today. I 
wanted to ask about language access issues during and after a 
disaster. Language access has often been an issue for limited 
English-proficient individuals, including and especially those 
of the Asian American and Pacific Islander communities.
    As evident from Hurricane Katrina, FEMA wasn't equipped to 
communicate with the Vietnamese American community then in New 
Orleans. When Hurricane Harvey hit, an API organization such as 
API Vote had to step in to translate information that FEMA 
officials were releasing because it was only available in 
English and Spanish.
    Hurricane Katrina occurred in 2005, Harvey in 2017, which 
is about 12 years. What had FEMA done in between to improve 
language access since Katrina?
    Mr. Gaynor. Ma'am, I think we recognize that making sure we 
get our message out to the entire community is important. I 
can't speak to the specifics of what we have done to improve 
that. I will get back to you on that. But I will just use an 
example; if the U.S. military can have a piece of technology in 
their hand to translate, it would seem that we could do the 
same thing for meeting survivors in a disaster area. But I 
would be happy to get you some information about our strides in 
that and what we are doing and maybe what we plan to do.
    [Mr. Gaynor responded for the record:]

    FEMA ensures all applicants receive critical, accessible, and 
understandable preparedness and disaster assistance communications, 
regardless of language proficiency. To best assist all survivors, FEMA 
provides the following:
           Disaster information in languages identified through 
        demographic analysis of the impacted area;
           FEMA continuously works with the 12 languages as 
        identified by the Post Katrina Emergency Management Reform Act 
        (PKEMRA), but life-saving information in plain language to the 
        public, including printed materials can be translated into more 
        than 200 languages, Braille and large print. Video products 
        that are produced includes captioning (multilingual), American 
        Sign Language (ASL) and audio description and accessible on 
        FEMA's website.
           Staff to identify language needs and connect 
        disaster survivors to applicable translation services;
           Video Remote Interpreting for American Sign Language 
        or on-site translation at Disaster Recovery Centers;
           Appropriate referrals for applicants with 
        disabilities and others with access and functional needs who 
        also have Limited English Proficiency.
           FEMA's Community Partners Branch in 
        Intergovernmental Affairs works with over 100 organizations 
        whose constituencies include diverse populations who require 
        products and materials in various languages. These partnerships 
        help FEMA further increase our distribution of preparedness 
        materials in multiple languages and utilize their relationships 
        with these populations and increase preparedness in these 
        communities. Preparedness publications in seven top tribal 
        languages have been produced and will be posted on fema.gov 
        this summer.
           FEMA has also increased the availability and 
        visibility of preparedness brand, materials, and messages 
        through its Ready.gov and Listo.gov (Spanish-version of 
        Ready.gov) pages. Preparedness information and materials are 
        also readily available in more than 10 other languages besides 
        English and Spanish.
           We are striving to increase accessibility even more. 
        In 2018, FEMA provided translations in 18 languages and 
        delivered more than 700 translated documents in support of 
        requests across various disasters.
           During the last two years, FEMA staff has worked to 
        include an American Sign Language interpreter on several pre-
        scripted videos to update the video library and FEMA's YouTube 
        page.
           The Ready Campaign partnered with USFA to leverage 
        their pictogram contract to develop hurricane preparedness 
        materials in a pictogram format, and will continue to look for 
        opportunities to expand this capability further in meaningful 
        ways.
           Additionally, the FEMA Puerto Rico Facebook page 
        routinely posts preparedness information in Spanish for not 
        only Puerto Rico, but all Spanish-speaking audiences. This 
        included a major 2018 hurricane awareness campaign.

    Ms. Meng. Okay. Yes, I would love to work with you to make 
sure that we are working with organizations around the country 
and to help you and FEMA do as good a job as possible.
    My other question is, there were reports in the media that 
following President Trump's public declaration, he wanted no 
more disaster funds going to Puerto Rico, and that 
administration officials started telling agencies, HUD 
specifically at the time, to block money appropriated by 
Congress for Puerto Rico.
    Do you have any direct or indirect knowledge of any actions 
taken by the Trump administration to block disaster recovery 
money from going to Puerto Rico?
    Mr. Gaynor. Ma'am, what I do know is that the approved 
disaster money through disaster process is how we deliver 
services to those impacted. Other conversations with HUD, I am 
not familiar with. But we have money appropriated through the 
process and we are using that to deliver the best disaster 
relief to our survivors.
    Ms. Meng. So as far as you are concerned, you don't have 
any knowledge of those actions taken by the Trump 
administration?
    Mr. Gaynor. I do not.
    Ms. Meng. Do you or your team staff have any knowledge of 
any communications made with the Trump administration on the 
same topic?
    Mr. Gaynor. I do not, ma'am.
    Ms. Meng. Okay. Thank you. And then back to--sorry. So I 
know that in July, FEMA issued an After-Action Report assessing 
its response to the 2017 storm season. This report included 
recommendations to address staffing needs, increase FEMA 
readiness stocks outside the continental U.S., et cetera. What 
actions has FEMA taken to meet these recommendations?
    Mr. Gaynor. When it comes to what we call the CAD or the 
Caribbean Area Division, which is how we manage Puerto Rico and 
the U.S. Virgin Islands, we have done significant work to make 
sure that we have commodities on island. Between the islands of 
Puerto Rico and the U.S. Virgin Islands, we now have eight 
warehouses for commodities on island, and more commodities 
stateside that we can tap into.
    So we are trying to learn our lessons from Maria and making 
sure that we don't repeat that again. But we have taken 
significant steps to improve our commodities.
    Ms. Meng. And that would help get supplies out to people 
around an island more efficiently than had happened after 
Maria?
    Mr. Gaynor. That would be the theory. Again, I think the 
hardest part for a local emergency manager and State emergency 
manager is that last mile; you can have it, but you have to 
transport it or you have to get it in the hands of the 
survivors. So the last mile is the hardest mile. But there are 
adequate resources and commodities on the islands for a 
disaster.
    Ms. Meng. Thank you. I yield back.
    Ms. Roybal-Allard. Ms. Wasserman Schultz.
    Ms. Wasserman Schultz. Thank you, Madam Chair.
    I have a quick question that is more locally focused. 
According to NOAA, Hurricane Irma was the strongest hurricane 
ever observed in the open Atlantic Ocean. After barreling 
through Florida, 6\1/2\ million customers in my State were left 
without power, and the winds, rain, and flooding left a trail 
of destruction and debris.
    Memorial Healthcare System, a safety net provider which 
operates six hospitals in south Florida, including a level one 
trauma center which is headquartered in my district, cleaned up 
the mess around its facilities, spent money on clearing road 
debris, extra labor and mitigation. However, 15 months after 
their initial application with FEMA for the total reimbursement 
request of approximately $7 million, Memorial Healthcare has 
received not $1.
    Mr. Gaynor, you discussed in your testimony the actions 
that FEMA is taking to consolidate and update your individual 
assistance policies, but what is FEMA doing to simplify and 
streamline the process for reimbursements for emergency 
healthcare providers like Memorial? Because 15 months is far 
too long, far longer than is reasonable to expect them to have 
to wait.
    Mr. Gaynor. Yes, ma'am. Again, I don't have the exact 
details of the Memorial Health issue. I would be happy to look 
into that and see why it is taking so long. Again, I will just 
go back to each disaster is very unique and----
    Ms. Wasserman Schultz. My question specifically is what is 
FEMA doing to simplify and streamline the process for 
reimbursements for emergency healthcare providers like 
Memorial? I certainly am familiar with the complexity of 
dealing with the aftermath of a storm, since I live in south 
Florida.
    Mr. Gaynor. Yes, ma'am. We have implemented the grants 
management system. It is--or I should say, part of the new 
public assistance delivery to better account for paperwork, 
track reimbursements, and make sure that the paperwork is all 
correct before we go down a long road and decide that something 
is missing early on in the process and have to go back again 
and back again. I think this is part of the frustration with 
locals and States that we get to the end and we realize that 
something is missing. This new PA policy project and GMM will 
track these initiatives to make sure that we try to speed it up 
as fast as we can.
    Again, it can be complicated in certain circumstances, but 
our goal is to deliver the fastest relief to our survivors.
    Ms. Wasserman Schultz. I will be honest with you, your 
response doesn't really give me a lot of confidence that you 
have got a system in place that is headed towards improving the 
situation.
    FEMA was plagued with contracting problems following the 
2017 disaster season. In October 2017, FEMA terminated a 
contract after just 20 days with Tribute Contracting, which was 
supposed to deliver 30 million meals in Puerto Rico. The 
contract was reportedly worth $156 million dollars. Tribute 
delivered only 50,000 of the 30 million meals it was supposed 
to. According to media reports, Tribute was a single-employee 
business with no large-scale disaster contracting experience, 
and had already been barred from contracts with the Government 
Publishing Office when FEMA entered into its contract with the 
company.
    Similarly, FEMA had to cancel a $30 million contract for 
tarps or plastic sheeting when a newly formed company called 
Bronze Star failed to deliver the urgently needed supplies.
    Mr. Gaynor, in the aftermath of these failed contracts for 
supplies that can mean life or death for disaster survivors, 
what steps has FEMA taken to make certain that it only 
contracts for goods and services with companies that actually 
have the capacity to perform? And do you look to see if a 
company has been deemed ineligible for contracts with other 
government agencies before you contract with them?
    Mr. Gaynor. Ma'am, so to your point about the contracts, we 
executed for Maria approximately 2,000 contracts. Of those 
2,000 contracts, three of those contracts failed to work and we 
just cut them off at no expense to the Federal Government. The 
Tribute contract, they supplied, I am going to say, 50,000 
meals at about a quarter million dollars. We got the food, we 
paid them, and then we ended the contract.
    Ms. Wasserman Schultz. OK. But what are you doing to make 
sure that mistakes--grave, gross mistakes like that don't 
happen again?
    Mr. Gaynor. So we have increased our cap on contracts to 
make sure we have more capacity among the contracts that we do 
have. And we have plenty of commodity contracts available. So 
if one----
    Ms. Wasserman Schultz. Okay. I am sorry. Before my time 
expires, I just have one more. Following Hurricane Irma, then 
Florida Governor Rick Scott's office overrode pre-negotiated 
debris removal contracts and entered into debris removal 
contracts at extraordinarily inflated prices. Specifically, 
Governor Scott's office signed contracts in Monroe County that 
raised significant concerns about potential waste and fraud.
    What consequences are there--piggybacking on what 
Congressman Rutherford asked you, what consequences are for 
this kind of waste, fraud, and abuse practices? I mean, it 
doesn't make--your response, frankly, to his question doesn't 
make any sense to me. You throw up your hands and you just say 
there is very little you can do?
    You control hundreds of millions of dollars in 
reimbursements, and you can certainly put in place 
accountability practices that ensure that when rules are 
broken, when policies are violated, that you prohibit 
reimbursement from particular entities in the future. Do you 
not have any policies like that in place?
    Mr. Gaynor. We do, ma'am. We use, for instance, the 270 
policy in Puerto Rico, oversight on how a State spends its 
money through manual drawdown. They can't draw money down until 
we approve it. There are many different controls that we have. 
I am not familiar with the Florida issue with Governor Scott, 
before my time; I would be happy to look into it. I am not sure 
if we did anything. You know, what actions we took, I just 
don't know. But I would be happy to get back with you with an 
answer on that.
    Ms. Wasserman Schultz. I would appreciate that. Thank you.
    I yield back.
    [Mr. Gaynor responded for the record:]

           Through the Public Assistance program, FEMA 
        reimburses applicants for eligible debris removal projects.
           FEMA does not enter into contracts for debris 
        removal services nor does FEMA remove debris from disaster 
        declared areas.
           FEMA continues to write and approve reimbursement 
        for Hurricane Irma debris removal projects as documentation is 
        received from local officials.
           FEMA's Procurement Disaster Assistance Teams (PDAT) 
        assist applicants with adhering to Federal procurement 
        standards, as well as FEMA policies and guidance associated 
        with Public Assistance grants. In FY19, PDAT has provided 77 
        training sessions in 8 regions, 18 states, and 43 cities to 
        date.
           We recommend contacting the Florida Division of 
        Emergency Management or the disaster-declared counties for any 
        questions pertaining to contracts they entered for debris 
        removal services.
    The Chairwoman.

    Ms. Roybal-Allard. And now we are honored to have the 
chairwoman of the full committee, Mrs. Lowey.
    The Chairwoman. Well, I appreciate the honor. I do wish I 
had roller skates on today, but I am happy to be here. I am so 
sorry that I missed so much of the meeting, but welcome, and I 
appreciate the opportunity to have a discussion with you.
    In the aftermath of Hurricane Maria, Governor Cuomo 
directed New York State entities to provide assistance to 
Puerto Rico, including assistance provided by New York Electric 
Utilities to repair the electric grid. This effort was 
coordinated by the New York Power Authority, which happens to 
have headquarters in my district. NYPA's efforts are an example 
of mutual aid with State and local governments provide 
assistance to each other in the aftermath of a disaster.
    It is my understanding that the New York Power Authority is 
continuing this partnership to provide assistance, not only to 
Puerto Rico, but also to the U.S. Virgin Islands before, 
during, and after disasters. Can you help me understand how 
this type of mutual aid supports FEMA's efforts? And is there 
anything we can do in Congress to better support and facilitate 
mutual aid?
    Mr. Gaynor. Thank you, ma'am. Thanks for inviting me today. 
EMAC, the Emergency Management Assistance Compact is a State-
to-State agreement between governors to exchange staff, 
equipment, and commodities during a disaster. So a governor can 
ask another disaster for help. It is one of the core things 
that we rely on at FEMA. Kind of a first-level ask before you 
ask the Federal Government; you know, do you have it within 
your State? Can you get it from one of your neighbors? Can you 
get it from across the country? And it really is the core of 
how we do good emergency management in the United States.
    Specifically for the Puerto Rico ask, there were 92 EMAC 
requests fulfilled by 27 States. Pretty amazing support from 
fellow governors in Puerto Rico's worst time. I think that is a 
shining star, on neighbor helping neighbor in this case, to 
make sure that you have all the necessary things that you need 
to deliver, to survivors. Commodities or police, fire, all 
those, resources went to Puerto Rico, and probably to some 
deficit to a State that let it go and didn't have access to it.
    So, again, this business of emergency management is a team 
effort. So from State to State, from our private partners, from 
our volunteers, from other emergency management across the 
Nation, it all has to be a team. No one person has all the 
capability to do it themselves, and we cannot be successful 
without it.
    What you could do, I am not exactly sure. I think EMAC 
works pretty well. I know the National Guard has some issues 
with how they get repaid. I don't know the exact details of it, 
but I would be happy to see what we can do to improve that.
    The Chairwoman. Good. Are there many other of these 
helpers, these States, that were sending supplies? Are they 
still involved or have they all gone home?
    Mr. Gaynor. I don't know if any States are still down 
there. I can check. I would imagine that most of those 
resources have gone home, but I will check.
    The Chairwoman. I just wondered. Now, as you know, to carry 
out its programs, FEMA, as well as State, territorial, and 
local governments, rely on contractors. Recently, The 
Washington Post highlighted issues of payments to contractors 
for the Sheltering and Temporary Essential Power, or STEP 
program, in the U.S. Virgin Islands. This program provides 
critical assistance to residents making repairs to their homes, 
and we understand that it is also being used in Puerto Rico.
    The contractors described in The Washington Post article 
work under a contract with the U.S. Virgin Islands, but they 
cannot be paid until FEMA approves project worksheets for work 
they have done nearly a year and a half after these hurricanes. 
Now, we understand that the U.S. Virgin Islands made a request 
for the funding in question in fall of 2018.
    Now, I understand this is a complex situation. Can you tell 
me how much funding is currently pending for the STEP program 
in the U.S. Virgin Islands and Puerto Rico? And what is the 
status of the project worksheets? Are the project worksheets 
related to Puerto Rico and the U.S. Virgin Islands taking 
longer than usual? And, if so, why?
    Mr. Gaynor. Yes, ma'am. So when it comes to U.S. Virgin 
Islands and the STEP program--which is a success in Puerto 
Rico. We did 110,000 homes in STEP. We hoped we won't do that 
many homes, but we hope to have that great kind of success in 
USVI.
    And this, as I understand, is in two parts. The first part 
of the STEP program, USVI was completed. We reimbursed the 
Virgin Islands with $180 million for that program. They have 
drawn down some of the money, but they still have some money 
that they have not drawn down, which they could use to pay 
contractors, approximately $60 million that is still left.
    The second phase is really aimed at roofs in USVI. That 
project worksheet is called Project Worksheet 100 and is with 
USVI right now. And they are trying to validate some of the 
costs in there. As soon as we get that back at headquarters, we 
will turn it around, and we will make sure that we properly 
fund that--and reimburse that project worksheet.
    The Chairwoman. So the timeframe is how long from delivery 
till you can approve it?
    Mr. Gaynor. Just for context, everything over $5 million 
has to go to the Department, Homeland Security, and OMB for a 
review. So we can get it out the door pretty fast if it is all 
in order. And then we send it to the Department for review and 
then OMB for final review, and then we will transfer that 
money.
    Can't tell you how long that is going to take. I think when 
we get it back from them, we will have a better timeline. But I 
would love to keep you updated on where we are on that.
    [Mr. Gaynor responded for the record:]

     In December 2017, FEMA activated the Sheltering and 
Temporary Essential Power (STEP) program. Through this program, FEMA 
reimburses the territory for basic emergency repairs while allowing 
Virgin Islanders to remain in their homes as a form of shelter while 
permanent repairs are performed.
     More than $283 million in funding has been provided to the 
territory for the STEP program through FEMA Public Assistance. The 
Virgin Islands Housing Finance Authority (VIHFA) administers this 
program and calls it Emergency Home Repairs VI (EHRVI).
           More than $248 million has been obligated to the 
        territory to support all eligible construction expenses.
           More than $35 million was obligated to the 
        territory for project management, including costs associated 
        with travel, billeting of off-island labor and central 
        warehousing of materials.
           As of April 19, USVI has drawn down more than 
        $220 million.
     At the request of USVI, EHRVI was extended until April 15, 
2019. The requested two-week extension of the program will allow the 
territory to maximize the use of its contractors to complete those 
homes that are pending completion.
     Understanding the unique needs of the territory, FEMA made 
several significant policy changes to expand the STEP program to better 
serve survivors, including:
           Increasing the STEP program cap per home from 
        $20,000 to $25,000;
           Providing the ability to waive the cap per homes 
        on a case-by case basis under certain conditions;
           Authorizing roof repairs to residences that 
        received Blue Roof installations; and
           Extending the program period of performance 
        through April 15, 2019.

    The Chairwoman. I would appreciate an update. And I am 
wondering, is this typical, that kind of--roughly, how much 
time does this process take?
    Mr. Gaynor. The scale of Maria is mind-boggling how much 
money that we are trying to deliver. Billions of dollars in 
both Puerto Rico and U.S. Virgin Islands. This is a project 
worksheet of $278 million. This is a large, large worksheet. 
Typically, they are not that size. So it just takes longer 
because it is just more complex. But that doesn't mean it has 
to be slow.
    The Chairwoman. Thank you. Thank you, Madam Chair.
    Ms. Roybal-Allard. That concludes round one, and so we will 
start a second round of questioning.
    Mr. Gaynor, section 20601 of the Bipartisan Budget Act of 
2018 gave FEMA flexibility to make repairs or replace certain 
types of facilities to industry standards, regardless of their 
pre-disaster condition for disasters in Puerto Rico. We have 
heard from the Commonwealth government and others that FEMA is 
implementing this authority in a manner that appears to be much 
more limited than Congress intended, with a potential result 
that few projects will fully benefit from this authority.
    Can you explain FEMA's interpretation of this legislation 
and why there is a sense that this is not being carried out as 
intended?
    Mr. Gaynor. Thank you, ma'am. First, I think we want to 
thank you from FEMA for passing the BBA, as it is known. It 
really allows us to do things that we could not do before any 
disaster. The rules pre-BBA require that we only could restore 
to pre-disaster conditions. As you all know, in Puerto Rico and 
the U.S. Virgin Islands, that is not the case. So this allows 
us to restore to industry standard. So thank you for that.
    And our goal in both Puerto Rico and the U.S. Virgin 
Islands is to build it back better. We believe that we are 
implementing BBA with the congressional intent. However, we 
have preexisting other statutes, Stafford Act statutes, that we 
are trying to blend to make sure we get it right the first 
time.
    I was in Puerto Rico a couple weeks ago and met with our 
Puerto Rican counterparts, COR3. And I think we are in 
agreement with more than less. We are still in disagreement 
about what BBA looks like for certain projects. I think on one 
end of the scale, one can interpret that BBA says everything is 
brand-new. on the other end of the scale, maybe it is just a 
repair. So we are trying to come to some common ground about 
how we resolve that.
    We are full partners with the government of Puerto Rico on 
this. I don't think this is really going to be a stumbling 
block as we move forward. Again, some of these projects are so 
large, it just takes time to get through it. But I think we are 
in agreement more than we are not.
    Ms. Roybal-Allard. Okay. Do you think that these issues can 
be addressed administratively by FEMA or is additional 
legislation needed to reinforce congressional----
    Mr. Gaynor. No. I think we have all that we need. I think 
now we are just trying to get down to the details. If a school 
is completely destroyed and the roof is in, well, maybe you 
need a new school. But if you go to a different school (and 
there is 1,100 of those schools in Puerto Rico) and maybe the 
front door and the windows are blown out, now, does that rate a 
new school? Again, we want to be good stewards of the Federal 
dollar. So we are having these discussions about, how to get to 
yes.
    Ms. Roybal-Allard. Okay. I understand that this authority 
is limited to critical services, which is a specific term in 
the Stafford Act that refers to facilities, such as you 
mentioned, schools and utilities, but not others such as police 
or fire facilities. Do you think an expansion of this authority 
to additional types of facilities is warranted? And, if not, 
why not?
    Mr. Gaynor. I am not sure how far we are on discussion on 
some of these issues. I would have to get details about some of 
these issues and questions about, will we get to yes on some of 
those. But I would be happy to get back to you about the status 
of that. Again, I think we are closer to yes than not.
    [Mr. Gaynor responded for the record:]

    The current authorities are sufficient. The administration 
requested the authority provided in Section 20601 of the Bipartisan 
Budget Act in order to address certain types of critical infrastructure 
in Puerto Rico and the U.S. Virgin Islands (USVI) that were antiquated 
or in disrepair when Hurricanes Irma and Maria hit. In particular, this 
authority was necessary to address the power systems which consist of 
highly interconnected and interdependent components and would have been 
impossible to restore without addressing the pre-disaster condition of 
those antiquated or poorly maintained components. For other types of 
damaged infrastructure that lack this level of interconnectedness and 
these types of interdependencies, FEMA believes that existing programs 
will be sufficient to allow Puerto Rico and USVI to rebuild in a 
resilient manner. These existing programs include Public Assistance, 
Section 406 mitigation, the Hazard Mitigation Grant Program, and funds 
available from other federal agencies, such as CDBG-DR, as well as 
private resources.

    Ms. Roybal-Allard. Okay. The Commonwealth government has 
expressed concerns that the 270 process imposed by FEMA has 
been a cause of delay in disbursing disaster funds, thereby 
delaying projects. And we understand that this is a manual 
validation of costs and documentation. We have also heard that 
FEMA and Puerto Rico have just reached an agreement to have the 
Commonwealth take over this process.
    Can you explain what the 270 process is, its purpose, and 
how it works?
    Mr. Gaynor. So pre-removal from Puerto Rico was a process 
where we looked at all the paperwork to make sure it is in 
order. We had some problems early on in the disaster where an 
entity drew down money without proper documentation. So 
typically, you would have to show, invoices for material, 
supplies, labor costs, all those kind of things, before we 
actually let you take that money from the treasury. And so we 
put restrictions on it, because we are allowed to do that, to 
make sure, again, we do proper due diligence on this funds.
    We have been working with the government for a year on 
their internal control process. We agreed on that last week, 
and we removed all the controls. So now the government will 
have the first shot at reviewing all their paperwork. We will 
sample that as we go to make sure they are doing all the things 
we want to do. If we think the risk becomes too high, we have 
the option to go back to 270.
    I don't think we will have to do that. I think we are going 
in the right direction, and I think this is good for both 
Puerto Rico and FEMA.
    Ms. Roybal-Allard. So you expect, then, that this will 
improve the pace of recovery in Puerto Rico?
    Mr. Gaynor. I do, yes, ma'am.
    Ms. Roybal-Allard. Okay. Mr. Fleischmann.
    Mr. Fleischmann. Thank you, Madam Chairman.
    And, Acting Administrator Gaynor, I really appreciate the 
lines of questioning. It has been very informative for me and 
for us. Thank you, sir.
    I am intrigued, sir, by the idea of working with your local 
partners to improve local capacity to deal with smaller scale 
disasters. How do you define smaller scale, sir?
    Mr. Gaynor. That is in the eye of the beholder. I come from 
the smallest State in the union, Rhode Island. We are just an 
average-sized county in Texas. So what is big for Rhode Island 
is not so big for Texas. And this is part--I think this is part 
of our challenge, to get--to right-size to make sure that we, 
don't create the California size and we don't create the Rhode 
Island size; we create the size that works for everyone.
    Again, having been a local and State emergency manager, 
there are some obligations to make sure that you as a local 
emergency manager can execute the plan for your mayor, and as a 
State director, that you can execute your plan for the 
governor. As the FEMA director, I am making sure that I can 
execute the plan for the President.
    But the whole system has to work together. It is just not 
FEMA. A bigger FEMA is not the answer. It is all of us working 
together to a common cause.
    Mr. Fleischmann. What would be the incentive for a locality 
to take on the responsibility for response and recovery?
    Mr. Gaynor. I would ask, again with my local hat on, would 
I want to manage my own disaster or would I want the Federal 
Government to manage my disaster? I think I would rather chart 
my own course.
    So we would, I think, conceptually, you know, depending on 
what size it is, and again, 50 percent of all these assets are 
under $7 million, we could just block-grant the agreed-upon 
disaster cost to a local, and they would manage it under all 
the Federal rules and regulations and they would be responsible 
for their--what we call now is outcome-driven recovery. Their 
recovery, not necessarily our recovery.
    And just as you know, this is the governor's plan for his 
recovery. We support the governor's plan. We don't implement a 
Federal plan at the local or the State level. Again, I think it 
is just good business.
    Mr. Fleischmann. Thank you, sir.
    The FEMA integration teams, or FITs, are in 18 States. I 
would ask you to kindly provide the committee with a copy of 
the 18 States that are participating.
    Does FEMA approach the States to participate or do they 
come to you all?
    Mr. Gaynor. It is a little bit of both. I think at first, 
Administrator Long was trying to sell this program, we had to 
go out there and sell a little bit. Right now, there are 18 
active FIT teams. All 50 States and territories have signed up 
for FIT teams, and we are trying to meet that goal.
    And, part of the goodness in this FIT team is, typically, 
you only see the Federal Government when a disaster occurs, and 
that is not a good time. So we want to embed our FEMA team to 
make sure that the plans and the processes are integrated from 
State to Federal and from State to local. And those FIT teams 
are there. They act as consultants for the State, when it comes 
to Federal programs, to make it more streamlined. There is a 
lot of goodness in FIT teams, and we fully support them.
    Mr. Fleischmann. Yes, sir. Does FEMA assume the cost of the 
teams, and how long does a team stay with the State?
    Mr. Gaynor. It is. We just realigned what kind of people we 
assign there. So it comes at a high, basically. So what we are 
doing is something else, but I think this is more valuable to 
the agencies to have these FIT teams in these States.
    Mr. Fleischmann. Thank you, sir.
    [Mr. Gaynor responded for the record:]

    These are the 18 States that have FIT teams:
    1. Arkansas
    2. California
    3. Guam
    4. Hawaii
    5. Idaho
    6. Indiana
    7. Louisiana
    8. Missouri
    9. Nevada
    10. New Jersey
    11. New Mexico
    12. North Carolina
    13. Oklahoma
    14. Oregon
    15. Rhode Island
    16. Tennessee
    17. Utah
    18. Virginia

    Madam Chair, I will yield back.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. Well, first, I just want to go over a 
background. Now you have done all the work. You have had so 
many different plans really working very hard in different 
areas. You had the wildfires, the hurricanes. All those issues.
    When you start to rebuild some of your, I guess, standards 
or whatever, do you teach or talk about rebuilding so that you 
are not going to have the same problem again? As an example, I 
am hearing from a lot of people on the waterfront, Chesapeake 
Bay area, and from now on when you have to rebuild, you can't 
have your home on the water. It has to be on a garage or 
whatever it is underneath.
    So where are you as far as standards on rebuilding to make 
sure that we don't continue to put money into the same areas 
that have the same problems, unless someone changed their mind, 
like global warning?
    Mr. Gaynor. Yes, sir. Great question. You know, part of the 
difficulty is some of these repetitive issues. You have a home, 
you have a disaster or a flood, you get money from the Federal 
Government, you rebuild in the same place. That happens a 
couple times. It doesn't really make a lot of sense for us. The 
challenge is most of these changes are local code changes, and 
locals really own their, own domain. So whether it is a city, a 
town, or a State, building codes, zoning codes, it really has 
to start with them. I think we can try to pressure best 
practice. And there are some great best practices around the 
country. But it really has to start locally.
    We would prefer not to keep paying for the same disaster 
over and over and over. To me, that is insanity. And so we need 
to work a little bit harder on making sure that locals have a 
program to make sure that they build in a resilient way so you 
avoid that risk.
    Mr. Ruppersberger. (Off mic) you had some leverage there. 
We were going to be building back in those areas (off mic) 
insurance companies or other groups other than just the locals.
    Mr. Gaynor. And I will have to check my facts. But I think 
if you use hazard mitigation money for a repair and it happens 
again, (I will--I may be half right on this) you are prohibited 
from using that again, I think, for a repetitive disaster. So 
you would have to do something to actually improve that 
property to make it more resilient before you got another 
disaster handout.
    Mr. Ruppersberger. Okay. Thank you.
    Ms. Roybal-Allard. Mr. Palazzo.
    Mr. Palazzo. Thank you, Madam Chair.
    Jumping over--you know, being from Biloxi, Mississippi, 
living my entire life on the Mississippi Gulf Coast, of course, 
you know, I hear a lot of references to Hurricane Katrina. I 
think that was the first bad storm to have hit America, and it 
was unprecedented. And I think the level of the storms since 
then are matching in some cases, maybe exceeding the severity 
of that storm. But that is pretty much a benchmark storm.
    And I don't know, but where would I go to find the best 
practices for FEMA? You know, I do know, several years after 
Hurricane Katrina, we were in Congress, and I was asking 
questions. And it is like, how are we making the same mistakes 
that, you know, FEMA made during Hurricane Katrina. And it 
might not have been mistakes. It might have been lessons 
learned, because it was such a disastrous storm.
    Is there a repository for best practices? So I am assuming 
we are sharing them with the local EMAs and the State EMAs and 
things of that nature. And where could I find those?
    Mr. Gaynor. We do have a great repository of lessons 
learned from DHS on down. And we want to be smarter about how 
we are thinking about recovery, the legacy of Katrina. And I 
will give you some context. This week--or over the past 6 
months, we found out this week that we are still spending 
money, 13 years later for recovery at the tune of, for this 
particular project worksheet, $4.5 million for disaster 
recovery 13 years ago.
    What we want to do is not do actual cost anymore. We want 
to do fixed cost. And this is what 428 alternate procedures is 
about. This is how business is done in America. You want 
something done, I give you a price, I perform the work, I get 
paid.
    You know, legacy recovery is not that way. It is actual 
costs. And if you have no incentive to move faster or move 
smarter, 13 years later, you are still paying on a disaster. We 
just need to change the way we do this recovery. But I would be 
happy to supply, in a tangible way, all the after-action 
resources that we have.
    [Mr. Gaynor responded for the record as follows:]

     FEMA has many best practice repositories available to the 
public on our website, including our Mitigation Best Practices 
Portfolio, and our Incident Public Alert and Warning System Best 
Practices webpage. FEMA also posts various disaster After Action 
Reports online that highlight best practices and lessons learned 
related to each disaster.
     FEMA Program Areas and Cadres also maintain disaster 
SharePoint sites with toolkits that provide updates related to policies 
and processes learned from disasters. FEMA Regional Operations with 
Continuous Improvement Working Groups maintain internal trackers that 
identify lessons learned and issues that arise during disasters. 
Additionally, the Continuous Improvement Program tracked observations 
containing best practices from initial response to recovery for the 
2017 Hurricane Season.

    Mr. Palazzo. I know after Hurricane Camille, there was 
actually a congressional report produced on the recovery 
efforts by the Federal Government. I think I lost those during 
Katrina, but maybe I can get a set from the Library of Congress 
or someplace, Archives.
    Now, obviously, Mississippi is grateful for the financial 
assistance post-Katrina recovery to the tune of over 3-point 
something billion dollars. We would not have been able to 
recover as near as well as we have. And our whole mind-set was 
not to just build back, but build forward.You know, mitigating 
against future storms and be smart with the money, because we 
knew it was a gift from the Federal Government and the American 
people. So please trust me, I mean, we are extremely grateful 
to everyone that supported our recovery.
    Now, I do have something that has been--some concerns that 
have been popping up lately, is that FEMA is kind of like 
second-guessing. Years after the work has been done, they are 
asking for money to be returned. And I know continuously there 
has been a lot of turnover amongst FEMA staff. So there may 
have been a FEMA project director onsite in 2007, work may have 
been done. And then, you know, in 2013, someone is looking at 
the paperwork and saying, well, oh, why did they do this? That 
is not right.
    But at the time, we feel like some of these projects where, 
you know, we followed FEMA's guidance, we did it to the T, we 
did exactly what they want, and now they are kind of being 
unfair changing the rules after the money has been expended and 
spent and asking for it back.
    Is that something that you are seeing or hearing from 
other, maybe, storms? And what can we do to alleviate that? 
Because there has got to be some documentation to say, yeah, we 
approved it. We can't go back 10 years later and say, hey, 
city, you know, you owe us, you know, $30 million because we 
don't think it is--you spent it right, second-guessing what was 
done during the initial recovery.
    Mr. Gaynor. So I have personal knowledge of this as a State 
director of FEMA trying to take money back from the States, so 
I know the pain of that. And this goes to the legacy of how we 
did recovery. If you can imagine, if you started a project in 
2007 and it doesn't close out until 2014, and you have all that 
paperwork that you have to go through to actually get 
reimbursed, it can be an impossible task.
    What we have done, learned from those lessons learned is 
what we have implemented across the country, but specifically 
in Puerto Rico and the U.S. Virgin Islands, is validate as you 
go, right? So, maybe there is a big payment that happens. Take 
all that work that was done, all that paperwork, all those 
forms, and validate it and call it closed. And then we will 
never go back to that. And then move on to the next chunk.
    So it is a new program. I think it is going to prevent 
clawbacks in the future. That is what we call it, a clawback. 
And we want to avoid that, because it is not good for us and it 
is not good for the community that was impacted by the 
disaster.
    Mr. Palazzo. All right. Well, thank you.
    And, Madam Chair, I don't know how much time I have, but 
can I just ask one quick question in terms of Puerto Rico?
    You know, I have heard from several people on the island 
that they would like to see the category A bucket extended, 
because there is so much more work to be done. And we know if 
we go to the local match, Puerto Rico just doesn't have the 
money.
    Can you tell me a little bit about category A? Is there a 
chance that it will be extended? Just your thoughts on that.
    Mr. Gaynor. Recovery is difficult. And we found that 
recovery happens best when all partners, and specifically the 
government--so whether it is a State government or the 
Commonwealth, has skin in the game where you use your local or 
State dollars to contribute to the end result. And we are 
calling it outcome-driven recovery.
    So when you have incentive--and this goes to the actual 
cost and the fixed cost, if you have a fixed cost, we believe 
that you have more incentive to do it faster. If you have 
actual costs but no skin in the game, you are just going to 
hand the bill to the Federal Government, it goes on forever and 
ever and ever.
    I think the administration gave Puerto Rico a lot of time 
on categories A and B. I want to say 8 months. And I think the 
10 percent share that they have is well within their means to 
fulfill. They can use HUD money. It is actually in this plan on 
how to make up that 10 percent.
    So we think it is reasonable. We think it is going to 
achieve a faster outcome when the State or the Commonwealth has 
skin in the game and invest their own dollars in it. Without 
it, it just keeps going on and on and on.
    Mr. Palazzo. Mr. Gaynor, thank you. Thank you for your 
public service, and thank you for being here today.
    Thank you, Madam Chairman.
    Ms. Roybal-Allard. You are welcome.
    We have just a little bit more time for either additional 
question or some comments, so I do have one last question.
    In 2017, FEMA implemented the new delivery model to 
administer the public assistance program. And it has been used 
in most of the recent disasters since then, including, for 
example, in Los Angeles County. However, it is not being 
implemented in Puerto Rico or the U.S. Virgin Islands.
    Can you briefly explain what this new delivery model is and 
why it was not used in Puerto Rico or the U.S. Virgin Islands?
    Mr. Gaynor. Yes, ma'am. I think we are not using it in 
there because it was a pilot program. And by the time we got it 
online, we had already started the traditional process in 
Puerto Rico. And to go back, from what I understand, it was 
going to be too difficult, too time-consuming, and really 
doesn't and will not get us to the end result faster.
    So it is just really a way to make sure you account for all 
those things that you do in recovery in a systematic way using 
technology to track all that. We are using it in other places 
around the country. We are just not using it in Puerto Rico 
because it was a pilot and it wasn't really ready for prime 
time, and so we just said, let's not make our life more 
complicated. Let's just go with what we know, and then we will 
put that program throughout the country at other opportunities.
    Ms. Roybal-Allard. So have you had time to assess this new 
delivery model? And, if so, can you share any results?
    Mr. Gaynor. Only anecdotally. I think positive results. One 
of my former State directors in Massachusetts gave us a 
demonstration on it. I think it was very positively received. 
It has been a few years now since I have been updated on that. 
But I would be happy to go back and see where we are on that, 
uptake, and what the customer satisfaction rate is on that. I 
would be interested myself to see how we are doing.
    Ms. Roybal-Allard. Okay. I would appreciate it.
    [Mr. Gaynor responded for the record as follows:]

    The Public Assistance (PA) Program is FEMA's largest grant program, 
historically averaging $4.7 billion in assistance each year and 
accounting for 51 percent of the grant dollars administered by the 
agency. In 2014 and 2015, to identify improvements to the effectiveness 
of the Program, FEMA conducted an in-depth diagnostic review, analysis, 
and outreach that demonstrated the need for significant changes in the 
way FEMA implements the Public Assistance program. As a result, FEMA 
developed a new business model for PA Program delivery and is 
implementing those changes. The delivery model has three basic 
elements, which support a simplified and streamlined grant application 
process:
           Simplified roles and responsibilities, and re-
        trained Federal staff;
           Cloud-based customer relationship and program 
        management software known as The PA Grants Manager and Grants 
        Portal; and,
           Pooled resources so multiple disaster operations can 
        tap into trained experts when developing PA projects. We call 
        these Consolidated Resource Centers (CRC).
    Additional details about the new PA delivery model and related 
phases in the process are outlined in this fact sheet.
    FEMA conducts customer feedback analysis on the PA delivery model 
to continually improve our processes. From January 2016-April 2019, on 
the Initial Survey, 594 of the 724 (or 82%) of the respondents reported 
they were either ``satisfied'' or ``very satisfied'' with the initial 
PA engagement. When asked in the Assessment Survey about their 
satisfaction with the entire PA process, 1,114 of the 1,358 respondents 
(82%) were either ``satisfied'' or ``very satisfied.''

    Mrs. Roybal-Allard. Any further questions or comments?
    Mr. Palazzo. I could go on for hours.
    Ms. Roybal-Allard. The subcommittee is adjourned.
    [Material submitted for inclusion in the record follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
      

                                         Wednesday, March 13, 2019.

          SECURING FEDERAL NETWORKS AND STATE ELECTION SYSTEMS

                                WITNESS

CHRISTOPHER KREBS, DIRECTOR, CYBERSECURITY AND INFRASTRUCTURE SECURITY 
    AGENCY
    I am going to make my opening statements brief this 
afternoon in order to maximize time for questions.
    Director Krebs, congratulations on being named the first 
director of the Department of Homeland Security's Cyber 
Security and Infrastructure Security Agency.
    We have spoken about some of the challenges that you and 
CISA have faced, and I want to reaffirm my commitment to 
helping you address those challenges. As you know, election 
security has been a major focus of this subcommittee.
    For the second year in a row we have supported significant 
increases to your budget to address the vulnerabilities to 
ensure that our election system is secure and reliable.
    Director Krebs, thank you again for being here and I would 
now like to turn to the distinguished gentleman from Tennessee, 
Ranking Member Fleischmann for his opening remarks.
    Mr. Fleischmann. Thank you, Madam Chairwoman. I appreciate 
those remarks.
    Director Krebs, thank you for being here today, and I 
appreciate you visiting our office and congratulations on being 
the very first. That is outstanding for this very important 
agency.
    Director Krebs, the importance of our government cyber 
security cannot be underestimated. So much of what we do is 
through networks, from getting $20 from an ATM to our military 
weapon systems. Our society today is dependent on safe and 
secure networks.
    Further the principle of fair and accurate election voting 
is paramount to our democracy. And because of this, we need to 
be ever vigilant to protect our critical infrastructure from 
foreign nations and criminals who seek undermine our economy 
and government.
    As you know, the Oakridge National is in my district in 
Oakridge, Tennessee. While Oakridge is sponsored by the 
Department of Energy, it partners with a number of federal 
agencies, including the Department of Homeland Security to 
conduct high level research in many of these areas.
    I will have a few questions later in my rounds about CISA 
and how it works with Oakridge. I think the good work that you 
do combined with the good work at Oakridge does is a great 
value for the taxpayers' dollar, plus we can best bring 
safeguards to our nation and its critical infrastructure 
working together.
    I look forward today to your testimony and to the questions 
from my colleagues as we hear from you about your initiatives. 
Thank you, and I yield back.
    Ms. Roybal-Allard. First, for some housekeeping issues. As 
in other subcommittee hearings, members will be called based on 
their seniority and those who are present when the hearing 
started. I would also, would ask that every member stick to the 
5-minute time they are allotted to allow everyone to have time 
to ask their questions.
    Also, my understanding is, there is a problem with the 
microphones, and so, make sure that you have them on.
    Please proceed.
    Mr. Krebs. Thank you. Chairwoman Roybal-Allard, Ranking 
Member Fleischmann, members of the subcommittee, thank you for 
the opportunity to testify today.
    This hearing is timely, as I recently announced, five 
operational mission priorities for the Cybersecurity and 
Infrastructure Security Agency over the next two years. Two of 
those priorities, federal network security and election 
security, we will discuss today.
    In both Federal network security and election security, 
agencies whether Federal, state or local are responsible for 
the security of their networks. CISA's job is to make their job 
easier as they managed their risk. In this sense we are the 
nation's risk advisor. We work to understand risk, share our 
understanding with those that can best manage that risk, and 
provide targeted support to help them manage their risk.
    On Federal network security our approach is three-fold. 
First, we define for agencies what secure is. Second, we 
provide tools and technical assistance to agencies to better 
secure themselves. And third, when needed or appropriate, we 
act to intervene or intervene to ensure secure and resilient 
systems.
    In all, this is a particularly challenging undertaking, and 
there is room left for improvement in a number of areas, 
including establishing and enforcing a security baseline across 
the government, analyzing the data we have and collect, and 
accounting for new technologies like Cloud and mobile. And yet, 
there is no question that cyber security and federal networks 
is stronger than it was just four years ago.
    Through our approach, our understanding of what is 
happening across networks is improving. IT capabilities 
government-wide are on a path to prioritization and 
standardization, and leadership awareness at the cabinet level 
is increasing, leading to better accountability and more 
consistent implementation of policy and guidance.
    I would like to briefly highlight a few areas of measurable 
progress. Through our Continuous Diagnostics and Mitigation 
program, we are protecting over three million assets across the 
Federal civilian enterprise.
    Before 2016 there was no over-the-top understanding of how 
many devices were even out there. Through our Intrusion 
Prevention System that uses classified signatures, from 2016 to 
July 2017 we stopped 13 campaigns launched by 16 different 
advanced actors.
    Through a Binding Operational Directive we issued in 2015 
we reduced the time agencies were taking to patch critical 
vulnerabilities from an average of 219 days to today's average 
of around 20 days. In many cases this is better than industry.
    In 2017 we issued a Binding Operational Directive to 
require the removal of Kaspersky antivirus products from 
federal networks.
    And finally through a Binding Operational Directive in 2018 
we have enforced stronger email and web security standards with 
the federal government leading all industry sectors in 
deploying DMARC to stop email-based phishing attacks.
    We have made our directives public and available for the 
network defense community. Just recently, we issued an 
emergency directive to protect federal networks from a global 
campaign tampering with what is essentially the internet's 
phone book. We heard back from numerous stakeholders outside of 
the federal government, including a large metropolitan chief 
information security officer that they followed our guidance, 
but did not have to, and yet they did.
    Cyber threats also pose a growing risk to our nation's 
critical infrastructure. Perhaps the highest profile threat we 
face today are attempts by nation state actors to interfere in 
our democratic elections. Ahead of the 2018 midterms, we surged 
our efforts and over 550 CISA employees throughout the agency 
worked with all 50 states and over 1,400 local and territorial 
election offices to raise awareness of the threat, provide free 
technical cyber security assistance, share threat mitigation 
information and otherwise empower state and local election 
officials to secure their systems.
    Our efforts to Protect 2020 are already underway. Protect 
2020 will focus on broadening the reach and depth of assistance 
to state and local election officials and their private sector 
partners, emphasizing the criticality of election auditability, 
prioritizing the need to patch election systems, and developing 
state and locality-specific cyber security profiles that 
officials can use to manage risk.
    In closing, I would like to thank the Committee for its 
continued support of CISA and our mission. The additional $33 
million provided in Fiscal Year 2019 for election security 
helps ensure that election security is here to stay at CISA.
    Additional resources provided over the years for our 
federal cyber security programs that helped raised the baseline 
of cyber security across the federal enterprise and have 
mitigated countless threats to federal networks and critical 
infrastructure. We at CISA are committed to working with 
Congress to ensure that our efforts cultivate a safer, more 
secure and resilient homeland.
    Thank you again for the opportunity to testify and I look 
forward to your questions.
    [The prepared statement of Mr. Krebs follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
   
    Ms. Roybal-Allard. Thank you.
    Director Krebs, in fiscal year 2018, Congress provided an 
additional $26 million for election security efforts by the 
National Protection and Programs Directorate which is now the 
Cybersecurity and Infrastructure Security Agency.
    Congress also provided $380 million to the Election 
Assistance Commission to help secure elections through grants 
to states.
    In the fiscal year 2019 appropriation we provided $33 
million to CISA to continue and expand its efforts. How did 
CISA use its fiscal year 2018 funds, and did you see a 
significant improvement in state election security efforts 
compared to the 2016 election, and to what extent is CISA able 
to coordinate with the Election Assistance Commission to better 
leverage the use of its grant funding?
    Mr. Krebs. Yes, ma'am. Absolutely. I have said it before 
and it was an initial earlier draft of my opening statement, 
but I have said that 2018 was the most secure election held in 
the modern era here in the United States.
    What we did with that $26.2 million in 2018 was help 
broaden and build additional capacity in the agency. What I 
mean by that is additional risk and vulnerability assessment. 
So the actual technical services that are free, voluntary, and 
confidentially provided to state and local officials. So we 
provide those services that prior to 2016 had never happened. 
So let me give you a metric for example of why things were 
different in 2018 compared to 2016.
    In 2018, we had deployed network intrusion detection 
sensors, and those are things that look for communication with 
malicious internet infrastructure. So for 2018 we had deployed 
sensors that covered about 90 to 92 percent of state and local 
networks that managed the voting process, 92 percent.
    Prior to 2016 it was about 32 percent. That is a 
significant improvement based on Congress' recognition of our 
role and empowering us with part of the 26.2 million.
    We were also able to conduct a number of exercises. In fact 
we had an exercise last August with 44 states and the District 
of Colombia. It was a 3-day exercise, had never been done 
before.
    You had a hearing with FEMA yesterday. They do an exercise 
every year called the Great Shake-out, an earthquake-focused 
exercise. We are going to take the same approach every year, 
whether it is a presidential, a midterm or off cycle, we will 
do an election security exercise every single year to help 
support our state and local partners.
    For the upcoming year of 2020, we will continue to build 
our capacity, continue to build the services needed to support 
state and local governments. In terms of the Election 
Assistance Commission, that $380 million, we used some of the 
free services we provide through which we were able to develop 
an understanding of what the real weaknesses in state and local 
systems are, and we used that to develop with our partners in 
the state and local government guidance to help inform how they 
are spending that $380 million.
    Ms. Roybal-Allard. In May of last year the administration 
published a federal cybersecurity risk determination report and 
action plan. And the report stated that 71 of the 96 agencies 
or 74 percent that participated in the risk assessment process 
have cybersecurity programs that are either at risk or high 
risk. And this strikes me to be pretty alarming.
    And so the GAO noted in the December, 2018 report that they 
have considered Federal information security to be a 
government-wide, high-risk area since 1997. So we have been 
working on these issues for at least 22 years and yet it seems 
that our adversaries continue to outpace us in our efforts to 
secure our agencies' networks.
    In fact, as you noted in your testimony just this last past 
January you issued the first emergency directive to Federal and 
civilian agencies because of another known cybersecurity 
threat. Can you provide more context about what the current 
federal cybersecurity risks are, and what kind of damage can 
this cause to federal government operations and to the public?
    Mr. Krebs. Yes, ma'am. So my sense of things is that 
federal networks will always be a high-risk space because of 
the level of threat that we see in the cybersecurity space. The 
emergency directive is a great example of something that we, 
frankly, there was, as I mentioned in my opening, basically 
tampering with the internet's phone book, a simple way to put 
it. But it is not something that we had monitored for, that we 
were actually tracking because we hadn't seen it happen at 
scale.
    As soon as we realized that it was happening, we were able 
to implement services and a set or recommendations to hardening 
infrastructure and improve monitoring.
    Again, things are better than they were in 2016, so we are 
tracking a series of metrics of improvement. They are not 
measurements or metrics for success, because it is really hard 
to measure success in cyber security, even the highest 
organizations have difficulty with that. But we have 
demonstrable improvement in terms of the systems we are 
providing.
    The thing we are focusing on right now is getting systems 
more secure by design and by deployment. And so, as I look to 
the work that Congress has done on IT modernization and that 
the administration has done on IT modernization that is an 
opportunity for us to make common investments to ensure that 
that the next iteration of what Federal networks are more 
secure, so we are not doing security by bolt-on.
    Ms. Roybal-Allard. Mr. Fleischmann.
    Mr. Fleischmann. Thank you, Madam Chairman.
    Director Krebs, thank you again, sir. As I mentioned, I 
represent the Oakridge National Laboratory which includes a 
cybersecurity division. As I understand it this division does a 
lot of work with DHS, S&Ts, transition-to-practice program.
    The core part of this mission is to bridge the gap between 
research and the private sector which requires a transition 
process that allows for technology to mature, and partnerships 
with the marketplace to form.
    Through TTP, DHS S&T is leading the successful transition 
of federally funded cybersecurity technologies into broader use 
through commercialization and adoption by end-users. The TTP 
program has three main goals, identify promising technologies 
that address an existing or imminent cybersecurity need that 
impacts national security, increase utilization through 
partnerships, product development efforts and 
commercialization, and finally, sir, to improve the long-term 
ability of the Federal Government research organizations to 
transition technology more efficiently.
    My first question to you is what is the relationship 
between CISA and DHS S&T?
    Mr. Krebs. Yes, sir, I have actually a very close working 
relationship with the senior official performing the duties of 
the Under Secretary which is the title I used to hold, Bill 
Bryan over at S&T, and through his revitalization process at 
S&T, we have shifted to a much closer alignment between what my 
requirements are as a network defender, a support element for 
network defenders and their actual research and development 
programs. We are seeing a much tighter alignment between what 
they go out and solicit for, and what my requirements are.
    I have a small R&D budget, relatively speaking, along the 
order of, I want to say somewhere in the neighborhood of $4.5 
million. The cyber research and development budget at S&T is 
much, much larger. Again, we have to make sure that we are 
aligning and not just going off and doing good idea projects.
    One of the areas of interest including working with 
Oakridge is the Silicon Valley Innovation Program that S&T has. 
I was just out in San Francisco last week and the week before 
and met with their folks. They have very good relationships 
with those innovators and the venture capital companies out in 
the Valley, that we can really tap into to get ahead of the 
next threat.
    Mr. Fleischmann. Yes, sir. As a follow-up to the question 
how is CISA working in coordination with DHS, S&T to leverage 
and deploy new technologies into the marketplace?
    Mr. Krebs. So in part through the TTP process that you have 
mentioned. It is, again, it is identifying our requirements, 
what are the things we have identified that may be useful 
across federal networks, but also soliciting input from the 
critical infrastructure community and help sorting out what the 
opportunities are for research with S&T.
    Mr. Fleischmann. How is DHS, whether CISA or S&T or other 
elements, sir, leveraging the new cyber technologies coming out 
of our universities and national labs to protect our election 
cyber system, sir?
    Mr. Krebs. So specific to elections, we work with NIST, but 
primarily the Election Assistance Commission has that core 
election relationship with the community, again, providing 
technology assistance or security assistance to those 
stakeholders.
    One of the things that we just recently completed with one 
of our national labs is, as they were developing a technology 
we brought into our lab and worked with them on basically red-
teaming or really breaking down the equipment and finding out 
through the design process what the vulnerabilities might be, 
so that when they deliver a product, it is secure by design.
    Mr. Fleischmann. One final question, what new technologies 
are being used to defend and monitor our U.S. election systems 
for cyber intrusions or manipulations, sir?
    Mr. Krebs. So I touched briefly on the sensors that we have 
deployed, that DHS has deployed. But I do want to step back a 
little bit on election security, as we go out there and get a 
better sense of what election offices and jurisdictions and the 
systems they have deployed look like, we are reinforcing the 
basics of patching, multi-factor authentication, training to 
spot what a phishing email looks like. It is really just 
focusing on the basics.
    Sometimes a lot of the infrastructure even within the 
federal government is not mature enough to accept some of these 
new technologies that are coming out. So while we continue to 
look for new technology and security opportunities, it is 
really hitting the basics hard and that is going to be one of 
our focuses for Protecting 2020.
    Mr. Fleischmann. Thank you, Director Krebs.
    Madam Chair, I yield back.
    Ms. Roybal-Allard. Mr. Cuellar.
    Mr. Cuellar. Thank you, Madam Chair.
    Director, thank you. Let me ask you about elections. I was 
the secretary of state for the state of Texas, so I got 
familiar with elections. And as you know, there are a couple of 
things.
    One is when you look at the election infrastructure it 
covers so many things, whether it is ICT, capabilities, fiscal 
assets, technologies for the registration or the validation the 
casting, the transmission, the tabulation, the reporting of 
votes, the certification, the auditing, the verification of 
election. It is a series that you have to go through and there 
are always opportunities in the different steps.
    Then on top of that you have got, for example, Texas has 
254 counties. That is only the state of Texas. So how are you 
helping all 50 states, and then how do you go down to 
especially the small rural counties that say, nothing is going 
to happen here. How are you all doing that type of outreach? I 
mean is there a systematic way of doing this?
    Mr. Krebs. Yes, sir, there is. So when we stepped back and 
looked at it there are about 8,800. I think the number changes. 
In some states there are up to 1,800 jurisdictions, voting 
jurisdictions in the states.
    So we have to kind of look at this in a one-to-many 
approach. And so, what we do is work with secretaries of state 
like you used to be to reach out and down into the 
jurisdictions within each state.
    So last year in the run-up to 2018, we developed, it was 
called the Last Mile Initiative. And basically it was a poster 
that went to each jurisdiction in participating states. And I 
think at this point we have 33 participating states, but we 
knocked out 19 states in the run-up to 2018, and that is the 
states that wanted to do it, we got through 19. And that is it 
is awareness building.
    So it is here are the threats, here are the potential risks 
in the election process. It really is like you said, a system 
of systems. Here are the things you can do to address and 
mitigate those risks, and then here are the resources available 
from the federal government including signing up for the multi-
state or the Election Infrastructure Information Sharing and 
Analysis Center to do, sign up for a cyber hygiene scan, to 
participate in an exercise.
    So it is really, first and foremost it is increasing 
awareness and then bringing them into some of the free 
voluntary services that we provide.
    Mr. Cuellar. So do you have an idea, you said 88?
    Mr. Krebs. It is about 8,800, and in the run-up to 2018 we 
were able to work with 1,400 of them, and our goal, our top 
priority for 2020 is extending and broadening that reach.
    Mr. Cuellar. So 8,800, you have covered 1,400?
    Mr. Krebs. Yes, sir.
    Mr. Cuellar. So how do you reach the rest?
    Mr. Krebs. Persistence, persistence, yes, sir. It is, 
again, we started from a common denominator pretty much of 
zero. In 2016 there was no relationship between the Department 
of Homeland Security and state or local election officials. We 
are starting from scratch.
    Last February we, working with the election community, 
established the Election Infrastructure Information Sharing and 
Analysis Center or the ISAC. And at that point I believe it is 
about 1,500 local members in all 50 states. That over the 
period of time that that developed, that is the fastest growing 
ISAC of any other sector. So there is progress, there is 
commitment, but this does not happen overnight.
    And the one thing that I have found that is most critical 
and you can't buy it, is trust. So we have had to put an 
enormous amount of boots on the ground time, out across the 
United States to meet, to work, to do exercises, to have a cup 
of coffee and just get to know these folks and let them know 
who we are and what we do, and that we are not here to take 
over elections. We are here to make sure that their elections 
go smoothly, go safely and go securely.
    Mr. Cuellar. Thank you so much.
    Mr. Krebs. Thank you.
    Ms. Roybal-Allard. Mr. Newhouse.
    Mr. Newhouse. Thank you, Madam Chair.
    And welcome, Director Krebs, I appreciate you being here. 
You made the statement that 2018 was our most secure election 
so far, and that is a great statement to be able to make. So 
thank you for your efforts to make that happen.
    Ms. Roybal-Allard. Excuse me, Dan. They are having trouble 
hearing us so we are going to have to speak up a little bit and 
get closer to the microphone.
    Mr. Newhouse. So eat the microphone. I appreciate your 
efforts to make our elections more secure. I think the American 
public really wants that and appreciates the government's 
effort to do that, and so, just a couple of questions 
surrounding that.
    You have been with Mr. Cuellar's line of questioning, 
touching on a lot of that as some of the others too but you 
made the points. I think you laid out three general things that 
you are going to do to work on for 2020. So I wanted to give 
you an opportunity to expound on that, so we will be able to 
come back in 2 years and say that 2020 was the most secure 
election we have ever had.
    And then also as we talked about before the meeting stated, 
the whole subject of security clearances, is that impeding 
agencies' work, your work, and is there anything that we can do 
to help in the whole area of making sure that clearances are 
provided to the right individuals for the right levels, so just 
a couple of enquiries there?
    Mr. Krebs. Yes, sir. So on priorities for 2020 I created a 
new hashtag last week at a conference out in San Francisco. We 
are calling it Protect 2020. I mentioned it in my opening.
    We have three primary areas of focus. One is increasing 
that reach, getting as close to 8,800 as we can possibly get by 
2020.
    The second one is really getting to the bottom of where is 
the risk in the system of systems that is elections. Part of 
that though is understanding that we still need to really focus 
on the basics, and so, that is why we are prioritizing 
organizations really improving patch management. You still find 
that systems out there are either legacy or old systems that 
haven't been patched recently and are still open vulnerability.
    And as we increase that reach, as we increase this 
understanding of where the risk is, we are also going to 
develop and have already developed tools that we can drop on 
top to say I am working with you now, we understand what your 
risk is, I have this capability. I can scan the internet facing 
systems of any organization, and we require it across federal 
government, but I can do it with state and locals, and tell 
them you haven't patched that system and that is out touching 
the public internet. That is probably vulnerable and it might 
be a good way for a bad guy to get inside. So you may want to 
take care of that.
    And the third piece is once we get our understanding of 
where the real risk is, informing the conversation on the Hill 
and state capitals, on the resources whether it is people, 
equipment, funding, whatever, of what it is going to take to 
get these systems to where they want to go. That is probably 
the biggest policy conversation ahead of us, is what it is 
going to take to get these systems where they need to be and 
who is going to pay for it?
    On the security clearances piece, the process of security 
clearances has always been a bit of that albatross over the 
Federal Government. It takes a little too long for the highest 
level of clearances. I think it is in the 17-month period. 
Fortunately, the Department of Defense is prioritizing and 
focusing on that. I have all the confidence in the world that 
they will be able to knock down those wait times.
    At the same time we can do things to make our lives easier. 
We can declassify and we can stop over-classifying. So I have 
certain authorities that I can read people in and give them 
short term clearances. I also have declassification authorities 
in certain spaces. So we need to be looking at this problem 
from both ends.
    I do have the ability and actually the honor of sponsoring 
a program called the Private Sector Clearance Program, where 
from across the 16 critical infrastructure sectors, I can 
sponsor clearances for network defenders and other security 
officers. And that is something that we take very seriously and 
we are looking to streamline that process as much as possible. 
But again, keeping in mind that having a security clearance is 
not a silver bullet and there is not necessarily a treasure 
trove of information on the other side of that wall.
    Mr. Newhouse. Keeping it in mind that we don't want to 
compromise any systems in place.
    Mr. Krebs. Absolutely, yes, sir.
    Mr. Newhouse. And one of the difficulties I would imagine 
is with the election system you have got 50 different systems 
out there, right?
    Mr. Krebs. Well at least. Congressman Cuellar mentioned 
that Texas, Texas, 283, is a bottom-up state, home rule, all 
that. And so, you are having purchasing decisions happening at 
individual county levels. It further complicates it.
    But back to the clearance piece really quick. A lot of what 
makes information classified, particularly at that much, much 
higher level that network defenders don't need. They don't need 
the sources and methods. They really want to know the tactics, 
the techniques and the procedures against which they can defend 
themselves.
    Mr. Newhouse. Again, thank you for being here. I appreciate 
it.
    Thank you, Madam Chair. I yield back.
    Ms. Roybal-Allard. Okay.
    Mr. Price.
    Mr. Price. Thank you.
    Welcome, glad to have you before us. I appreciate your 
testimony. I want to ask you to elaborate a bit more on your 
staffing successes, and I am referring here of course to the IG 
report last month that indicates that it has, staffing has been 
a hindrance. And that to secure our election infrastructure we 
need to pay attention to that.
    I know you are paying to it, but I wonder what kind of 
progress you can report between department leadership changes 
and a prolonged management vacancy in CISA and insufficient 
resources.
    The inspector general has reported that DHS' efforts to 
complete its election infrastructure planning have been 
delayed. The inspector general also found that CISA did not 
have enough dedicated election infrastructure staff and that 
you have not clearly delineated the roles, responsibilities and 
procedure that the staff should have. I am sure you are 
familiar with this.
    As many have said, we are clearly approaching the 2020 
election season. It is critical to ensure that our 
infrastructure for these purposes is properly supported. So a 
couple of questions.
    What steps are you taking, have you taken to hire more 
dedicated election infrastructure staff and to finalize the 
detailed strategy in advance of the 2020 election cycle? And of 
course are there ways that we can or should assist you in 
achieving the staffing goals?
    Mr. Krebs. Yes, sir, thank you. As I mentioned in my 
opening, in 2018 and the run-up, over the course of let us a 
month or so we had over 550 employees within the Cybersecurity 
and Infrastructure Security Agency working election issues.
    Was that every single day? No, because we are not election 
administrators, we are not election experts. State and locals 
are not looking to me to help them understand how to run a 
better election. What they are looking to me for is 
cybersecurity advice and physical security advice.
    And so, when I talk about dedicated election staff, when we 
started in 2016, when we stood up our program for election 
infrastructure we had zero election infrastructure specialists. 
We established a task force that brought in detailees from 
across the, in some cases the Administration but primarily the 
Department of Homeland Security. And then over time as we were 
running up and surging into the election, I was also building 
institutional capacity so that I don't have to have a 
taskforce, I have a sustained, sustainable program.
    We made a series of strategic hires. We are still making 
strategic hires. I actually hired someone off the Election 
Assistance Commission who is a renowned election security 
expert. We just recently brought in through a support 
mechanism, through a contract a local election security expert. 
So we are building that core that sits here in the national 
capital region that more than anything, they are kind of air 
traffic controllers for getting security resources out to state 
and local governments.
    Again, I have got over 200 people in the field at any given 
moment and I can bring that number up and down based on what 
the threat is, but at any given point, I have got somebody out 
there in the field doing elections and that will only increase, 
that will only surge as we run up to the 2020.
    Reinforcing the importance of this mission in DHS and CISA 
through appropriations, 59 million between 2018 and 2019 is 
huge, because I am building capacity that is here to stay, that 
is sustainable.
    In addition, that is building capacity that can go shift to 
other threats as they emerge, whether it is the grid, whether 
it is another industrial control systems issue, we are building 
depth. The highlight for me beyond the fact that it was the 
most secure election in modern era, is that I used elections to 
better coordinate across the interagency with the Department of 
Defense and the intelligence community, so not just we are 
better for elections, we are better for every other critical 
infrastructure sector.
    Mr. Price. Well, I appreciate that and it is hard for 
someone in our position to assess this simply because we are 
not certain what standard you or the IG is measuring staff 
adequacy against. So maybe I could just focus it as my time is 
running out here.
    Focus a little more on your assessment on that report, I 
mean do you accept the implied benchmarks that the IG was 
using, the implied staffing levels that would be optimal, or do 
you differ from that and either way, what remains to be done as 
far as you are concerned?
    Mr. Krebs. I think there may be some differences in 
management style and how to execute in a highly dynamic threat 
environment. I am not focused necessarily on building static 
staff, I am focused on building broader capacity, that as the 
threat environment shifts, I can bring to bear all the 
resources necessary.
    So, I think we did a pretty darn good job in the 2018 
election, I think the results prove it, I think our 
stakeholders would support that and we are only going to 
continue our approach as we go forward into 2020.
    Ms. Roybal-Allard. Mr. Rutherford.
    Mr. Rutherford. Thank you, Madam Chair. Thank you very much 
for being here this afternoon. You know, it seems like in this 
cyber world, if we look at the attacks on systems, private 
industry and others, I am curious how much self-defense if I 
will call it that, how much self-defense are businesses allowed 
as far as responding to and attacking those who are attacking 
them?
    Or is it always just blocking, are we never punching back 
and who makes that decision?
    Mr. Krebs. So while I may have legal training, I am not 
necessarily an expert in the CFA, the Computer Fraud and Abuse 
Act and some of the other legal pieces.
    What we focus on is network defense, the blue team side. 
And so, yes, in some cases it could be perceived as taking 
punches, but it is hardening the things we know they are going 
after. So----
    Mr. Rutherford. But do we ever respond to those sources 
that are attacking us?
    Mr. Krebs. That is----
    Mr. Rutherford. By trying to take them out?
    Mr. Krebs. That is the domain of the Department of Defense 
and I am sure in a different setting they probably would be 
happy to talk about those issues but we are purely on the 
defense side. And sometimes I kind of liken us to the geek 
squad or whatever. You know, we are there to help those that 
own the networks, that own the infrastructure be better.
    Mr. Rutherford. Okay. And so----
    Mr. Krebs. Yes, sir. There is certainly a role for levying 
consequences though against foreign adversaries and that is, 
again, I mentioned that Department of Defense there are already 
a range of tools, there are sanctions, indictments, other 
diplomatic actions, there are a range of tools. But CISA we are 
purely on the----
    Mr. Rutherford. You are not focused on that.
    Mr. Krebs. Network defense.
    Mr. Rutherford. So, as you have gone through a great 2018 
cycle and you are looking at different election software, 
hardware, is there a list that CISA is saying, This stuff 
really works well. Hey guys, don't use this again, it doesn't 
work well. Is there an evaluation system that you are making 
available to the different states and localities?
    Mr. Krebs. So under the Help America Vote Act from the last 
decade, the Election Assistance Commission is responsible for 
working with NIST and other organizations, they have a 
certification process and this is the equipment that EAC has 
certified. Each state legislature and in some cases local under 
Article I Section 4 of the Constitution is then responsible for 
administering the elections.
    Each state has their own process for how they use that 
certification list, how they do testing, every state is a 
little bit different but----
    Mr. Rutherford. But they are there for the----
    Mr. Krebs. Yes, sir. And so we do work with EAC and NIST on 
providing technical expertise. One of the areas that we are 
focusing on right now is as equipment is being developed 
because new equipment is always in the development process, 
working with vendors to help them, again, secure their 
equipment by design.
    Mr. Rutherford. I can't tell if I have any time left. In 
the other 16 categories, energy I guess is one I am sure. How 
are we doing in those fields as well? Have you seen a lot of 
tremendous improvement here in the last couple of years? Since 
CISA is kind of starting to pull everything together it seems 
like.
    Mr. Krebs. So, I think every year there is increase 
awareness of the threat. Just I mentioned last week I was at a 
conference in San Francisco, it is the largest cybersecurity 
conference in the world.
    The general feel, the sense is that things are a little bit 
better, primarily because of the decision makers, the 
executives, the people that own the risk, that manage the risk, 
the CEOs, the governors, the boards, the general counsels, they 
are highly attuned to what the threat is and what their risk 
is, and so they are focusing resources to address the risk.
    But, the basics are still hard, configuring systems the 
right way, patch management, enabling multifactor 
authentication. The basics are still hard to do and we are 
going to keep hammering on the need to do the basics until the 
basics get done and then we will move on to the hard stuff.
    Mr. Rutherford. Two and a half, three years ago we were I 
think really behind the curve.
    Mr. Krebs. Yes.
    Mr. Rutherford. How much better do you think we are now 
than we were three years ago?
    Mr. Krebs. So I mentioned in my opening that I like using 
the federal networks as a good baseline because I can actually 
really measure that quite well.
    Prior to 2015, the average time to patch a critical 
vulnerability was something on the order of 219 days, now it is 
averaging about 20 days, and I bet we can probably do better 
than that too. That is dramatic improvement. That is dramatic. 
And if you can't measure it, you can't improve it so we are 
continuing to look for what those indicators of improvement 
are.
    Mr. Rutherford. Well, you guys keep up the great work. I 
appreciate what you are doing.
    Mr. Krebs. Thank you, sir.
    Mr. Rutherford. And I yield back, Madam Chair.
    Ms. Roybal-Allard. Mr. Aguilar.
    Mr. Aguilar. Thank you, director. I know what it is like on 
this side of the table now, you are doing well here. I will 
testify to Mr. Fleischmann and Ms. Roybal-Allard. No, I am okay 
at my current position, thank you. Thank you, congressman, 
appreciate that.
    Director, I wanted to drill down a little bit more, you 
have been talking about obviously the importance of measuring 
these connections and these touches, 8,800 jurisdictions total, 
you said you have worked with 1,400. Can you classify the 
nature of that? Can you tell us a little bit more and drill 
down, those 1,400, did they come to you and seek support? Were 
those ones that you proactively went to? And how would you 
describe those 1,400 touches? Is there any one area that jumped 
out more?
    Mr. Krebs. You know, it is hard because every state is 
different. It is hard to really characterize of those 1,400 
what the buckets are. But in some cases, give you an example, 
there is a state down south that required at the state level, 
all counties to sign up for the election ISAC and sign up for 
our cyber hygiene scan, that external internet facing scanning 
capability.
    And right off the bat, I got a bunch of, my participation 
level went up. So, we focus in the run-up to 2018 on building 
relationships and a level of trust and comfort with the state 
elections because we understand they have roles of positions of 
authority in their states.
    But, again, not every state is the same. So we look for 
opportunities through other one to many communities, whether it 
is advocacy groups or associations of election officials. But 
sometimes it is really just about getting out there and going 
to various meetings, not necessarily in the big cities, but 
sometimes it is getting on a commuter plane and going to county 
level meetings.
    Mr. Aguilar. Sorry to interrupt, but can you call the state 
elections officials in other states and tell them to share that 
exact story?
    Mr. Krebs. We absolutely do. But their ability to 
influence, so in Texas for instance, it is more of an advice 
role from the state election director down. And that is just 
the way elections are run right now. So it is, to us it is 
about awareness, awareness, awareness.
    Mr. Aguilar. Okay. How do you ensure that those local 
jurisdictions then follow through? So let us use that as the 
example that one that reached out that had others sign up for 
hygiene, the checks? How do you ensure that they are using that 
appropriately and if that isn't just one person getting the 
training and then that person moves on or retires in two 
months. How do you ensure continuity?
    Mr. Krebs. So on the hygiene scanning, that is a biweekly 
thing, right? We do it every week, it just kind of rolls 
through, they get a report. And then from there it is 
persistence, it is following through, it is following up with 
touch points.
    And we can look at some of these things and say this one 
looks particularly concerning, are you taking care of it? So, 
again, to a certain extent it is almost risk-scoring what the 
results that we are getting back are.
    Mr. Aguilar. As you are doing analysis and as you are 
looking and saying, okay, this one looks a little risky, this 
jurisdiction these things jump off the page, how many would you 
classify in a high risk category of they should be contacting 
your and they should be working with you or are they should be 
doing things that they are doing, what would you call that 
category and how many do you think would fall into that?
    Mr. Krebs. I don't know if I have a name for it, but what I 
am looking at right now and I mentioned and used auditability. 
So there are five/six states right now that are of particular 
concern, five states entirely don't have voter-verifiable paper 
trails. So South Carolina and Georgia, Louisiana, New Jersey, 
and Delaware, everybody knows this, this isn't classified, they 
know it.
    They don't have a paper record, it is all machine-based. 
Pennsylvania has about 83 percent I think of their voting 
population, vote on machines, they don't have the paper trail. 
So those are areas of particular concern. And my primary focus 
and area of encouragement would be get them off those machines 
onto something that produces paper that leads to an 
auditability outcome.
    The good news is all five of those states and Pennsylvania, 
Pennsylvania legislature I think passed a bill that said, Thou 
shall do this by the 2020, those other five, they are all on 
the path. They have all either demonstrate it through 
legislative action, through a procurement action, or whatever, 
they are all moving that way. So we monitor, engage, continue 
to help along.
    Mr. Aguilar. And would you say those five deserve a little 
bit more discussion and help along the way to verify that they 
are getting there from an auditability perspective of paper 
ballots?
    Mr. Krebs. So on the verification side, I am more thinking 
about how do we get them there? And that is going to be 
technical assistance, there is going to be a resource question, 
some states may not have budget it appropriately to get that 
done, particularly by 2020. So whatever we can do to help them 
get there is what we are focused on.
    Mr. Aguilar. Thank you. Thanks, Madam Chair.
    Ms. Roybal-Allard. Ms. Meng.
    Ms. Meng. Thank you for being here today and thank you to 
our chairman and ranking member for holding this important 
hearing. I wanted to ask about STEM education, I am concerned 
that our nation's education institutions have not been keeping 
up with the pace of our growing need for cyber talent.
    For the past several years DHS has partnered with the 
National Integrated Cyber Education Research Center to provide 
K through 12 cyber security curricula and hands-on professional 
development for teachers. I know that the center has been 
funded through a series of DHS grants since 2012. Last year it 
got $21.5 million for a period of five years. What metrics does 
your agency use to assess the effectiveness of this program and 
other similar DHS-funded programs?
    Mr. Krebs. So on the CETAP program, last year I believe was 
$4.3 million, we have 12,000 educators in the program across 11 
states and they are able to engage 1.8 million, I think it is 
1.8 million students.
    That is good, that is not good enough. There is a role here 
for everyone, it is a whole of nation effort. So we continue to 
work with foundations, the private sector, large companies that 
are invested in ensuring that when they get into hiring actions 
15, 20 years from now that they have a pipeline.
    So there are a number of efforts afoot right now, there is 
the National Cyber Education Program I think is working with 
Discovery Education. We are looking at ways that we can partner 
with other efforts recognizing that Congress doesn't need to be 
footing this bill entirely that, again, this is a whole of 
government approach.
    And I have got to say that I am as invested in this, this 
is probably the thing I am most passionate about across the 
portfolio. I have five kids that are in or will be in the 
public education system here in Northern Virginia and I know 
what the offerings are right now, and then I have to pay for 
after school programs. You know, that is one way to do it but I 
think we have to mainstream STEM education much, much better 
than we are. And, again, there is a role for everyone, not just 
government, but the private sector as well.
    Ms. Meng. Thank you. And do you think the curricula of this 
center and this program or just programs in general, are they 
preparing them properly to fit the needs of what our country's 
actual cyber security workforce needs?
    For example, we have heard random stories about the kids 
who are studying this curriculum, but don't necessarily match 
the needs of actual programs or what the workforce is in the 
government or whatever the needs are, that they don't 
necessarily match with their learning. Is that something that 
you have seen or?
    Mr. Krebs. So, I don't believe I have done a specific audit 
of the curriculum against what the hiring requirements are for 
the federal government, recognizing that the federal government 
cyber security workforce demands are quite diverse.
    It is more of a general STEM education-base that they can 
go into any technology field including cyber security. To me, I 
think there is some sense in making sure that sound development 
processes are focused on, rather than purely on cyber security 
because there is a certain fatalism associated with it is 
always going to be insecure, so we have to have cyber security 
expertise.
    I want to put a lot more focus into secure by design, 
secure by design, that way we don't need to worry so much about 
the big apps on the cyber security side.
    Ms. Meng. And my other question is about shortages of 
qualified cyber security professionals already in the federal 
workforce. Workforce recruitment and retention has been 
challenging, especially when competing with the private sector.
    Cyber security professionals and the federal workforce are 
paid by the GS level system and maybe you offered a recruitment 
or retention incentive of up to 25 percent of their basic pay 
but there are still difficulties in staffing. Is CISA looking 
into maybe a new pay scale for cyber security professionals and 
are you taking steps to recruit and retain some of these 
professionals?
    Mr. Krebs. So a couple of years ago, Congress passed a law 
that directed us to pull together this program and we are in 
the final stages of developing, that program is called the 
Cyber Talent Management System.
    And the point behind the system is that the GS approach the 
government uses right now for hiring is not tailored to the 
unique education, certification, approaches, processes, 
whatever for the cyber security workforce. And kind of the 
point is, if I have someone that goes to a two-year college or 
maybe no college at all and yet has demonstrated experience 
where they could be incredibly technically proficient at 22, 10 
years' worth of experience effectively, how do I account for 
that?
    Are they a GS4 or a GS11? You know, by the standards that 
we have in place right now, I can't reward that person and pay 
them the way they could be paid in the private sector. So it is 
about balancing the way that we can bring people in.
    That program, we should be making our first hires under 
that program this year. We will have to have a transition 
between the current system and the new system, but in the 
meantime, we are looking at what you mentioned, the 25 percent 
retention rates, we have a very exciting mission. So it is 
about making the job that much more exciting for them in the 
meantime.
    Ms. Meng. Would that apply to returning the federal 
employees too, if they have gone to private and want to come 
back?
    Mr. Krebs. Absolutely. Absolutely. You know, there is a 
program called Scholarship for Service where current college 
and graduate students, I want to have dedicated pipelines in 
the Nation's colleges, universities of all sizes and stripes 
and be able to bring in steady drumbeat every single year.
    And if they come in, they work for me for 5 or 6 years and 
they go out to the private sector, I am okay with that. I am 
okay with that because they know who I am and they know how to 
work with me and they will come back.
    Ms. Meng. Thank you. I yield back.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. First of all, I am glad you are here. I 
think you are on the right track. I know we had a meeting and I 
just want to make sure that you have the resources to do the 
job, because it is a big job and we have a long way to go. And 
once we get where we are, we have got to keep innovating, you 
know that.
    I am going to get into the area of trusted internet 
connections. On one area I have a concern with the 
modernization there. The goal of this program is to consolidate 
department and agency connections to the internet. And the 
general theory is that if the federal government has less 
connections to the internet, then our intrusion, detection, and 
prevention capabilities like Einstein, which it helps us to 
detect and prevent common cyber attacks will be more effective. 
Do you agree with that?
    Mr. Krebs. In the traditional on premise environment, Yes, 
sir.
    Mr. Ruppersberger. Okay. Now first, can you give us an 
update on the TIC modernization and how many TICs does the 
government have and what is your goal?
    Mr. Krebs. I will have to get back----
    Mr. Ruppersberger. It is kind of in the weeds, I know.
    Mr. Krebs. Well I----
    Mr. Ruppersberger. It is important to get it on the record.
    Mr. Krebs. The thing that I was alluding to in my initial 
response is that in the traditional or historic on premise 
environment of having a server room and having a data center 
where you know where the equipment is and you can really sit on 
the pipes and focus them down, TIC was important.
    Going forward, as particularly we shift through IT 
modernization to Cloud because Cloud is efficient, it is 
scalable, it is flexible to meet modern workforce demands, TIC 
won't work because TIC actually undermines the low latency and 
high speed and flexibility of the Cloud.
    So what we are doing is shifting to a model in a series of 
pilots right now where instead of me putting an Einstein sensor 
in----
    Mr. Ruppersberger. Explain to the committee what Einstein 
is.
    Mr. Krebs. Einstein is, well, one of three things, it is an 
intrusion detection system, so you can kind of see the bad 
stuff that is coming in and out and then the intrusion 
prevention system which filters email, which if you see the bad 
traffic, it actually stops it and diverts it to another space.
    The problem is you have to sit on that pipe to look at the 
email and the net flow, and the traffic and how it is working. 
But if it goes to the Cloud, the whole point of the Cloud is 
you have this distributed environment with traffic bouncing 
back and forth.
    So the alternative model which in the end will actually be 
more efficient and save the taxpayer money because we are not 
owning the infrastructure, it is we are setting a set of 
outcomes, security outcomes and requirements for the Cloud 
provider, saying, this is the kind of information we need, you 
guys need to send it back to us and then we can analyze it.
    So it is not about putting the equipment out and looking at 
it as it goes out, instead it is they have got it, they will 
tell us what they are seeing, and then we can alert on that.
    Mr. Ruppersberger. You know, counter to the idea of 
reducing the connections to the internet, the federal workforce 
is actually moving in the opposite direction, and with more and 
more employees working remotely which is the future, by the 
way, and off of the cellular devices and tablets.
    Now, there is a large push in the government to consolidate 
our Cloud infrastructure as you talked about to further reduce 
our attack surface, would you agree to that?
    Mr. Krebs. Yes, sir.
    Mr. Ruppersberger. Okay. All right. How is CISA adapting 
its network security strategy to the changing federal 
workforce, and do you intend to start incorporating more 
endpoint protection and endpoint detection in response to 
protect the users at the edge of the network? Did you 
understand what I just said?
    Mr. Krebs. Yes, sir. So through the Continuous Diagnostics 
and Mitigation program that we rolled out a couple of years 
ago, we are going through a capability enhancement, basically 
the life cycle.
    And we historically called them phase one, phase two, phase 
three, phase four. What we are finding now is that it is better 
to go through phases based on the capability of the 
organization. Some agencies are just more sophisticated than 
others.
    But to your point, we are really focusing what the next 
couple of years look like for mobile and for Cloud. Some 
agencies are going to be able to take some of the Cloud and 
mobile capabilities sooner than others. But it is in the CDM 
lifecycle or the phased approach.
    But as I mentioned, we are ultimately going to shift from a 
model where we own the infrastructure, we own the sensors and 
instead, we are putting out a baseline policy and a series of 
outcomes that we are looking to achieve. And so we have 
everybody playing by our rules rather than we are doing the 
operations and maintenance on equipment, and ultimately I think 
we are going to be more effective and I think we are going to 
be able to do it faster and I think we are going to be able to 
use the private sector's agility to get those better secured 
outcomes.
    Mr. Ruppersberger. And you are going to need more resources 
and money, so it is so important you maintain this relationship 
with our committee and our staff, so we know where you are 
going to be next year and the year out, because this is going 
to get more difficult and it has more needs as we move to the 
future.
    Mr. Krebs. Yes, sir. Thank you.
    Ms. Roybal-Allard. We have been joined by the chair of the 
full Appropriations Committee, Ms. Lowey.
    The Chairwoman. Thank you. I don't have my roller skates on 
but there are a lot of hearings going on at the same time 
today.
    Mr. Ruppersberger. I like to see you in roller skates, you 
are pretty good.
    The Chairwoman. I will show you pictures of me----
    Mr. Ruppersberger. Okay.
    The Chairwoman. When I was 8. At the age of 8. Excuse me. 
First of all, I would like to join my colleagues in welcoming 
you, Director Krebs. DHS' inspector general released a report 
about the department's efforts to secure our nation's election 
infrastructure.
    According to that report, state and local officials' 
rampant mistrust to Federal Government assistance critically 
harmed the DHS's ability to secure election infrastructure. I 
understand that some states are sensitive to what they perceive 
as Federal overreach into their election systems, however, 
integrity and trust in our election processes are fundamental 
to our democracy at every level. And I know you face 
significant challenges in threading the needle.
    In 2017, election infrastructure was brought under the 
government facilities critical infrastructure sector within 
DHS. I would be interested to know, how did that move change 
your relationship with state and local governments?
    Mr. Krebs. Ma'am, prior to that designation, that was 
before I came on board in March 2017, I think Johnson made that 
on January 7, 2017. The easy answer is relatively just prior to 
that designation, there really was no relationship.
    So it probably got worse as a result of that designation, 
but there wasn't much further down to go from there. So what I 
have focused on since day one of March 2017 is getting us to a 
place where we have a trusted relationship with state and local 
election officials.
    The Chairwoman. I would be interested in knowing how does 
CISA work with entities like the Multistate Information Sharing 
and Analysis Center, the Election Infrastructure Information 
Sharing and Analysis Center, the Election Taskforce, and 
others.
    Mr. Krebs. So the multistate information sharing ISAC, it 
is based in Albany, New York. It is an organization that we 
actually fund through a grant or contract, and they provide 
resources to state and local governments. A lot of the tools 
and capabilities in some cases that we provide to federal 
agencies, they are able to provide out to state and locals.
    The MS-ISAC as we call it, they started, founded with state 
and local officials the EI-SAC, the Election ISAC. So we work 
with them day in, day out, throughout the 2018 election in the 
run up, we provided technical alerts, we provided intelligence, 
we provided basic trend analysis of what was going on out there 
in the world, and they were able to send to their members.
    By the election, they had 50 states, all 50 states and 
1,400 election, local jurisdictions participating in the ISAC 
which is a historic number relative to any other sector. Now, 
bad news is there are 8,800 or so jurisdictions, so we still 
have room to go, but we started from zero and I think we have 
made pretty good progress and we will continue to focus there 
for 2020.
    The Chairwoman. That is really impressive. So I just wonder 
how we can continue to improve these relationships and how do 
you address the concerns that some state and local governments 
have about working with CISA like federal overreach? How do you 
deal with it? How do you build confidence?
    Mr. Krebs. You know, it doesn't happen overnight. It is 
investing a lot of personal time, a lot of miles out there. I 
spent a good deal of last summer in the run-up and actually 
pretty much all of 2018 out there on the road, just meeting 
with secretaries of state, meeting with local officials, 
letting them know that we are here to help.
    We are not here to take anything over, we just want to make 
sure that they are successful in their jobs as election 
administrators. But really, it is all about trust, it is all 
about letting them know that we are here to help, and when I 
get the question of how do you think you did, I sometimes get a 
little uncomfortable in asking that question and say 
particularly if I am testifying in front of an authorizers 
panel and I am next to a state election official and say, I 
don't know, ask him or her.
    And generally speaking, I think the response has been 
pretty good across both sides of the aisle. This is not a 
partisan issue, I take a nonpartisan approach and I think, 
again, the proof is in the participation.
    The Chairwoman. And what percent is left that you haven't 
been able to interact with?
    Mr. Krebs. So on the local side, I am not a math guy, 
right? But we have worked with over 1,400. So we have got a big 
number left out there. 7,400.
    So we will get there and it is just going to take time, it 
is going to take boots on the ground work, it is going to take 
advocacy. You all actually have a role as well when you go 
home, when you go back to your districts, if you can work with 
your counties, if you can work with your voting jurisdictions 
and say, hey, are you working with DHS? Are you working with 
CISA? They are here to help you, they are not taking anything 
over.
    The Chairwoman. And I wonder about is with all the talk 
today, cyber security and the past election and who leaked what 
to who, I don't want to get into that stuff today, but I who I 
am not an expert in all that stuff.
    Believe me, I just worry who is dreaming up the next 
challenge for the next election. Do you get into any of that 
stuff?
    Mr. Krebs. Absolutely. That is what keeps me up at night. I 
know what they did in 2016, I know what they tried to do in 
2018, what are they going to do in 2020? So we have got to make 
sure that we are covering down on the basics.
    We have got to make sure that they can't get in through the 
last approach, and try to be a little creative. The one way 
that we are going to be able to do this is we have to engage 
the American public, we have to let them know that there are 
bad people out there that try to do bad things, but you know 
what, we have got a system here that works and we are doing 
everything we can to protect it, we have to restore faith and 
confidence in the American people that this is not a system 
that is about to tip over and fall down. That we are doing the 
right things and I think we are going to be successful.
    The Chairwoman. I hope so. I wish you good luck.
    Mr. Krebs. Thank you.
    The Chairwoman. But I think those are the questions that 
really----
    Mr. Krebs. Yes, ma'am.
    The Chairwoman. Keep me up at night because so many of us 
were blindsided. We still don't have all the facts, although 
the facts may be out there but they are not believed across the 
board, across parties and I just think this is so serious and 
we really have to work in a bipartisan way and figure it out.
    Mr. Krebs. Yes, ma'am.
    The Chairwoman. Thank you very much. Thank you.
    Ms. Roybal-Allard. I think it keeps a lot of us up at 
night.
    Okay. That completes the first round. So we are going to go 
on to the second round. And I would like to go back to the 
federal cybersecurity risk. You talked a little bit about the 
obstacles that you face in getting ahead of our adversaries.
    But what I would like to ask you is, are agencies 
appropriately prioritizing their budget request to ensure these 
risk are mitigated and to the extent that funds are budgeted 
for this purpose, are they being used effectively, and would 
more funding help in this effort?
    Mr. Krebs. So I do think that with more we can do more, but 
we--we have to get back to the question of the basics. We 
continue to have outdated legacy infrastructure out there, and 
with the turn--the changeover in the administration, one of the 
statistics was there is $60 million being spent on Federal IT 
and about $40 million of it was operations and maintenance, and 
a lot of that is keeping legacy systems up and running.
    We have--we have got to get out of this model where we are 
just paying to patch and paying to keep the old stuff running. 
We have got to modernize. But that is--but that is in and of 
itself not going to fix. I am excited about the IT 
modernization efforts, because it means we have an opportunity 
to shift from the security bolt-on mentality where I am adding 
security solutions on top and instead, we can design and 
configure and deploy IT secure--securely.
    Now, the remaining challenges that we have at least in the 
civilian non-DOD, non-intelligence community space, we still 
have decentralized model which means every agency and 99 some 
odd agencies, every agency is responsible for their own IT and 
their own security. So what we are focused on right now, 
working with OMB, is defining what a security baseline looks 
like for all agencies, centralizing services.
    Some agencies just can't do the job, so I can help them do 
it for them, identifying and enforcing policy to ensure 
consistency of approach. Again, the more that we get into a 
centralized approach and that is not just on the federal, the 
executive branch side, but also on the congressional oversight, 
there is still decentralized oversight, decentralized budget 
and appropriations, if we can bring it all together, if we can 
bring it all together, that is going to be make it much easier 
to manage.
    Ms. Roybal-Allard. Director Krebs, you mentioned in your 
testimony under the heading supply chain risk that you are 
taking steps to secure the actual hardware agencies use to 
build their networks and the software that runs them. Can you 
describe what these risks are and where they come from? And 
have you encountered issues on any federal networking resulting 
from this type of risk?
    Mr. Krebs. So this is the emerging issue right now that I 
have found, it is supply chain risk management. It is really, 
really hard because of the lack--the lack of transparency in 
whether it is hardware or software, firmware of the build 
process, who is four, five, six layers down.
    We have encountered software or--or supply chain challenges 
and vendor management challenges over the last couple of years. 
Congress passed a bill last Congress on federal supply chain 
security that set up a federal acquisition supply chain 
council, so thank you for that. It is an important process that 
is, from our position will address some of the issues that we 
experienced during the Kaspersky binding operational directive 
process. So yes, we have experienced issues in the federal 
government, Kaspersky was one of them. We identified is as a 
threat or as a risk to information security, risk management 
posture, and we eliminated, we removed it, required the removal 
from networks and Congress subsequently mandated by statute.
    So we are in the early days of figuring out what supply 
chain risk management looks like for the federal government and 
we are implementing the legislation, the statute. There will be 
a council stood up, DHS will be a key member, we will look at 
the standards, the processes. There will be adjustments to 
regulations and acquisition processes, but it--we have tools 
now that we didn't have this time last year.
    Ms. Roybal-Allard. Can--can you just remind me what kind of 
damage was done by Kaspersky?
    Mr. Krebs. So on Kaspersky, it--it wasn't that there was 
necessarily damage, there was the potential--potential for 
damage, but most importantly, it was an untenable risk 
position. So the way I look at the Kaspersky issue was that it 
was this anti-virus product which had effectively wide, broad 
access to equipment below a level against which you monitor, 
effective anti-virus products bring the information they 
collect back to a central collection point. It just so happens, 
in that case, it was in Moscow, and we know that there are a 
series of laws in Russia--and other laws that intelligence and 
law enforcement services over there can compel access to 
information.
    So basically, if you work that chain back, FSB, GRE or 
whatever, the Russian services potentially had access to 
civilian networks. Untenable position, ripped the equipment 
out.
    Ms. Roybal-Allard. Okay. What tools exist today to help 
agencies identify the hardware and software they are using that 
is vulnerable?
    Mr. Krebs. So there--there are a range of both kind of hard 
tools and soft tools, more through contracting processes you 
can require the prime contractor to identify second, third, 
fourth tier subcontractors. There are open source tools that 
can map supply chains and identify where in those, where in the 
process those risks are. Those are the sorts of things that we 
are looking at, what those tools and capabilities are that we 
can pull into the supply chain council and issue guidance and 
issue contracting language, model contract language to 
departments and agencies.
    Ms. Roybal-Allard. Okay. I have several other questions, 
but my time is up. So Mr. Fleischmann.
    Mr. Fleischmann. Thank you, Madam Chairman. Director Krebs, 
in your testimony, you referenced initiatives CISA is taking to 
mitigate supply chain threats as one way of securing out 
networks and infrastructure. Do these efforts include election 
equipment?
    Mr. Krebs. So we do work with the election community, state 
and local election officials, the vendor community, the 
Election Assistance Commission in this to provide threat 
awareness and security best practices. We do have a pilot 
program that we are in the initial stages of as I mentioned 
earlier where we are working with a vendor, we are taking their 
equipment as it is in the development process and we are 
basically red teaming it. Meaning, we are trying to attack that 
box. We are trying to hack into it. And we then provide the 
findings back to the vendor and say, Here are some of the 
things you need to work on.
    Mr. Fleischmann. Okay. As a follow-up to that sir, do you 
believe the Election Assistance Commission and their partners 
at NIST have developed voting system guidelines and 
certification processes that adequately take supply chain risk 
into account?
    Mr. Krebs. So the--it is kind of a temporal question, but 
they are in the process right now of developing or receiving 
comments, I am sorry, on the voter--the voluntary voter systems 
guide, voting system's guide 2.0. They have just--the EAC that 
just recently got--reached a quorum where they could issue it. 
So that process is ongoing right now.
    So I haven't reviewed the--the guidance in detail recently, 
but it is--it is certainly progress.
    Mr. Fleischmann. Thank you, sir. Help America Vote Act or 
HAVA was enacted in October of 2002, nearly 19 years ago when 
the Hanging Chad was the greatest threat to our democracy. Fast 
forward to today and we are looking at challenges we would 
never have dreamed of back then. The Election Security Act was 
included as a separate title of H.R. 1. How much input or 
communication did the department have in crafting the Election 
Security Act and do you feel your concerns were incorporated 
into the text?
    Mr. Krebs. So over the course of the last Congress, we 
provided technical assistance on a range of election security-
related legislation with the Election Security Act, with the 
secure act, I can't recall the specific name. So over the last 
Congress, we did provide technical assistance.
    You know, when I look at section 3 of H.R. 1, there are a 
lot of things that we do already in there. You know, we will 
provide technical assistance to anyone that--that requests it 
whether it is a vendor or a state and local government.
    Mr. Fleischmann. The Election Security Act has a number of 
new requirements and about four new grant programs by our 
count. One question, do you find your best work with the states 
comes about because you have collaborative and voluntary 
relationships?
    Mr. Krebs. I think our best work comes from, with state and 
locals, they come because I have a service that--that they need 
and they trust.
    Mr. Fleischmann. All right, I think that about does it. 
Thank you, Director Krebs. Again, I want to thank you and your 
department for an outstanding job. Well done, sir.
    Ms. Roybal-Allard. Mr. Price.
    Mr. Price. Thank you, Mr. Commissioner. I want to ask you 
about the international context of this--of this challenge. 
Based on press reports and other reports we hear, it is 
sometimes hard to distinguish what the level of involvement is. 
I mean there are disinformation campaigns, there is hacking 
into the election-related communications, the famous email 
cases, there is hacking into the actual voting equipment, the 
countries in which there has been serious interference seem to 
include, according to reports, Montenegro, Moldova, Ukraine, a 
number of European situations, I wonder how much--how much do 
we monitor this, how much do we know about it, how much do we 
learn from it?
    This is partly a question about the relationships your 
agency has with, of course, with the intelligence community, 
with Defense, with State, with other--other government agencies 
and exactly what the division of labor is with respect to 
international monitoring and international cooperation. It is 
also a question though about how you would assess the state of 
play here. Do we have the kind of international agreements and 
understandings we need to monitor what is going on and 
understand what is going on, to--to devise protections in a 
cooperative way, to have mutual warning systems and so on.
    So I am asking you for an assessment of what we--what we 
know and what we have yet to achieve in terms of understanding 
and dealing with this internationally.
    Mr. Krebs. Sir, you--I think you laid out the three vectors 
appropriately and that is how they are characterized in the 
intelligence community assessment after the 2016 elections. It 
is--it is the technical lacking of election equipment, it is 
the disinformation, the--the campaign to sow discord and 
divisiveness across the American people and then the hacking 
lead campaigns and political operations and campaigns.
    In terms of the level of--well, let me--so I am--my team 
leads the domestic efforts of protecting election equipment. 
The FBI is responsible for the disinformation campaigns, the 
discord and divisiveness and countering those efforts and then 
there is the hacking lead piece where we do work very--we work 
with political campaigns, particularly the national parties to 
help them secure. In fact just last week, I met with a number 
of folks on that that count.
    Internationally, the intelligence community is all over 
this. They regularly track these activities. They work closely 
with their international--with their partners overseas. What we 
are doing within CISA right now is kind of collating the--our 
lessons learned from 2016 and 2018 and then going to our 
international partners particularly in Europe as they are about 
to face, there are national level votes coming up and then 
there are also the European Parliament votes that are coming up 
in a matter of months.
    And we are just offering our experience and our findings 
and saying, You know, these are some of the things that we 
found useful. We did some kind of innovative things I think of 
working with the media of raising awareness and education, the 
things we are doing and where the risk really is.
    Mr. Price. CISA is engaged in this directly.
    Mr. Krebs. Yes, sir.
    Mr. Price. With international counterparts.
    Mr. Krebs. Just last week, again, out in San Francisco at 
the RSA conference, I met with probably 30 to 40, I lost count, 
of my international partners and the hot topic is election 
security. So we shared our experiences, the things we found 
useful. I am going to send basically a travel team more sounds 
like kind of a European vacation for spring break, but over to 
Europe to share our experience and the best practices and tips 
that we have.
    Mr. Price. Do you feel, by virtue of these international 
contacts and your access of course to our other agencies, do 
you feel like you have a good fix on the full range of 
techniques and how advanced the different classes of actors 
there might be?
    Mr. Krebs. I will admit that part of this experience of 
engaging with our international partners is there are tools 
being deployed and techniques being deployed in certain spaces 
in the Baltics for instance that we haven't seen here yet. So I 
want to figure out what that is going to the chairwoman's point 
of what are you thinking for 2020? What do you think they are 
going to do? I don't know yet. I haven't seen it yet, but maybe 
they are using it somewhere else and if I can go spot it over 
there, I can go--I can get ahead of it here.
    Mr. Price. Well, that is really why I am asking, it is 
clearly relevant, urgently so.
    Mr. Krebs. Yes, sir.
    Mr. Price. And I would think a bellwether of what we might 
see here.
    Mr. Krebs. Yes, sir.
    Mr. Price. And you are confident you have those--those 
links out?
    Mr. Krebs. Yes, I will be spending part of April over in 
Europe to do just this. We host delegations of international 
partners virtually every week, whether it is Europe or Asia-
Pacific. We are working this every single day and we are 
working with our partners every single day.
    Mr. Price. Thank you. Thank you, Mr. Chairman.
    Ms. Roybal-Allard. Mr. Rutherford.
    Mr. Rutherford. Thank you, Madam Chairman. Director, I am--
I am going to follow-up on this international kind of angle 
here as well, but let us switch it over to private industry, 
you know, the strength of any chain is only as strong as the 
weakest link. And so what is CISA's relationship with private 
industry abroad, particularly when we look at issues like 
China? You know, I am hearing some of the property theft as 
high as--well, I have heard a lot higher than that, I have 
heard a trillion, so, who knows what the number is?
    But it is it is obviously significant. Can you talk a 
little bit about what are we doing working, what does CISA 
doing working with those private industries to combat these 
attacks on their intellectual property?
    Mr. Krebs. So two kind of--two ways to address this 
question. One is what is happening overseas that we may not 
have seen here yet and that is what certain countries are maybe 
doing, in Ukraine or the Middle East or elsewhere. So we work 
with our international partners and we work with their domestic 
industry to, again, get ahead, try to get ahead of what the bad 
guys are doing, and so that we can bring that learning back 
here and harden our domestic infrastructure. So that is point 
one.
    Point two is the U.S. companies traveling overseas, 
engaging overseas we are working to build awareness and share 
strategic intelligence. And what by that, I talked about this a 
lot last week, but China has kind of told us what their areas 
of interest are. They have set out a plan for strategic sectors 
of where they want to grow and how they are going to get there. 
So what we do is we look at those strategic sectors and we 
engage domestic companies that play in those sectors.
    And we try to make, we hope they understand that they are 
our target, they need to make sure they are taking care of 
their networks and we can help them. But the risk level is 
going to change. So if you play in those sectors, your risk is 
at this level, a five let us say. If you do business with 
China, a Chinese company or Chinese government, then your risk 
is a little bit higher, maybe a seven. If you operate in China, 
your risk is then, I don't know, quote Spinal Tap here, your 
risk is an 11.
    It really does matter where you operate and what space you 
operate in and how you do business. Do you outsource your 
services?
    Mr. Rutherford. So do we have any guidelines for them or 
are there any CISA requirements?
    Mr. Krebs. We have guidelines--Yes, sir. So requirements, 
no. We are a voluntary organization, but we are in the midst of 
an awareness campaign in--in December 20th last year, the 
Department of Justice indicted a number of Chinese hackers 
related to a global hacking campaign.
    So what we have done is a series of webinars, outreach, 
engagement, working with our industry partners to help them 
understand what the Chinese did and some of the things that we 
can do collectively and individually to protect against those 
sorts of attacks. This is--I mentioned in my opening, I have 
five strategic priorities for the next 18 months to 2 years, 2 
of them federal networks and elections.
    Number one, China supply chain, 5G.
    Mr. Rutherford. Okay, thank you very much. I yield back.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. Yes. I would like to know your thoughts 
on how the CISA's successes or failures can be communicated to 
the subcommittee, again, because of preparations, what tools 
and things you need. And I know you brought this up in your 
opening statement, I needed to be at another event, so I 
couldn't be there, but I have always had problems or concern, 
that DHS' cyber mission and not yours but just generally is 
that I don't know how we are doing it in this field. It is 
evolving and I think since you have been here your position to 
stabilize to an extent, but I think we have to go a long way as 
far as educating this committee.
    And you have a good team, you have good people, though I 
don't think you have enough people or resources, but that is 
another thought and you have got your budget and we are going 
to deal with that. But can you expand upon your risk 
management, your metrics as far as determining your successes 
or failures as it relates to where you are so this committee 
can deal with that and understand more other than just showing 
up for a hearing, ask staff to do the work.
    Because I am really concerned, I know that--I represent NSA 
and I have been dealing with cyber since I have been in 
Congress and I am really concerned. It is such a major, other 
than nuclear weapon, this is probably one of the most dangerous 
threats that we have in the world and in this country too, and 
we haven't, even destructive attacks and that type of thing. So 
I want to find a way that you can continue to communicate, let 
us know where you are and not because someone from the 
administration says you got to do this, you got to do that.
    I mean this is serious and I know you have credibility and 
you want to do what is right. So do you have any ideas on how 
we can deal with this and what metrics we can use to do it?
    Mr. Krebs. So the metrics distinguish us from NSA because 
this is----
    Mr. Ruppersberger. Yes, probably different, I understand.
    Mr. Krebs. It is not apples to apples. They have control 
authorities over the----
    Mr. Ruppersberger. They have got the--they have got the 
resources and they do it--and you have got a mission.
    Mr. Krebs. And so we are a voluntary organization for the 
critical infrastructure community. We do have certain 
authorities over the federal government and that includes 
setting baselines, deploying tools. Congress has helped with 
that through some of our--what is known as Einstein Program. 
And we--well, where we are going to be most successful whether 
it is in the federal government or in the critical 
infrastructure community is by providing something of value.
    One of the key areas of focus right now for our Continuous 
Diagnostics and Mitigation program, we just entered the defend 
phase. What this really means is we are buying at scale to 
provide a resource to an agency cheaper than they would be able 
to get otherwise, whether directly through GSA or effectively 
on the open market.
    Einstein 1, Einstein 2, what we do is we aggregate all 
sources, commercial sources, open source, we bring everything 
together. Again, no agency would be able to do, buy every 
single threat feed out there and bring it all together and 
clean it up and package it. It just--it doesn't scale and it is 
not the right way to do government.
    So while we have these tools, these services, these 
capabilities we are pushing out there, adding a value below the 
price point somebody would be able to do otherwise, we are also 
looking at where from a defense in depth perspective, we can be 
the most effective. And really it is things like the patch 
management, Binding Operational Directive 15-01, we said thou 
shalt patch, federal agencies patch critical vulnerabilities in 
30 days.
    What we found is they went from 219, 219 days to about 20. 
That was purely because of a policy. So I need to be looking in 
that stack of defense in depth and say where else can I have a 
high return on investment that doesn't just saddle a CISA with 
one more thing that they need to do on a daily basis. And that 
is--that is really our area of focus right now.
    Mr. Ruppersberger. And I think that is laudable, but here 
is one concern. You have different agencies. Sometimes these 
agencies have been given independence. They have their techs, 
some are not very good, some are better. Now, it seems to me 
you, as the oversight, need to deal with that, not only deal 
with it with the administration, but deal with it with us, 
because if you have--if you don't have that coalescing of 
everyone together, you are talking about the tools. You have 
talking about the oversight that we still have--we haven't done 
what we need to do in dot gov, you know that. And it is going 
to take more than just what you are seeing here today.
    It is going to be Congress working with the administration 
and to make sure that if we have got a lousy department because 
of their boss or because they don't have the technology, then 
we are in trouble. And you talk about the chain, the weakness 
of the chain.
    Mr. Krebs. Yes, sir. We are working with the Office of 
Management and Budget right now and Suzanne Kent the CIO, 
federal CIO on establishing a security baseline. And this is 
what every agency's profile from an outcomes perspective, in 
particular, should look like.
    Mr. Ruppersberger. And that is really important to me on 
where we think what we are going.
    Mr. Krebs. Absolutely yes. And----
    Mr. Ruppersberger. Yes, are you finished?
    Mr. Krebs. Yes. So--so as we, again, as we go through this 
IT modernization process, as Congress continues to invest in 
better citizen services, if we hit the baseline, then we are 
much better off than where we are. And if an agency can't do 
it, I am there as a backstop to help them get there.
    Mr. Ruppersberger. You work very closely with the FBI 
because they have the jurisdiction here too.
    Mr. Krebs. Yes, sir.
    Mr. Ruppersberger. Because they really improved a lot I 
think from where they started and where they are.
    Mr. Krebs. It is a whole government approach and I just--I 
am--I didn't think that I would necessarily see this level of 
cooperation across the intelligence community at the Department 
of Defense, the law enforcement community.
    Mr. Ruppersberger. And----
    Mr. Krebs. So we are--we are--we are a lot better than we 
were certainly four or five years ago, just, again, I think it 
is the awareness, the sense of urgency and the desire to just 
jump in and take--and try to tackle the problem.
    Mr. Ruppersberger. Thank you.
    Mr. Krebs. Yes, sir.
    Ms. Roybal-Allard. Ms. Wasserman Schultz.
    Ms. Wasserman Schultz. Thank you. Mr. Krebs, thanks for 
joining us. In your prepared testimony, you stated that one of 
the highest profile threats we face today is attempts by nation 
state actors to maliciously interfere in our democratic 
elections. You went on to describe the work that CISA did in 
the lead-up to 2018 midterms to assess federal partners, state 
and local election officials and private sector vendors in 
better defending their infrastructure from malicious actors.
    In August, the heads of the National Security Agency said 
that Russia was still trying to influence and disrupt our 2018 
midterm elections. Did Russia attempt to interfere on our 
elections in 2018?
    Mr. Krebs. So the departments were all here is to assess 
whether there was a material impact. The secretary alongside 
the attorney general, the acting attorney general at that time 
issued a statement a month or so ago that said there was no 
material impact tied, attributed to a nation state on the 2018 
election.
    Ms. Wasserman Schultz. The question is, did they attempt?
    Mr. Krebs. I would--I would have to go and look back 
specifically at DNI Coats'----
    Ms. Wasserman Schultz. Material impact is different than an 
attempt.
    Mr. Krebs. But Russia is an active player in this space. 
They continue to try, they will continue to try. I would be 
disappointed in them if they didn't try again in 2020. They are 
here to stay.
    Ms. Wasserman Schultz. Okay. So if Vladimir Putin denied 
that they were attempting to interfere in our elections, would 
you believe him?
    Mr. Krebs. My job is to help state and local election 
officials protect our systems.
    Ms. Wasserman Schultz. I know, given what you have just 
said--given what you have just said, if Vladimir Putin denied 
that Russia is attempting to interfere on our elections, would 
you believe him?
    Mr. Krebs. You know, I base on what I see. We see activity. 
The intelligence community was very clear in their statement in 
the report of 2017. Russia, they tried to interfere, 
absolutely.
    Ms. Wasserman Schultz. So you would not believe Vladimir 
Putin if he denied their intentions.
    Mr. Krebs. I believe in the intelligence community. They 
said he did it, he did it.
    Ms. Wasserman Schultz. Okay. Did any nation state beyond 
Russia attempt to interfere on our elections in 2018? And did 
any non-state foreign actors attempt to interfere on--in our 
elections in 2018?
    Mr. Krebs. So generally the landscape is pretty active 
right now. I think in part Russia gave the playbook in 2016, 
but everybody has a different style and different objectives 
they want. The best--you know, I describe it this way.
    Russia is trying to disrupt the system. They are trying to 
create havoc. They are trying to undermine the American 
people's confidence in our system of democracy. China on the 
other hand, very, very active. I think the FBI director has 
said that they have active counterintelligence investigations 
in every--in all 50 states or every field office, whatever 
their metric is. But they are trying to manipulate the system 
to their advantage.
    China is--you know, you are only successful in China if 
they let you be successful. They are trying to shape global 
politics in their favor so that they are the prime----
    Ms. Wasserman Schultz. So are they making attempts to 
interfere in our elections process?
    Mr. Krebs. They are--they are absolutely engaging and 
influencing the political process.
    Ms. Wasserman Schultz. In what is China engaging in that 
activity?
    Mr. Krebs. Well for one they--as I mentioned, they are very 
active in local politics. They get local politics get influence 
money into the process. So yes, this is--I am stepping well out 
of my area of expertise, but you know, I--they are active.
    Ms. Wasserman Schultz. So Ms. Yang's potential ties to 
China could be related to those efforts?
    Mr. Krebs. I am not sure.
    Ms. Wasserman Schultz. The individual who was the owner of 
the massage parlor in Palm Beach County where Robert Kraft was 
and 40 others were caught and who contributed to President 
Trump's campaign in the 2016 election.
    Mr. Krebs. I would have to defer to the Department of 
Justice on that one.
    Ms. Wasserman Schultz. Okay. To your knowledge, what 
methods did nation states and non-state actors deploy in an 
attempt to interfere in our mid-term elections and were they 
preventable?
    Mr. Krebs. So in terms----
    Ms. Wasserman Schultz. Just as you describe with China I 
know, I can see the difference between Russia's efforts and 
China's, but are--are the non-mechanical attempts to interfere 
preventable?
    Mr. Krebs. Non-mechanical, you mean like social media, are 
you talking about manipulating the press?
    Ms. Wasserman Schultz. Things that are not related to 
influencing the outcome of our elections in our systems and 
voting processes and the like.
    Mr. Krebs. So we are very focused on the technical tactical 
on network hacking of state and local elections especially and 
increasingly, particularly as we are in the midst of a 
presidential cycle, working with political campaigns.
    Ms. Wasserman Schultz. And just--just one more question 
because I don't know how much--I can't see how much time I have 
left.
    Okay, given President Trump's insistence that Russia did 
not interfere in the 2016 election, how can we have confidence 
that this administration is taking the threat seriously and 
that you have the authority and independence needed to fulfill 
your responsibilities?
    Mr. Krebs. I have been in meetings with the president when 
he said he believes the intelligence community report, he has 
assessed them. He said it publicly, I will take him at his 
word. That is what I go on. I operate with the state and local 
officials, below the headlines. That is my job.
    Ms. Wasserman Schultz. And you are given the authority and 
independence needed to fulfill your responsibilities.
    Mr. Krebs. Absolutely. And again I think the proof is in 
the pudding. You go ask any state or local election official 
that has worked with us whether we are of value to them and 
have we been helpful or we have been in any way restrained. 
Again, I think--I think the proof is in our performance.
    Ms. Wasserman Schultz. Good to know. Thank you. I yield 
back, Madam Chair.
    Ms. Roybal-Allard. Could you have--sure, absolutely.
    Mr. Rutherford. I want to follow-up on Mr. Ruppersberger's 
question about what kind of matrices can you provide to us, 
this committee so that we--so that we see the value and the--
and the progression of what you are doing. And I was thinking 
about these binding operational directives that--that you guys 
have the capacity to put out. At agencies, they are binding on 
these agencies.
    I think one measurement could be how many of these BODs do 
you put out and then how well, following up on how well those 
agencies are responding the way you are asking them to respond? 
And I would be very interested in that kind of measurement 
going forward.
    So I appreciate Dutch bringing that up.
    Mr. Krebs. So all of the binding operational directives at 
this point have been publicly posted. I think also the 
compliance metrics and we across the board, we have had the 
kind of--the compliance that we would want.
    Mr. Rutherford. And----
    Mr. Krebs. Right. You know when we find--let me give you an 
example, the recent emergency directive which is the first 
emergency directive which is based on an emerging threat and 
something we are greatly concerned about in January that we 
ask--we asked agencies to do four things.
    One of those things was enable multifactor authentication, 
which means harden the security access and authentication 
measures on the systems that manage the domain system--domain 
name system of records. What we found was that some agencies 
had outsourced the DNS records management to a third party, to 
a contractor, and when they asked the contractor to enable 
multifactor authentication, the contractor said, We can't. We 
just--we technically can't do it.
    Aha, so this is one of the challenges of contracting and 
outsourcing processes, there is push and a pull. So what we 
then do is work with that agency on road mapping how to get to 
a provider or maybe this is something that the Department of 
Homeland Security can do down the road. We can build that 
infrastructure to provide a DNS management system for the 
interagency. So these are the sorts of things that we are 
working towards.
    Mr. Rutherford. But that is the kind of thing that I 
think--that I think Dutch was talking about and I would like to 
see because it shows me the bang for our buck going forward.
    Mr. Krebs. Yes, sir.
    Mr. Ruppersberger. And we are really in a new phase now and 
we are pioneers. Ten years from now it is going to be a lot 
different. We have got to stay ahead of the curve and educate, 
workforce, everything.
    Mr. Krebs. Yes, sir.
    Mr. Rutherford. Thank you.
    Mr. Ruppersberger. Is that the end of the hearing?
    Ms. Roybal-Allard. Yes, unless----
    Mr. Ruppersberger. Well I do have something that is kind of 
a joke, but all the matters are over with, semi, when Chris and 
I gave--when Chris and I gave a cyber-speech in Baltimore, so I 
had my staff as his staff. Is there anything that, a joke, and 
we were all apprehensive and didn't want to say hey, you know. 
Don't say it came from us.
    Mr. Krebs. I came prepared, don't worry.
    Mr. Ruppersberger. But he loves colored socks. What are 
they today?
    Mr. Krebs. They are a little camo.
    Mr. Ruppersberger. Oh yes, they are--they are conservative.
    Mr. Krebs. You know, I was prepared.
    Mr. Ruppersberger. Okay, you got it.
    Ms. Roybal-Allard. And the hearing is adjourned.
    [Material submitted for inclusion in the record follows:]
    
    
   
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    

                                           Tuesday, March 26, 2019.

                       UNITED STATES COAST GUARD

                                WITNESS

ADMIRAL KARL SCHULTZ, COMMANDANT, UNITED STATES COAST GUARD
    Ms.  Roybal-Allard. The subcommittee on Homeland Security 
will come to order.
    Admiral Schultz, I want to welcome you to your first 
hearing before the subcommittee, and we are pleased to have you 
testifying before us today.
    I would also like to thank you and the thousands of 
Coasties you have the privilege of leading for your service to 
the Coast Guard and our country.
    Nearly a year into your tenure as commandant, we look 
forward to a good discussion of your observations and visions 
for the future.
    As the fiscal year 2019 bill, I was pleased we were able to 
provide the Coast Guard with over $10 billion in discretionary 
funding. We funded important investments to recapitalize the 
Coast Guard's air and marine assets, including for the Coast 
Guard's first polar security cutter to replace the current 
aging family of icebreakers.
    I want to acknowledge that the government shutdown was 
difficult for the Coast Guard families. The Coast Guard was the 
only armed service that worked without pay for those 5 weeks. 
But I was pleased that in our enacted bill we were able to 
support those men and women with resources for more staff, 
increased pay and increased subsidies for childcare.
    Unfortunately, the President's fiscal year 2020 request for 
the Coast Guard was less promising. It proposes an overall 
reduction to the Coast Guard budget of over $700 million, 
including a reduction of more than $1 billion to the 
procurement account. We look forward to hearing from you today 
about your fiscal year 2020 request and whether it would 
provide the resources that you need to support your important 
and varied missions.
    I personally want to add that I look forward to seeing some 
of the assets and capabilities of the Coast Guard in my home 
state next month, when a number of my colleagues and I come to 
observe DHS operations in San Diego and Long Beach. Thank you 
again for joining us, and I look forward to our discussion.
    I would now like to turn to the distinguished gentleman 
from Tennessee, Ranking Member Fleischmann, for his opening 
comments.
    Mr.  Fleischmann. Thank you, Madam Chairwoman.
    Admiral, I just want to take a personal note of thanks to 
you, to the government shutdown. You represented the Coast 
Guard and the men and women who serve you in exemplary fashion. 
I want to thank you for sending Admiral Ray to Chattanooga for 
Coast Guard Week, and to all of the men and women who serve us 
in our great United States Coast Guard, a heartfelt thanks. 
This is a very special subcommittee, but I--I can assure you, 
there's tremendous bipartisan support for what you do, and I 
thank you, sir.
    I can see that the priority in this budget is to support 
the men and women of the Coast Guard. Reading through your 
written statement, it is apparent that your goal is making sure 
the people on your command are taken care of, and that they 
have the resources they need because they give so much to our 
country each and every day. I will have some questions about 
some specific investments later.
    However, I also see the procurement account where OMB is 
proposing to short-fund some of the programs that are a 
priority of the Congress, which we have seen before across the 
committee. I have some questions about those investments, as 
well.
    I look forward to working with you and the chairwoman as 
she puts together the bill to address the needs across the 
department, sir. Thank you again for your testimony today, and 
for your service every day, sir, and I yield back.
    Ms.  Roybal-Allard. Before your testimony, I would like to 
take care of some housekeeping items. The order in which 
members will be called for questions will be based on the 
seniority of those present when the hearing was called to 
order, alternating between majority and minority members. And 
to ensure that everyone has ample opportunity to ask questions, 
I would ask each member to keep to the five minutes that they 
are allotted.
    So, again, Admiral Schultz, thank you again for joining us 
this morning. Please provide a brief summary of your testimony, 
and we will enter the full text of your testimony for the 
record.
    Admiral  Schultz. Good afternoon, Madam Chairwoman Roybal-
Allard, Ranking Member Fleischmann, members of the committee. I 
appreciate the opportunity to testify today and ask that my 
written statement be entered into the record as you noted, 
Madam Chairwoman.
    First, on behalf of the men and women of the United States 
Coast Guard, please accept my profound gratitude for your 
unwavering support, including the recently enacted fiscal year 
2019 appropriation and the 2018 hurricane payment supplemental 
funding. These were meaningful steps towards delivering a Coast 
Guard that's ready, relevant and responsive to meet the 
American needs and expectations, what the American public 
deserves.
    Yet our work is not done. If you take away just one thing 
from this hearing today, please remember this: Readiness. We 
must be ready: ready to push our maritime border 1,500 miles 
from our shores; ready to preserve the $5.4 trillion in 
economic activity that flows through our Maritime Marine 
Transportation System annually; ready to support the geographic 
combatant commander needs around the globe; ready for the next 
hurricane season, which is just around the corner; and ready to 
put our cyber-authorities to use as we adapt to 21st century 
threats.
    Without question, building and sustaining readiness is my 
top priority. And we are at a critical juncture, a tipping 
point of sorts. Almost a decade of near-flatline operations and 
support funding, Coast Guard readiness is eroding, just like 
the other armed services.
    Yet unlike the Department of Defense, the Coast Guard 
funding is categorized as nondiscretionary or non-defense 
discretionary, which means we are excluded from the effort to 
rebuild our military, and continue to find ourselves outside 
looking in when it comes to material operations and support 
plus-ups. In 2017, Department of Defense received a 12 percent 
boost in operations and support funding, while the Coast Guard 
received a 4 percent increase.
    Yet the Coast Guard military contributions are innumerable. 
Every year, we profoundly--excuse me--we proudly expend over $1 
billion on defense-related activities in direct support of the 
combatant commanders. But the $340 million of defense readiness 
dollars that we receive for this work has not changed in 18 
years.
    As an example of our growing defense portfolio, the 
National Security Cutter Bertholf is supporting the Indo-
Pacific commander operating in the South China Sea right now, 
enforcing U.N. sanctions against North Korea and protecting and 
advancing U.S. interests throughout the Western Pacific.
    Though we strive for relentless resilience to execute 
Homeland Security and Defense operations, our purchasing power 
has, in fact, declined. If we continue to neglect our growing 
backlog of deferred repairs on our capital assets, including 
shore infrastructure, we will lose ground in the fight to 
defend our homeland from the evolving threats challenging our 
nation.
    Despite these challenges, I am extremely proud of the Coast 
Guard's contributions. In 2018, as part of the Department of 
Homeland Security's layered security strategy, and in support 
of Joint Interagency Task Force South, our surface and aviation 
assets interdicted 209 metric tonnes--that's 460,000 pounds--of 
cocaine, more than all other federal agencies combined, and 
apprehended more than 600 suspected smugglers.
    Disrupting transnational criminal organizations at sea 
where they are most vulnerable helps reduce what we call the 
push factors that are responsible for driving human migration 
to our southwest land border. As I speak today, National 
Security Cutter Waesche is patrolling in the Eastern Pacific.
    Our national security cutters have exceeded performance 
expectations by every metric, and now we must focus on a 
transition from outdated and costly medium-endurance cutters--
our 210s and 270-foot ships--to a planned fleet of 25 highly 
capable offshore patrol cutters, which will be the backbone of 
the Coast Guard's offshore presence for decades to come.
    In the polar regions, your Coast Guard's the sole surface 
presence to protect our rights and project sovereignty. As 
access to the region expands and interest from China and Russia 
grows, it's in our national interest to be there to enhance 
maritime domain awareness and build governance in this 
economically and geostrategically competitive area. In the high 
latitudes presence equals influence.
    Two weeks ago, our sole operational heavy icebreaker, the 
Polar Star, 43 years young, returned from a 105-day patrol to 
Antarctica, where it's conducting the annual McMurdo Station 
breakout, enabling resupply of this vital national interest. 
These missions take a toll, and Polar Star's crew worked 
miracles to keep their cutter mission-viable, battling a ship-
board fire, numerous electrical outages, and combating engine 
room--just off the ice edge, we put embarked Coast Guard and 
Navy divers into the frigid Antarctic Ocean to effect repairs 
to the shaft seal. I am proud of their efforts, and I remain 
concerned, however, that we are only one casualty away from 
being a nation without any heavy ice-breaking capability. New 
icebreakers cannot come fast enough.
    And thank you for the $675 million in the fiscal year 2019 
appropriation. Coupled with the $300 million in prior years' 
appropriations, I am pleased to report we are on track to award 
the detail, design and construction contract in 2019 to keep 
this vital program on schedule.
    Finally, I appreciate the administration's support for a 
number of initiatives that invest in our greatest strength, and 
that is our people. While modest, they represent tangible 
investments towards what I call the mission-ready total 
workforce; for instance, critical investments in our marine 
inspections workforce and to our cyber-security operations. 
That builds upon the capabilities that facilitate the $5.4 
trillion of annual economic activity on our nation's waterways, 
while protecting maritime critical infrastructure from attacks, 
accidents and disasters.
    A dollar invested in your Coast Guard is a dollar well 
spent, and with your continued support, the Coast Guard will 
live up to our motto, Semper Paratus--always ready.
    Madam Chairwoman, I would just like to add thank you for 
your gracious remarks this morning on behalf of our Coast 
Guard. It was very gracious of you, ma'am and Ranking Member 
Fleischmann.
    I stand ready to answer any questions, and appreciate the 
opportunity to testify today.
    [The prepared statement of Admiral Schultz follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
    Ms.  Roybal-Allard. Thank you, Admiral.
    Admiral Schultz, during the partial government shutdown, 
the press rightfully focused on how it affected the Coast Guard 
families. I want to personally express my appreciation for the 
men and women of the Coast Guard who continued to protect our 
country despite the difficulties that it caused for them and 
their families.
    However, I would also like to point out something that I 
don't think is getting enough attention: the lasting and 
persistent effects of that shutdown.
    Could you spend a few minutes sharing with the subcommittee 
some of the effects of the shutdown--some of the effects that 
the shutdown had on the Coast Guard beyond the obvious effect 
of morale?
    Admiral  Schultz. Yes, Madam Chairwoman.
    Let me start by saying, as we head into a critical calendar 
event, which is, you know, the 1 June start of the annual 
hurricane season--we have come off three busy hurricane 
seasons--you will have a ready, full-up Coast Guard ready to do 
the Nation's business here.
    The lingering effects of the shutdown, I think we are 75 
percent reconstituted. Some things that we never get back, we 
had to defer boat maintenance periods. Those are our fleets of 
hundreds of small boats. Cutter maintenance periods, some of 
that just got pushed to the right.
    We had furloughed contracting officers, so you just can't 
do that kind of work. That is not recoverable. My oral 
testimony really accentuated, as did my written testimony, 
readiness being my top priority. So for an organization that is 
struggling with readiness, the shutdown does not help that. It 
sort of exacerbates that.
    But that said, ma'am, I think we are about 75 percent, 80 
percent there. In the next month or so, I think we are going to 
be back to a good place. Things like parts on the shelves, our 
big parts warehouses out in Baltimore, mostly staffed by 
civilians, and that is in Mr. Ruppersberger's district there, 
they are what we call the surface forces, logistics center, the 
warehouse. There is some catch-up ball. But if we have been 
able to pay our bills, restock our shelves, and we are on the 
road to recovery.
    The one thing we just can't get back is some of that 
deferred maintained. But we will get after that. The Coast 
Guard is a pretty darn resilient and adaptable force, ma'am.
    Ms.  Roybal-Allard. Well, I am sure that it is frustrating 
to be faced with these inefficiencies and wasteful byproducts 
of the shutdown when you have limited resources and that you 
have worked so hard to attain.
    Admiral  Schultz. Yes, ma'am.
    Ms.  Roybal-Allard. But I appreciate the fact that as 
always the Coast Guard does a lot with little.
    Admiral  Schultz. We are trying to change. I mean, we are 
trying to do more with more, but----
    Ms.  Roybal-Allard. And I am trying to help you change 
that.
    Admiral  Schultz. Thank you.
    Ms.  Roybal-Allard. Admiral, as I mentioned in my opening 
statement, we were pleased to be able to support the 
procurement of the new Coast Guard assets in our fiscal year 
2019 bill, including for of the first Polar Security Cutter to 
replace the aging Polar Star, and to begin to fulfill the needs 
of the Coast Guard in the Arctic and Antarctic. And I know you 
have prioritized expanding activities in the Arctic during your 
tenure. Could you highlight for us the importance of the 
missions the Polar Security Cutter will undertake?
    Admiral  Schultz. Absolutely, Madam Chairwoman. And we are 
very appreciative. The $650 million on top of the previous 
year's appropriations will allow us to do this contractor work 
here in hopefully the next 4 to 6 weeks.
    The Arctic is no longer an emerging area. The Arctic is a 
national priority. And today the Coast Guard is really the only 
surface presence up there. And we are not in the Arctic much. 
We were up there with our ice ship, the medium endurance 
breaker, medium breaker Healey, in the fall for serving three 
customers, National Science Foundation, Office of Naval 
Research, and the NOAA, National Oceanic and Atmospheric 
Administration.
    But that ship really--medium breaker, providing important 
science work that supports the Nation's interests there, or one 
heavy icebreaker is really limited to its annual trip down to 
McMurdo, the trip I talked about. We go down and we break in to 
the McMurdo ice station. This year, we broke through about 18 
miles of heavy ice. Last year, it was more than 70 miles.
    The U.S. Antarctic program is undergoing their major 
recapitalization. For the next 5 years, 4 or 5 years, they have 
got about a $450 million there. They are absolutely critically 
relying on the Polar Star and relying on the Polar Star's 
ability to make a path for the Ocean Giant, the replenishment 
ship. So we are at a critical juncture there.
    The first Polar Security Cutter, ma'am, absolutely just 
gives us some ability to replace Polar Star, and that is 
predominantly going to be focused on going to Antarctica. It is 
really when we get into Polar Security holes number two or 
three when we have some capacity to increase our presence. And 
I testified by noting presence equals influence in the Arctic. 
We won't really push into that until we are into those 
subsequent Polar Security holes, ma'am.
    Ms.  Roybal-Allard. Okay. I was surprised to see that the 
president's request proposes just $35 million to continue the 
Polar Security Cutter program, which I understand would simply 
continue, as you said, support for the program office. And I 
remain concerned that the administration's budget isn't aligned 
with the funding projections in your 5-year capital investment 
plan as well as the program of record for certain assets.
    Do you feel confident that the fiscal year 2019 
appropriation is sufficient for procuring the first PSC? And 
are you comfortable not having additional procurement funding 
in fiscal year 2020 for the long lead time material for the 
second PSC, for instance?
    Admiral  Schultz. Madam Chairwoman, I appreciate the 
question. First and foremost, the $675 million did include $20 
million towards long lead materials for the second Polar 
Security, as you and the committee know, and for that we are 
very appreciative. Third-five million does allow us to maintain 
the program. We have yet to award the detailed design 
construction contract, and that is imminent, as we talked 
about.
    There are clearly, if you go to our CIP, there was, you 
know, a bigger number there. There are clearly potential 
advantages in buying additional long lead materials earlier, 
such as azimuth pod propulsors and things like that. There are 
some, you know, economic benefit of buying those early and 
buying them in quantity. But we can absolutely press forward 
with the $35 million on the Polar Security Cutter, anticipating 
a larger number in the 2021 budget, as we start marching 
towards the second Polar Security Cutter acquisition.
    Ms.  Roybal-Allard. OK. Mr. Fleischmann.
    Mr.  Fleischmann. Thank you, Madam Chairman. Again, 
Admiral, thank you for being here and for all that you do for 
our great nation.
    Admiral, in fiscal year 2019, in the omnibus, the conferees 
provided $340 million, sir, for six new fast response cutters. 
On increase over the 2019 budget request, there are still 
cutters outstanding under the program of record. The 2020 
budget request only provides $140 million for two new cutters. 
Admiral, why is the Coast Guard proposing a reduction to this 
program? And my question would be, are the cutters no longer 
needed, sir?
    Admiral  Schultz. Let me start in reverse order, if I 
could, Congressman Fleischmann. The cutters are absolutely 
needed. We would love to continue momentum towards our domestic 
program of record of 58 fast response cutters with the support 
of the Congress. We have four of six that are overseas deployed 
in support of the naval central Fifth Fleet commander working 
for CENTCOM that you also funded, and I think that is a great 
story.
    Ideally, 58 fast response cutters domestically, six fast 
response cutter to support our contributions to the CENTCOM 
theater, that would be the desired end state. The two fast 
response cutters in the 2020 budget are really a reflection of 
the reality, and we are one of 22 agencies that resides within 
the Department of Homeland Security. As a service chief, as 
component head, I am tasked to manage to a top line.
    We talked about the readiness challenges, a little bit of 
flat funding for the good part of the last decade here under 
the BCA levels. And, sir, bottom line it comes down to making 
trade space in the budget to support the OPC and other ongoing 
acquisitions programs.
    Mr.  Fleischmann. Yes, sir. Thank you. The building 
contract stipulates that orders are to be made in increments of 
four, six or eight cutters. Will the contractor accept an offer 
to build only two cutters?
    Admiral  Schultz. Sir, we will have to go back to the 
contract, if the enacted budget reflects the two. We will have 
to see what the maneuver space there, how we can work on the 
shoulder appropriations here, sir.
    Ideally, we have seen tremendous support from the Congress 
here on our--what we now call PC&I, our former AC&I acquisition 
budgets. Just frankly, I think on average, the committee and 
the Congress has plussed us up about $600 million, and the FRC 
program has been, I don't want to say a favored program, but a 
program that the Congress has very much embraced. So there is a 
little bit of, I guess, aspirational strategy as we had to play 
to a top line here, too, sir.
    So we will work and see what is in the realm of contractual 
flexibility and maybe hold out a little bit of hope that this 
might be a program that Congress remains keenly interested in 
supporting.
    Mr.  Fleischmann. Thank you, sir. Is the $140 million an 
estimate on OMB's part for the cost of two cutters? Or is the 
price stipulated in the contract?
    Admiral  Schultz. Sir, I have to go back and give you an 
answer. The $140 million is the two hulls and some other 
program, I think, costs in there. But, sir, I would like to 
take that one for the record and circle back with your staff, 
if that is amenable to you.
    Mr.  Fleischmann. That is fine, sir. Yes, sir. After the 
funding in 2019, how many cutters remain outstanding on the 
program of record, out of how many total, sir?
    Admiral  Schultz. Sir, I have got to get you back on the 
numbers. We are starting the crew, an additional four in the 
2020 budget, so we just took acceptance of the 33 hull down in 
Key West last week here. I had the privilege of commissioning 
the 31st.
    I believe at the end of the day, sir, with the proposed 
number, that it gets us to 54. But I would like to bring that 
back to you on that other question. I will just pair those two 
together, if that is adequate.
    Mr.  Fleischmann. Yes, sir. I see also that once again the 
budget proposes to skip a year of funding and acquisition for 
the HC-130J project. I know the HC-130 is important. To quote 
the budget request, HC-130J is a major contributor to 
performance of the Coast Guard's statutory missions with 
specific contributions to DHS and the Coast Guard program of 
maritime law enforcement, maritime response, defense 
operations, and maritime transportation system management.
    Admiral, I am probably not the only member of this 
subcommittee with this question. But what is the rationale for 
eliminating the funding in the 2020 budget request, sir?
    Admiral  Schultz. So, Congressman, on the HC-130J program, 
the HC-130J are absolutely great aircraft. C-130s writ large 
are great aircrafts. The Js are going to get us a leap forward 
in technology. We fielded the first two Js of the fleet we have 
to date up in Alaska, and by the end of this fiscal year, we 
will have five C-130J operating from Kodiak. Then we will roll 
into our second air station next year out in Barbers Point.
    The 2019 omnibus included funding for a 16th C-130J. We are 
absolutely appreciative of that. Not a surprise to the 
committee, but we have not included the C-130Js in our budget 
ask in previous years. That is, as we make top-line decisions, 
that is one that just has not been able to fight into the mix. 
But the Congress has seen fit that that aircraft is absolutely 
essential to our maritime patrol, long-range force laydown, 
sir, and I think I will constrain my answer to that.
    Mr.  Fleischmann. Yes, sir. Thank you, Admiral. Madam 
Chairwoman, I yield back.
    Ms.  Roybal-Allard. Mr. Cuellar.
    Mr.  Cuellar. Thank you, Madam Chair. And, Admiral, it is 
good seeing you.
    Admiral  Schultz. Good to see you, sir.
    Mr.  Cuellar. We spent a couple days this weekend in my 
lower part of my district, in the McAllen area, with Senator 
Jon Tester. Let me go over a topic that we talked about 
yesterday, and that was--as you know, the Coast Guard has 
probably the best re-enlistment rate of any military branch. 
Around 92 percent of the first year Coast Guard re-enlisted 
last year, and more than 40 percent of the Coast Guard enlisted 
recruits are still active after 20 years, and I believe 60 
percent of your officers stay active after 20 years or more.
    But there seems to be a problem with females, in one 
particular category. Coast Guard is losing nearly 50 percent of 
the year group between 10 and 12 years of service among your 
female officers, and so my question again is, what are we--you 
know, why is that happening? And what are you all doing to make 
sure we keep them----
    Admiral Schultz. Yes, sir. Well, thank you for the 
question. And thank you for the privilege of traveling with you 
throughout lower Texas there. That was very insightful I hope 
for Senator Tester. It is always a pleasure for me to get down 
there and see what our DHS team is doing, sir.
    You know, on women's retention, we are taking the final 
results of a women's retention study I believe next week, if 
not the following week. This has been a yearlong effort. We are 
very excited to better understand decisions women make. If you 
look at our ranks, across our ranks, officer, enlisted, 
combined, we are less than 15 percent women Coast Guard 
employees in the workforce. That is approximately 50 percent. 
So we are not competing to maximum advantage that we need to.
    What we found in that study in the initial results are, you 
know, the first 0 to 4, 0 to 5 years of enlisted member, 
woman's career, or female woman officer's career, the pace is 
pretty steady. From about 5 years to when you get out here to 
the--you know, about the next 12 years of their career, you 
start to see a delta. That delta is somewhere between 12 
percent and 13 percent. It is pretty consistent in both the 
officer and enlisted ranks. So it is not the 50 percent delta, 
but it is about a 12 percent difference.
    And what we are trying to do is really understand, what do 
we have to do in there? And what adjustments can we make to 
make sure the Coast Guard is, you know, an employer choice for 
all men and women? We do have some challenges there, and I 
think the study has helped us understand that.
    We went out and did focus groups in more than a dozen 
locations in the Coast Guard. We spoke to more than 1,000 
women. And this was from Alaska to Hawaii, East and West Coast, 
the Great Lakes, Gulf of Mexico. We had a great dialogue. We 
had some men sitting at the table to understand the impacts 
that are not just specific to women's retention, so we could 
segregate out the facts.
    And, sir, I think we have an action plan. I have stood up 
when I came onboard here and we have actually got the bodies in 
place, a seven-person team, what we call the personal readiness 
task force. Sometimes in the past, we have done studies, but we 
have not done a good job of actioning studies. This task force 
has been poring through the early reads of the plan. They are 
waiting for the final results. And we are going to get off to 
the races and do some things that make us an employer choice. 
Equally so, hopefully we can drive up that women's retention.
    And some of that, sir, is more flexible policies, flexible 
policies for family members, for child givers, you know, 
caregivers. We bumped up--it is 41 days, just shy of 6 weeks, 
for child birth, for a new mother, a new parent. And then there 
is an additional 41 days, gets you a total of 12 weeks, 
secondary caregiver is upwards of 3 weeks. So that is about the 
max we can go. I don't think any other service is quite as 
forward leaning as that.
    We are looking at focusing on areas like child development 
centers. That is obviously an issue as we look at this early 
results that affects people's lives. We are a geographically 
disperse workforce along the coast in many high cost areas. 
Childcare ranges from $1,000 a child on the low end to $2,500 
on the high end. And the committee was wonderful in giving us 
$2 million last year for childcare subsidy. I have got about 
1,060 children enrolled in that. And I would say more than 50 
percent are in those high-cost areas. So that is is very 
helpful. And, sir, we are just leaning in to make a difference 
here.
    Mr.  Cuellar. All right. Well, thank you for that. And just 
to finish this, I also appreciate the partnerships that you 
have with the minority serving institutions.
    Admiral Schultz. Absolutely.
    Mr. Cuellar. And if you don't mind, maybe one of your 
staffers can give us a list as to who you are working with, we 
would appreciate it.
    Admiral Schultz. Absolutely.
    Mr. Cuellar. Because that is good for pools of applicants, 
but also in the STEM areas and other areas it will be helpful, 
too.
    Admiral Schultz. Absolutely.
    Mr. Cuellar. Not only to you, but to your country.
    Admiral Schultz. Yes, sir. We have a lot of good news 
stories going on, and we will get you a list of that, and would 
welcome your interest in participating with any of those 
institutions, sir.
    Mr. Cuellar. Thank you so much.
    Admiral Schultz. Yes, sir.
    Mr. Cuellar. Thank you. Thank you, Madam Chair.
    Ms. Roybal-Allard. Mr. Newhouse.
    Mr. Newhouse. Thank you, Chair Roybal-Allard.
    Admiral, welcome to the committee.
    Admiral Schultz. Thank you, congressman.
    Mr. Newhouse. Thank you for your leadership and the work 
you do with the men and women of the Coast Guard as they carry 
out their mission. We appreciate it very much. Thanks for the 
update today on how things are going.
    I am interested in your--I guess your unmanned systems. I 
understand that you have had some experience recently with 
those. The Stratton, I believe, is the ship that----
    Admiral Schultz. Stratton is a national security cutter, 
absolutely, sir. We have deployed what we call a small UAS--and 
I don't want to get ahead of your question, sir.
    Mr. Newhouse. No, that is--I just wanted to give you an 
opportunity to talk a little bit about that, educate us 
somewhat on how that complements the NSC's operations, and how 
could you--or how could we together expedite that?
    Admiral Schultz. So with the support of the committee, sir, 
we are now fielding a recent contract award in December to 
Insitu. They make the ScanEagle. It is a small UAS, about 8-
foot wingspan.
    Mr. Newhouse. Just happens to be in Washington State. That 
is a coincidence, I am sure.
    Admiral Schultz. Sir, you can launch that ScanEagle off the 
back of a flight deck on a national security cutter. It is got 
about a 12-hour endurance profile. The cutters that have sailed 
with that, on some of the prototype work we did, the sailors 
don't want to go out without it again. It is that much of a 
game-changer. It is terrific.
    The National Security Cutter Stratton that you spoke about, 
I think, had the ScanEagle involved in about 28 interdictions 
tied into the removal of 40,000 pounds of illicit cocaine at 
sea.
    Mr. Newhouse. Oh, my.
    Admiral Schultz. So there is a lot of potential. We are 
the--there is a $9.2 million ask in the 2020 budget here that 
is before you. That will allow us to put small UAS capability 
on two NSCs a year. One of the things I said in my state of the 
Coast Guard, I would love to see if there is a means to 
possibly accelerate that, because it is truly game-changing 
capability.
    We are actually doing with a little bit of money we had in 
prior years' appropriation. We have done a land-based test in 
Puerto Rico back last spring, and here in early April we are 
going to do another land-based test down out of Corpus Christi, 
TX, as well, so fantastic capability at sea. We are trying to 
see what this might do as a land-based opportunity, as well, 
sir.
    Mr. Newhouse. As well as at sea.
    Admiral Schultz. As well as at sea.
    Mr. Newhouse. It certainly seems like it extends the reach 
of the Coast Guard and it extends your capabilities, so it is 
exciting to be able to watch this technology be put in place.
    Admiral Schultz. Congressman, we have a national security 
cutter in the Eastern Pacific where 85 percent of the drugs 
transit at sea. That area is--if you took the United States and 
sort of turned it about 30, 40 degrees its axis, that would sit 
in the Eastern Pacific. We have the equivalent of about six to 
seven ships there on a given day, Coast Guard cutters. That 
would be like patrolling North America with six or seven police 
cars.
    Mr. Newhouse. Wow.
    Admiral Schultz. The key enablers there are over the rise 
in boats. Our national security cutters can deploy three boats. 
It is really maritime patrol, aircraft responding to 
intelligence. It is far reaches. These ships are going out west 
of the Galapagos. So a maritime patrol airplane comes out there 
in response to intelligence, has an hour or 2 on-scene, finds 
the target. That national security cutter is still hours away. 
The plane runs out of gas. You can use all your planes just 
staying on top.
    The UAS allows us to bridge that gap. We can get that UAS 
50, 70 miles away from the ship. That is 3 or 4 hours of time 
you buy where the UAS sits on top, whether it is electrical, 
optical, infrared. The smugglers do not see it. The ship can 
see what is going on. When they get there and launch their 
boats, it is a much safer situation.
    So truly game-changing impactful capability, and we are 
very appreciative of the committee's support for the 
capability.
    Mr. Newhouse. Good, good. Well, we look forward to 
continuing working with you on that.
    Admiral Schultz. Sure, thank you for the question.
    Mr. Newhouse. Yeah, thank you for your answer. Thank you, 
Madam Chair. I will yield back.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. Yeah, first, Admiral, I have a lot of 
respect for the Coast Guard. I really didn't work with the 
Coast Guard until I came here. You always seem--you seem to be 
there for our Americans whenever you need to be. You don't have 
a lot of money. I think it was a good move for you to come into 
the umbrella of Homeland Security, and I think you are probably 
the most competent operation that we have there.
    And I hope we can help the others bring up to where you 
are. And you have been underfunded. And people on this 
committee are going to try to help you any way we can. And I 
know the chairman and ranking member feel that way, too.
    As you said, I represent a portion of the Coast Guard yard 
in Curtis Bay. We were able to secure about $25 million in the 
recently passed omnibus to address your need for a new travel 
lift. And it is essential infrastructure which will allow those 
stationed there to performed dry dock maintenance on their 500-
ton, 150-foot fast response cutters.
    Now, this was listed as one of the top three major 
acquisition systems, infrastructure projects on the Coast 
Guard's unfunded priorities list. My question--does the $25 
million cover the full cost of the project? And could you 
provide a tentative timeline for its completion?
    Admiral Schultz. Absolutely, Mr. Ruppersberger. So, first 
off, appreciate the committee's--I think it was $22.5 million 
towards that project. We have a program, what we call the RDAP, 
recurring depot availability program. We have been doing that 
with the 87-foot coastal patrol boats at the yard. It has been 
a very great program, great results. We are modeling that for 
these new fast response cutters we are fielding.
    The $22.5 million buys us the infrastructure for the pier 
work, some building work. There is a paint booth component of 
that. There is actually about another $5 million piece for the 
actual travel lift, but we are going to be able to support that 
through the capital working fund the yard has. So that is the 
appropriate way to fund that.
    So I think, sir, at the end of the day, we should be in 
good shape. And I think it is 2021 and 2022--2021 I think will 
be--we will have some of that infrastructure work, 2022 we 
should have that facility up and running, sir.
    Mr. Ruppersberger. All right, the other question I have is 
the icebreaker. I know our chairwoman cares very much about 
this. The Russians consider the Arctic to be the next frontier, 
with environmental changes, ice and permafrost is retreating, 
exposing valuable land and navigable waterways. New 
opportunities are rising for oil and gas drilling, as well as 
access to untouched fisheries.
    Now, we have both Russia and China have recognized this 
development and are scrambling to establish a foothold in the 
region. In this regard, America is coming up short. Russia 
currently has 44 working icebreakers, seven of which are 
nuclear-powered, while the United States has two in operation. 
You just said maybe even one. And I know putting new breakers 
in the water is just as high a priority for you as it is for 
all of us I think on this committee.
    Now, my question is, what impact would an unchecked 
Russian-China presence in the Arctic region have on our 
national security and sovereignty? Also, there is a moratorium 
on fishing and unexplored, untapped oil reserves in the Arctic 
outside of our exclusive economic zones. Do you feel that 
without American assets in the region, we will be able to 
enforce international law and stake our claim to the natural 
resources?
    And lastly, I have heard in the past that the Coast Guard 
needs three heavy and three medium icebreakers to counter 
Russia and China's influence in the Arctic. Is this number 
still accurate, so we can focus our goals to help you?
    Admiral  Schultz. Yes, sir. Well, let me start in reverse 
order. So my strategy--I have talked about consistent with the 
high latitude studies has been a minimum of six icebreakers. I 
frame that conversation as three that are Polar Security or 
heavy breakers, like the one we are talking about awarding here 
in the coming weeks, and then three potential medium or less 
capable breakers.
    There is probably a conversation that is some hybrid of 
that, but that is consistent with the high latitude study. 
Russia does have upwards of four dozen icebreakers, and your 
numbers are correct, seven nuclear, building more breakers.
    I would say the Russian Arctic, you know, when you look at 
Russia's border in the Arctic, they do have a long Arctic 
region. We are not sensing Arctic presence here off of the U.S. 
Alaska Arctic. But Russia is deriving 20 percent of their GDP 
from the Arctic. They are re-establishing themselves in bases. 
They are looking at taxing northern sea routes, shipping.
    So they are going to derive a lot of economic benefit, 
which makes Russia a more difficult global partner here, I 
think, when their economy gets stronger. Right now, they are 
meddlesome. With more resources, they are more meddlesome, more 
globally reaching.
    Up in the Arctic here off Alaska, where we are really 
looking to project more presence. You know, presence does equal 
influence. China has been up there, you know, 4 of the last 6 
or 7 years with the Xue Long, their research ship. They have 
just launched the second icebreaker, the Xue Long 2, last 
summer. I anticipate that being operational in the not-too-
distant future. They are talking about building a heavy 
breaker.
    They are not an Arctic nation. They are a near Arctic self-
declared state. And they are up there. They are doing--you 
know, obviously, they have interest. They are paying attention 
to us fielding fifth-generation fighters to places like 
Elmendorf. They are paying attention what we are doing with 
undersea cabling.
    As you mentioned, Arctic is rich in natural resource. About 
13 percent of the untapped petroleum are in fairly shallow 
water depths up there for potential deriving here for our 
energy needs, 30 percent of the untapped LNG, trillion dollars 
of rich minerals that we care about. So the Arctic is a 
geostrategically important place, sir. And we do need to pay 
attention what China is doing.
    China is also in the high latitudes of Antarctica. They are 
building additional science stations down there. And I think 
the Coast Guard, as the face of the U.S. surface capability in 
the high latitudes, you know, we can't get there fast enough. 
My strategy was six, three, one. The one was now. And with the 
help of this committee, we are going to get after that one 
here. So that is a great--this is 12 years in the making, and 
we are very appreciative of the committee's support.
    Mr.  Ruppersberger. Well, I know the chairwoman feels that 
way, too, so this committee is going to try to help you any way 
we can because it is national security.
    Admiral  Schultz. Thank you.
    Ms.  Roybal-Allard. Because I call on Mr. Palazzo--I 
apologize for that discussion that was back here--but we are 
being told that votes are going to be in just a few minutes. So 
it will be an additional 15 minutes that we will have. So if 
everybody can ask their questions the first round, and because 
otherwise you may have to be here for a half hour to 45 
minutes.
    Admiral  Schultz. Yes, ma'am. I will try to shorten my 
answers, too, ma'am. I apologize.
    Ms.  Roybal-Allard. Okay. So, Mr. Palazzo.
    Mr.  Palazzo. Thank you, Madam Chairman. Commandant----
    Admiral  Schultz. Good to see you, sir.
    Mr.  Palazzo. Great to see you, too. Really appreciate what 
your coasties are doing. I know the shutdown was tough on them 
and their families, and hopefully moving forward legislatively 
we can find a way that that doesn't happen again. But we 
appreciate their service and especially their sacrifice. Please 
pass that message along on behalf of this whole committee. I 
think one--you are going to find some bipartisanship when it 
comes to our Coast Guard here.
    My remarks pretty much aren't new to your predecessor. I 
think I have asked some of these same questions. And there has 
been a lot of talk about the southern border, but there is also 
a maritime border. And I think coast states and eastern and 
pacific, as well, it is a border that we take very seriously.
    And I know just from news reports in February of 2019, I 
believe you all, the Coast Guard sees 17 tons of cocaine, that 
is almost 35,000 pounds of street value of almost $500 million. 
And I think the more that we squeeze the southern border to 
secure it, to protect Americans, we may be seeing some 
increased activity on our seas and in our maritime domains.
    Can you tell me a little bit about what the Coast Guard is 
doing on the war on drugs? Again, last year, you seized--more 
than half of all cocaine seizures came from the United States 
Coast Guard, which, by the way, thank you for keeping those 
deadly drugs out of our communities and out of our states. I 
think it is extremely important. But I will give you a moment 
to talk about it.
    Admiral  Schultz. Sure. Well, Congressman, I would say 
this. Thank you for the support. I mentioned earlier we 
interdicted about 209 metric tons last year. If you look at the 
last 3 years, 1.4 million pounds of illicit, uncut cocaine. We 
rolled up about 1,600 smugglers at sea. Our Coast Guard 
strategy is to push the border far from U.S. shores. So we push 
the border about 1,500 miles off the coast of southern 
California, off the Gulf Coast.
    We interdict large loads of cocaine at sea when most 
vulnerable. Those drugs--their destination isn't California by 
sea. Their destination is Mexico. Their destination is 
Guatemala, El Salvador, the Central American corridor, where it 
gets broken down into smaller loads, associated violence, 
corruption. It creates instability in governments. So those are 
the push factors that have people, families like ourselves with 
children that live in Honduras, El Salvador, Guatemala, the 
northern triangle country, that make the difficult decision, 
because there is no future for their children in their home 
countries, to send them up through Mexico to try to get to the 
southwest land border in Texas and California.
    So our work, I think, is absolutely seminal. It is 
apolitical work. I think there is bipartisan agreement that 
stopping those drugs at sea do help the push factors. And we 
are very proud of the work we do down there. We partner with--
CBP provides, you know, almost 40 percent, 50 percent of the 
maritime patrol aircraft.
    We partner with international--with U.S. Southern Command. 
So I am a force provider of the Coast Guard to SOUTHCOM. We 
commit to four ships around the calendar year. We strive to be 
somewhere six to eight ships. We are about 6.7, 7 plus the last 
couple years, and we remain committed. It is consistent with 
our Western Hemisphere strategy, sir, and we remain committed 
to the fight.
    Mr.  Palazzo. And we are glad you are committed to that 
fight, and we want to give you the continued resources.
    Admiral  Schultz. Yes, sir.
    Mr.  Palazzo. Whether it is ships or technology or the 
UAS's that Congressman Newhouse mentioned, to expand your 
ability to--I want my colleagues to have time to answer, but I 
can't pass this question up. The Jones Act, why is it important 
to our economic and national security?
    Admiral  Schultz. Sir, the Jones Act--my predecessors have 
stood for the Jones Act. The Jones Act is important to the 
security of the nation. The merchant fleet here, our ability to 
move military supplies in a military outload to support--let's 
say we had a large theater war in the Pacific and that part of 
the world. That is important.
    You know, I think economically, you know, folks have 
invested in that. The Jones Act gets attacked that there are 
cheaper ways to do business. I would say, I think there is a 
lot. The Jones Act has been in place here for about 100 years 
here, and it serves a very important--continually important 
service.
    I think before there is any meddling with the Jones Act, 
people should really step back and have an informed 
conversation about all the puts and takes and the impacts to 
national security.
    Mr.  Palazzo. Thank you, Commandant. I yield back.
    Admiral  Schultz. Yes, sir.
    Ms.  Roybal-Allard. Mr. Price.
    Mr.  Price. Thank you, Admiral. Good to have you here with 
us. I will shorten my comments here and ask a question very 
quickly. I think it is an important question.
    I don't want to pass by the opportunity to thank you for 
the good work your people did in North Carolina and the 
Carolinas generally with Hurricane Florence last summer. They 
saved many lives in my state, and we once again--the Coast 
Guard distinguished itself in these disaster----
    Admiral  Schultz. Sir, we are pleased to partner with your 
very capable emergency response folks in the state of North 
Carolina. It is a good team effort down there.
    Mr.  Price. Yes, sir. We know that is true, but you are the 
best, and we are very grateful. I want to move directly to your 
operations and support budget, which has been basically flat-
lined for the last 8 years. In your state of the Coast Guard 
2019 message, you mentioned that this has resulted--and I am 
quoting you now--this has resulted in deferred maintenance, a 
strained and undersized workforce, and antiquated information 
systems.
    Let me, if I might, stress the workforce piece of that and 
ask you to comment on it. You are an extraordinary 
organization. You have always done more with less. But that 
shouldn't preclude you from getting the funding increases you 
need. It doesn't make sense that you are providing--we are 
funding new vessels. We are funding new functions. But without 
an increase in maintenance funding, support for your personnel 
and their families, it just doesn't fit. All need to go 
together.
    So we want to know how we can best help you achieve your 
workforce goals. Where do you see the most urgent, unmet needs? 
And what is the overall challenge you have with respect to 
recruiting and retaining personnel? Are your benefits 
competitive? Are your salary increases competitive? I mean, 
what would be your prescription? More money, yes, but more--but 
maybe spending that money in some strategic ways. What would 
you suggest for addressing these needs?
    Admiral  Schultz. Yes, sir, thank you for that question. 
Consistent with my comment to the chairwoman about, you know, 
retention of women, we need to recruit in different places. We 
need to retain more--recruit and retain more underrepresented 
minorities, more women. There are some resource components, you 
know, recruiting, more recruiting officers.
    We cut back our recruiting officers years back to make 
space for capital assets. I would say when you look across the 
DOD services, tuition assistance is a benefit they give their 
folks, so you can do some college work and derive a benefit. We 
have capped our tuition assistance for active-duty members at 
50 percent. We were doing this every year, and it was very 
frustrating folks. We just said we can't get above 50 percent. 
That is a competitive tool.
    With the support of the--with the 2020 budget includes $2.7 
million to do tuition assistance for reservists. We have not 
offered a reservist tuition assistance in more than a decade. 
So if you are a young member in the Coast Guard and you have 
served your nation 4 years, 8 years, but there are other life 
callings you want to do, family situations don't always serve, 
I would like a reservist to look--or Coast Guard active duty 
member look and say, boy, I really love the culture, I love the 
work, but I have other things in my life. I have to take care 
of ailing parents. It is not, you know, my spouse's career.
    Offering tuition assistance to reservists is an attractive 
thing to keep them in. Right now they are jumping ship and 
going to go join the National Guard, drill in their local 
armory. We require them to drive 300 miles to drill because we 
don't have reserve people everywhere, but that ability to offer 
the reservists some tuition assistance is game-changing.
    I talked about child development centers. We really--you 
know, we don't live on big bases. If you go over here to JBAB, 
Joint Base Anacostia-Bolling, they have a state-of-the-art 
facility. They feed the kids. They are investing. They are 
hearing the noise about housing across the nation. There is a 
clarion call on DOD with all the defense leaders when they come 
up here about, what are you doing with housing? Less than 10 
percent of my workforce is in housing. Some of that housing is 
old. We have had very little money to invest in that housing.
    We have got a $1.7 billion backlog, so we are fixing broken 
roofs on buildings. But those things all, you know, factor into 
people's willingness to stay. It is the best workforce, 
brightest workforce we have ever seen. One of the big assets 
that will be coming forward in the 2020 budget has $14 million 
in the PC&I line item is for IT, or what we call C5I 
infrastructure, command, control, communications, computers, 
cyber, and intelligence. That used to be C2 when I was a young 
guy, command and control. But now our mission platform that 
supports all our technology is very old, congressman, and we 
have got to make some investments.
    So I think all these things factor into a Coast Guard that 
is attractive to the best and brightest in America. We have no 
trouble recruiting people. I want those people to stay in. And 
Congressman Cuellar talked about, you know, almost 40 percent 
are enlisted people go to 20, 58 percent of our officers go to 
20. Blended retirements start on the 1st of January, so at 12 
years now, you do a thrift savings plan, you derive a 2 percent 
benefit a year, so you get 40 percent plus your TSB, it is 
going to be hard to get folks to 20 unless they see the Coast 
Guard really committed.
    It is electronic health records. There is money in the 2020 
budget for that. We are appreciative. It is a sufficient number 
of docs and things like that, sir. So a lot of those things 
speak to that attractiveness and being an employer of choice.
    Mr. Price. Good, thank you.
    Ms. Meng. Thank you, Admiral, and thank you, Chairwoman. I 
will try to speed up my phrasing of the questions. Thank you 
for your service. Wanted to talk a little bit more about the 
workforce diversity in terms of if the Coast Guard is planning 
to allocate any funds, any steps you will be taking.
    And I know that the Coast Guard is releasing a study on the 
retention of women. And is there anything like that in the 
works in relation to diversity and recruitment?
    Admiral Schultz. Yes, ma'am. So working backwards, based on 
this study, it was through the HOSAC, working with Rand, our 
homeland security advisory group, we intend to launch a study I 
think as soon as this summer, an underrepresented minority 
study, about retention, attracting and retaining 
underrepresented minorities. We are using this women's 
retention study trying to get that perfected. I thought we 
would have these results maybe before the end of the last 
calendar year. With the shutdown, we lost a little time, but 
now we are kind of doing the puts and takes. We will get the 
final results.
    That will help us get out the door more effectively. So 
that is coming. This personal readiness task force is an action 
body. So you are going to see some--I made some announcements 
last week about where we have women, moms, new parents that 
step out of the workforce. In the past, if you are a small 
geographically remote unit, small number of people, and you are 
a woman and you are pregnant and you step out to go take care 
of your new child or adjust to your new family situation, there 
is a certain pressure on you, because your colleagues kind of 
feel like you are jumping ship.
    And now we are going to take reserve surge capacity, send a 
body to that chair--the work goes on, you can step out, we are 
trying to create a space where family and work are not mutually 
exclusive. You can find the balance. We are supportive. We are 
working on more permeability for the workforce, more 
flexibility.
    Ms. Meng. Thank you, sir.
    Admiral Schultz. Yes, ma'am.
    Ms. Roybal-Allard. Mr. Aguilar.
    Mr. Aguilar. Just real briefly, Admiral, specific to the 
kind of SOUTHCOM, you know, AOR in the Pacific, it is my 
understanding that our ability to identify drug smuggling in 
the Pacific, building off of what Mr. Palazzo was talking 
about, is far greater than our capacity to interdict.
    Admiral Schultz. Yes, sir.
    Mr. Aguilar. And so a good day on the water is equivalent 
to--from a value and a tonnage perspective, probably a year at 
a port of entry. And so what more can we do to assist in these 
efforts? We know you partner with other countries, and that is 
amazing, but what can we do? And is this an issue of we need 
more ships? Would adding a naval LCS to these efforts help, as 
well?
    Admiral Schultz. Well, I would say this, Congressman. 
Thanks for your question. Absolutely, that is part of the 
conversation here. The ships that we are building, continuing 
to focus on recapitalizing our offshore patrol cutters, 
replacing those 52-year-old, soon to be 60-year 210 cutters, 
the 30-plus-year-old 270s, the OPC program, if we can maintain 
momentum on that, that is essential. Things like the small UAS 
that Congressman Newhouse, asked about, potentially some 
longer-range MQ-9-type capabilities. We are interested in that. 
Maritime patrol aircraft, the C-130s are absolute contributors 
to that. CBP, continued support for CB pier and marine.
    I think those are the key enablers. You know, we can always 
use more ships. I am not going to sit here and say, you know, a 
Navy combatant--I understand the demands on the CNO. He has got 
an increasingly difficult--Russia, we talked about that 
earlier. He has got a lot of challenge and problem sets in the 
South China Sea. The Navy lost a couple missile shooters here, 
you know, the Fitzgerald and the McCain.
    So I would say maintaining momentum on what we are doing 
and some of the people things I think would make us the most 
ready Coast Guard we could be.
    Mr. Aguilar. We would love to talk about future resources. 
Thank you.
    Admiral Schultz. Yes, sir, thank you.
    Ms. Roybal-Allard. Admiral, I apologize for us all having 
to leave.
    Admiral Schultz. Madam Chairwoman, I understand.
    Ms. Roybal-Allard. We will submit others for the record.
    Admiral Schultz. Yes, ma'am.
    Ms. Roybal-Allard. And thank you very much.
    Admiral Schultz. And thank you for the privilege of being 
here. Thank you.
    [Material submitted for inclusion in the record follows:]
    
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
      

                                            Tuesday, April 2, 2019.

                 TRANSPORTATION SECURITY ADMINISTRATION

                                WITNESS

HON. DAVID PEKOSKE, ADMINISTRATOR, TRANSPORTATION SERCURITY 
    ADMINISTRATION
    Ms. Roybal-Allard. The Subcommittee on Homeland Security 
will come to order.
    Administrator Pekoske, I want to welcome you to your first 
hearing before this subcommittee.
    We are pleased to have you testifying before us today.
    Members of the public likely interact with the TSA and its 
employees more than any other component of the Department of 
Homeland Security.
    While air travelers do not always express their gratitude 
during the process, we do appreciate what the TSA and its 
employees do to protect our nation.
    During the partial government shutdown earlier this year, 
TSA personnel worked without pay. This was a burden for 
transportation security officers, in particular, because they 
earn much less than other civil servants. TSA workers overcame 
great personal hardship to continue carrying out their duties. 
There were even reports of personnel sleeping in their cars 
because they could not afford the costs of continuing to come 
work.
    I hope you will convey our continued support and 
appreciation for your workforce. I know that you share our 
concerns and have been an advocate for them.
    After making significant new investments in your workforce 
and to equip it with advanced security technologies in the bill 
for the fiscal year 2019, I was disappointed to see that the 
president's fiscal year 2020 budget proposes a cut to TSA's 
funding.
    Many of the cuts are repeats from the past 2 years based on 
the elimination of activities that the Congress has repeatedly 
voted to continue--the Visible Intermodal Prevention and 
Response teams, known as VIPR; the law enforcement officer 
reimbursement program; and TSA staffing at exit lanes.
    There is also a disconcerting mismatch between the budget 
and the expected growth in travelers, and once again, the 
budget relies on a proposal to increase the passenger security 
fee, which is outside of the jurisdiction of this committee and 
is unlikely to be enacted.
    Mr. Administrator, I know the budget request reflects the 
funding limitations you are forced to live under, but it will 
be difficult to fill in the funding holes that the budget 
creates. We look forward to hearing more about the budget 
request for fiscal year 2020 and whether it would provide the 
resources that you need to support your critical missions.
    Thank you again for joining us, and I look forward to our 
discussion. I would now like to turn it over to the 
distinguished gentleman from Tennessee, Ranking Member 
Fleischmann.
    Mr. Fleischmann. Madam Chair, thank you, and, Mr. 
Administrator, thank you. I apologize for the delay. We have 
been voting on the floor. It has been extremely busy today.
    Mr. Administrator, I echo the chairwoman's thanks for 
coming to testify before the subcommittee today on the 
Transportation Security Administration's fiscal year 2020 
budget request. Thank you, sir, for reaching out last week to 
meet with me and my staff in your budget priorities. I really 
appreciated that. Put a lot of things in perspective.
    I know we talked about this when we met, but I just wanted 
to reiterate on the record what an outstanding job the TSA team 
does in Chattanooga at the Chattanooga Airport. I actually told 
them that I met with you and I appreciate that.
    With all the traveling we do between our districts and DC, 
you can have a great experience or a lousy experience, and 
often that experience can start with the TSA screening process. 
For many Americans, TSA might be the only face-to-face 
interaction they have with a homeland security employee. You 
have a great group in Chattanooga, sir.
    I will have some questions as we move into that part of the 
hearing. I look forward to your testimony, sir, and I thank you 
for your time today. Madam Chairman, I yield back.
    Ms. Roybal-Allard. Thank you. Before your testimony, just a 
few--I look forward to your testimony. And we will put the full 
statement into the record.
    Mr. Pekoske. Chairman Roybal-Allard, Ranking Member 
Fleischmann, distinguished members of the subcommittee, thank 
you very much for the opportunity to appear before you this 
afternoon concerning the president's fiscal year 2020 budget 
request for TSA. I value your oversight and support and thank 
you for your critical contribution to our mission's success.
    It is an honor and privilege to lead the men and women of 
TSA, and I very much appreciate both of your comments on the 
TSA workforce this afternoon. In my view, they embody our core 
values of integrity, respect, and commitment, and as both of 
you have mentioned, that commitment was so plainly evident 
during the recent 35-day lapse in appropriations.
    I am immensely proud of this team of professionals who 
include screeners, explosive experts, canine handlers, 
intelligence and vetting personnel, domestic and international 
inspectors, federal air marshals, providers of critical support 
services, and a highly skilled headquarters staff. It is our 
mission to ensure that our transportation systems used by 
hundreds of millions of people per year and a lifeblood of our 
economy remain secure. We are hard at work, and with your help, 
to provide better security faster.
    This includes the CT, or CAT scan X-ray technology you 
funded in fiscal year 2018 and fiscal year 2019 for carryon 
bags at our screening checkpoints, and its continuation in the 
president's budget request for fiscal 2020. It also includes 
the credential authentication technology, or commonly referred 
to as CAT by its acronym, that you similarly supported to 
strengthen our performance at the very first position in our 
screening checkpoints, the increase in the numbers of screeners 
to reflect the strong and sustained growth in passenger air 
travel, and increases in our canine capability for both 
passenger and air cargo screening.
    The fiscal year 2020 request seeks $7.2 billion, partially 
offset by $4.2 billion from the aviation passenger security 
fee. It has two overarching priorities. The first is continued 
investment in checkpoint technology, in particular the CT, or 
CAT scan technology, and the credential authentication 
technology. And I will talk about each one separately for just 
a few moments.
    First, with respect to the CT, or CAT scan X-ray 
technology, 5 days ago, we were awarded our first major 
contract for 300 X-ray systems. Your demonstration of support 
for this long-term acquisition was key to our success in 
obtaining a price that was substantially less than our budget 
estimates. Not only will this technology provide vastly 
superior security, but it will also be more convenient for 
passengers, eventually eliminating the requirement for 
passengers to take laptops, liquids, aerosols, and gels out of 
their carryon bags. The fiscal year 2020 request contains $221 
million for approximately 320 more of these X-ray machines and 
the associated baggage handling systems.
    The second piece of the technology is the credential 
authentication technology. And the fiscal 2020 budget continues 
the large-scale investment in this technology, deploying 
approximately 500 additional CAT units that will improve 
identity and travel verification, improve risk management, and 
also result in more convenience for passengers who will no 
longer need to present their boarding pass in most situations 
at the screening checkpoint.
    The second key priority, first being technology, the second 
is right-sizing our workforce. As you have noted, commercial 
air travel continues to grow at 5 percent per year. This 
requires an increase in the size of our screener workforce and 
the staff who support them. This budget seeks over 1,000 
additional screener positions that will allow us to maintain 
our screening throughput standards.
    Additionally, we have been hard at work in raising the 
global bar of aviation security. This effort is focused on 
security measures at the 280-plus last point of departure, or 
LPD, airports around the world. An increase in our 
international footprint is needed and is requested in this 
budget.
    Finally, to respond to a changing threat, we revised our 
concept of operations for the federal air marshal service that 
allows us to make a modest downward adjustment to the size of 
this very important component of TSA, while enhancing 
operational effectiveness.
    I would also note that we have identified efficiencies in 
certain aspects of TSA operations that results in approximately 
$160 million of program reductions to partially offset the need 
for growth in other areas.
    In closing, I appreciate the opportunity to discuss TSA's 
resource needs at today's hearing. I hope you and your staffs 
have found us very responsive to your requests for information. 
I am committed to being as open and transparent as possible and 
am always available to discuss any aspect of TSA's operations 
with you.
    I look forward to responding to your questions this 
afternoon. Thank you, Madam Chair.
    [The prepared statement of Mr. Pekoske follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
    
    Ms. Roybal-Allard. Thank you. Administrator, as I mentioned 
during my opening statement, TSOs and other TSA personnel 
diligently worked without pay during the recent partial 
government shutdown. Can you tell us how TSA managed this and 
kept its workforce on the job and whether the shutdown has had 
an impact on recruitment or retention?
    Mr. Pekoske. Yes, ma'am. The way we managed it is 
multifold. First and foremost, one of the things that I saw 
when I first came into this position over a year-and-a-half 
ago, as I traveled around the airports around the country, was 
the deep commitment of the men and women of TSA to the mission. 
This is a mission that compels performance on the part of men 
and women in this agency.
    As I said in my opening statement, I saw that commitment up 
close and personal during the 35-day lapse in appropriation. I 
think that was a significant driver for people to continue when 
it was very hard to report for work and do a very difficult 
job, but they all recognize how critical it is to the safety 
and security of passengers going through our systems.
    Additionally, thanks to the authority that you provided in 
law, we have a 2-year appropriation for our operations 
accounts. And so that allowed me to use unobligated fiscal 2018 
funds, and we were able to do a number of novel things as a 
result. We were able to, for example, provide bonuses to our 
frontline screening workforce, with the idea to get as much 
cash into their checking accounts as we possibly could. And so 
that was one aspect that we were able to exercise because of 
the unique authorities that TSA has.
    Additionally, we were hugely rewarded, I think, by our 
airline and airport partners for the dedication of that 
workforce. Across the entire system, we had expressions of 
generosity and donations of food and other support to our 
frontline workforce that really was very meaningful to them.
    Additionally, passengers as they were going through the 
screening checkpoints, recognized the fact that the screeners 
that they encountered, if they are a regular traveler on a very 
routine basis, were now working, going on at the very end of 
the shutdown for almost 5 weeks without receiving pay. And just 
the expressions of appreciation, gratitude, and the fact that 
passengers expressed that they valued the work that the TSA 
workforce was performing meant an awful lot to the workforce.
    Finally, I would say that from my perspective my focus is 
always going to be on the frontline of the organization. And I 
have asked all of the leaders within TSA to similarly focus on 
the frontline, to walk around, have a conversation, understand 
what challenges our employees might be dealing with, and do 
whatever they can to remedy them. And so we have essentially 
used the authorities the Congress has provided to the fullest 
extent of the law, and I think that has paid us big dividends.
    And the shutdown impact, with respect to attrition, has 
been so far actually less attrition, but I am fully mindful of 
the fact that, you know, individuals sometimes make a decision 
to stay or leave employment with an employer, but don't 
exercise that action for several months afterwards. And so we 
are going to keep a very close eye on our attrition rates. But 
so far, immediately after the shutdown, they are lower than 
what we have had in the past.
    Ms. Roybal-Allard. Okay. And what lessons did you learn 
during this period that would be relevant in the future if we 
have another shutdown or some similar type of situation?
    Mr. Pekoske. A couple of key lessons. One is, first and 
foremost, to continue to have that appropriations flexibility, 
so that we can look at 2 years' worth of appropriations versus 
just one. The second is to take a look at potentially--and I 
know there are a number of bills up here on the hill--to look 
at potentially making the aviation passenger security fee 
available to TSA either on a regular basis or during a lapse in 
appropriations. And that would give us a funding base to be 
able to pay the men and women within the agency.
    The other thing that is really important to emphasize here 
is that the screening workforce comprises the vast majority of 
TSA, roughly 50,000 of 63,000 employees. But there are an awful 
lot of employees that were also similarly working that weren't 
visible to passengers. And they were also impacted by the 
shutdown. This includes all of our personnel that do vetting 
operations, that basically look at passenger information before 
passengers board flights to be able to assess risk by 
passenger.
    All of our Federal air marshals that provide in-flight 
security. All of our inspectors at airports around the country 
that ensure airports and airlines are complying with the 
regulations we have put in place. And then finally, all of our 
international staff that--we have a number of measures in place 
at those last point of departure airports that I mentioned, 
that has been a significant work driver. Two hundred and eighty 
airports and we have four series of different requirements at 
those airports.
    And so the entire organization really pulled together. But 
I think it really--at the end of the day--boils down to 
continued, sustained leadership involvement and leadership 
action with respect to our employees and then the leaders 
having the flexibility to be able to ensure that the frontlines 
are able to deliver the services that are so important to the 
public.
    Ms. Roybal-Allard. Thank you. Mr. Fleischmann.
    Mr. Fleischmann. Thank you, Madam Chairman. Mr. 
Administrator, hello again. Mr. Administrator, I have a 
question. I am concerned about the threat posed by the largely 
unmonitored movement of high-ranking hazardous materials on our 
nation's highway network and about TSA's difficulty to address 
this vulnerability as directed by Congress and as required by 
law.
    Section 1554 of the 9/11 Act of 2007, Motor Carrier 
Security Sensitive Material Tracking, requires the TSA, sir, to 
develop a program to facilitate the tracking of highway 
security sensitive materials, HSSMs. Currently, I understand 
that the TSA has no visibility in the movement of these 
dangerous materials on the nation's highways.
    Compounding this, I understand that TSA lacks the basic 
programmatic data on the shipments, the number of shipments, 
quantities shipped, and the original destination and routing of 
the shipments. Mr. Administrator, I was pleased with the 
commitment you actually made, sir, during your confirmation 
hearing to revisit the surface security provisions of the 9/11 
Act and to implement those that TSA has yet to address. 
However, TSA has not prioritized this R&D program and worked 
stopped about a year-and-a-half ago with the Fedtrak R&D 
project about half completed.
    I understand that there has been some preliminary 
discussion around an approach to implement a tracking center in 
an industry-funded public-private partnership at no cost to the 
taxpayer. My question, can you tell me what, if any, plans TSA 
has to restart and complete the work on Fedtrak R&D?
    Mr. Pekoske. Yes, sir. Thank you for your question. And 
also thank you for your comments about the Chattanooga 
workforce.
    And I did talk to the federal security director for that 
airport and personal relay the comments that you made, and he 
was very appreciative of your comments and your involvement and 
your support of TSA.
    With respect to your question, I said at my confirmation 
hearing that I am very concerned about the level of effort that 
TSA is able to put forth with surface transportation security 
writ large, whether it is trucking, freight rail, mass transit, 
pipelines, over the road buses.
    And one of the things that we have done to address that is 
we are in the midst of a restructuring which will put under the 
direct control of an assistant administrator for surface 
transportation security operations, so we elevated the position 
up a notch that oversees surface. And then we are also in the 
process of giving that assistant administrator direct control 
over a lot more resources than she previously had direct 
control over. And this includes all of our surface inspectors 
that are basically collocated with our inspectors at airports 
around the country and also a regional staff to be able to work 
closely with FEMA for contingency planning and response and 
also for surface transportation security.
    Additionally, I know from looking at my own budget that we 
are underinvested in research and development. And that is 
something that is not reflected in the fiscal 2020 budget, 
because we are not ready yet to put specific initiatives 
forward to do that, but we will be in our fiscal 2021 budget. 
And this applies both at the screening checkpoint and also at 
our surface transportation efforts.
    And so I pledge to you that I will keep a very close eye on 
this, and you will see as we complete our restructuring a 
significant increase in the resources directly attributable to 
the surface training security.
    Mr. Fleischmann. Yes, sir, thank you. And as a follow-up, 
can you speak to the potential return to the taxpayer in terms 
of preventing a serious incident, sir?
    Mr. Pekoske. Yes, sir, and that is something we are always 
very mindful of is the--you know, the ROI is enormous on almost 
every aspect of what TSA performs. And we do have, in my view, 
a very robust risk assessment and risk management process that 
kind of looks across the spectrum of what we are asked to 
secure and makes decisions as to where we need to spend that 
next available dollar so we do get the highest return on 
investment for the taxpayer.
    But that is the constant part of our process. And I just 
recently amended the risk assessment and management process to 
the point where annually it is briefed to me and my senior 
staff as to what risks we think we are facing and how we are 
going to manage and mitigate those risks, and then quarterly 
updates after that, so it is constantly on our plate as we look 
at our own resource allocations, our own policy decisions, that 
we keep that in clear focus.
    Mr. Fleischmann. Mr. Administrator, thank you. I believe my 
time is up. Madam Chairman, I will reserve for round two.
    Ms. Roybal-Allard. Mr. Ruppersberger.
    Mr. Ruppersberger. Sure. First, thanks for being here.
    When TSA first started, there were a lot of problems. I 
think that there wasn't really adequate training, and I think 
also there needed to be a theme with the people who worked 
really on the frontline that they were in the service business, 
they were representing homeland security, and that there is a 
way to deal with your job and working with people, and that has 
changed. I think TSA, whether under your leadership or before, 
but I see that you have better training. I think the people--I 
fly out of BWI airport a lot in Baltimore, but the people are 
really friendly, they do the job the best they can, and they 
are professional. And that is what you want, because they are 
still representing the government.
    So whatever you are doing there, keep it up. And I want to 
acknowledge the employees of--and again, I am sorry that 
unfortunately for different reasons--I am not going to get into 
any politics here--but that you couldn't be paid while you were 
working. And that can't--should not happen again.
    I want to get into the issue of--I think you have expedited 
the recurring process for fielding computed tomography, CT 
technology, known as a gold standard in the aviation security. 
You know, I was a former ranking member of the Intelligence 
Committee and done a lot with terrorism, and to this day, I 
still think that one of the key areas for terrorists is the 
airplane. And so you have that burden with you, and you have 
got to keep up that on a regular basis. And I hope you are 
communicating with intelligence agencies and other groups, too.
    I am also pleased that you have just bought over 300 
technology screening with Smiths Detection. Why I am pleased 
about that, they are in my district. So I want to make sure 
that it was a competitive bid and all that, okay, just to 
cover. But they--tell us why you picked them and why their 
technology is so good.
    Mr. Pekoske. Yes, sir. Well, CT----
    Mr. Ruppersberger. And I have one other question, so try to 
make it quick.
    Mr. Pekoske. Yes, sir. CT is a game-changer for us and the 
screening checkpoints. It provides an image that is much 
clearer for the operators to see and you can move that image 
around 360 degrees, so you can see bag and look at it in the 
opposite direction, see underneath. That is why laptops don't 
need to come out of carryon bags.
    Mr. Ruppersberger. That is good.
    Mr. Pekoske. It is huge. And not only that, but the ability 
to detect explosive levels that we are concerned about is night 
and day compared to the current technology that is out there. 
So the current contract award, very pleased with the way that 
process went. We did it within a year, which is unheard of in 
federal procurement. We were able to do that because we had a 
great staff to be able to execute on it. We had great support 
from the Department of Homeland Security. And also our private-
sector vendors and our private-sector partners, airlines and 
airports, were all in on this, very, very competitive process. 
And you saw the results.
    Mr. Ruppersberger. Yeah, I have my next--whole back and 
neck--I have two artificial shoulders, two new knees, and five 
screws in each foot. That is an orthopedic surgeon's dream. 
But, you know, I always got nailed every time. And with that 
new--when you put up, it seems that you passed through that 
without all of the checking and that type of thing.
    Mr. Pekoske. Yes, sir----
    Mr. Ruppersberger. I would give that as an example. You 
don't need to talk about that, my body----
    [Laughter.]
    Mr. Pekoske. Well, we have a solution we are looking at for 
that, too.
    Mr. Ruppersberger. Good, well, that is great. The other 
thing I want to get into is--and this is a little bit more 
controversial--local airports employ able and component 
security guards, but the level of training at TSA is so 
superior to--second-to-none right now in this agency. And I 
believe your agency should be staffing exit lanes. That is a 
controversial issue, because the president's budget cut that, 
and they did the same last year.
    And the--last year, I think Congress was able to put in $77 
million back in the budget. And again, we are dealing with it 
again. And, you know, hopefully our colleagues come together 
and push for full funding. And this is not a cost that the 
regional airports can really afford and a lot of the other 
things that they have to deal with.
    Customs and Border Protection is using the same mechanism 
to our seaports. I represent the Port of Baltimore, too, to 
pass the buck to local governments. And there are certain 
responsibilities we have and so we are going to attempt to do 
what we can to protect our country, but my opinion, now, I 
don't want to put you in a bad situation, especially with the 
boss you have. You never know where he is going to be 
sometimes, and so you don't have to comment on this.
    I just want to say that we really feel that this should be 
your responsibility. We have got money in the budget last year, 
and we are going to try to do it again this year. I am saving 
you, son. I don't want you to have to comment on this.
    Yield back.
    Ms. Roybal-Allard. Mr. Newhouse.
    Mr. Newhouse. Welcome, Administrator Pekoske. I am sure I 
am going to say that wrong. Well, thank you for being here. You 
have a unique position, I guess, at least at TSA of being kind 
of the face of the federal government to a lot of people in 
this country. And it is an opportunity, and I just want to 
compliment your staff being as professional and efficient as 
they are when I go through airports, and also for providing 
that positive face of the federal government to the general 
public. So thank you for the hard work that you have in front 
of you, but also for the professional way you carry it about.
    So I wanted to follow up a little bit on the chair's 
question, even though I wasn't in the room. I understand the 
question of retention was part of what you were thinking. One 
of the concerns are that some airports continue to face the 
difficulty of retaining TSOs, particularly on a dynamic hot 
economy, competing.
    In the Seattle region, in particular, of course, whenever I 
fly in and out of twice a week, I know you have been able to do 
temporary bonuses and some retention incentives for tight labor 
markets like that. But I am curious how this budget proposal 
will allow you to tackle some maybe larger reforms of less 
temporary things to change how you might address this issue, 
perhaps increased compensation could really lead to better 
retention of TSOs.
    So in light of that, can you tell me what maybe some of the 
long-term goals are at the TSA to recruit and retain, and also 
certainly how we can help implement and expedite that plan?
    Mr. Pekoske. Yes, sir. Thank you very much for your 
comments. And Seattle Tacoma Airport is a very, very busy 
airport, and we place a lot of emphasis on making sure we have 
the proper staff there, because of the volumes that are going 
through that airport, and also the proper number of canine 
teams to help us with security.
    There are several things, though, that we are doing with 
respect to the workforce. I think you are right that our 
attrition rates are too high. And Chairwoman Roybal-Allard had 
the same observation. And that is due to a number of factors, 
including the pay levels and including some of the things that 
we do within TSA that are totally within our control to be able 
to adjust.
    When TSA was formed in 2001, the law that is the baseline 
for TSA was signed by President Bush on November 19, 2001, so a 
very short period of time from 9/11 until the establishment of 
the agency. That Aviation and Transportation Security Act 
provided an awful lot of authorities to the TSA administrator 
to be able to manage the screening workforce. And what I am 
looking to do is to be able to exercise the full extent of 
those authorities to be able to improve job satisfaction within 
the workforce, to be able to look at overall pay and 
compensation issues, so that we begin to address them in a 
systematic way.
    To get at that, we have already put out a TSO, 
transportation security officer, career progression plan. 
Because when I came into the agency, there was really no career 
mapped out for somebody who came in and wanted to be a member 
of the screening workforce. And so we mapped that out. We 
published it. We came to this subcommittee and asked for some 
reprogrammings to be able to execute it.
    Mr. Newhouse. So illustrating where a person could be in 5 
or 10 or 15 years?
    Mr. Pekoske. Yes, sir. As a member of the screening 
workforce and also what training we would provide them, what 
pay raises would come along with that, and also within TSA--you 
know, I mentioned in my opening statement all of the different 
aspects of performance in TSA, you know, vetting, federal air 
marshals, international inspectors. We are doing a much better 
job now of laying out those opportunities to the workforce so 
that they know that, hey, if I aspire to be an inspector, for 
example, that I do have a career path that allows me to do 
that.
    The other thing that we are doing that is very significant 
is, I have convened a blue ribbon panel to look at our delivery 
of human capital services within the agency. That panel is due 
to report back out to me within the next 30 to 60 days. And I 
asked them just to take an independent look at how we manage 
our human capital and come back with some recommendations. That 
will be the basis for how we proceed with respect to resource 
issues going forward, but I will give you a very good example 
of that.
    I have all the authority in the world under law to provide 
longevity increases for my employees. By and large, we don't do 
that, however, because we were constrained by categorizations 
of funding in the budget. But I can provide longevity increases 
every 52 weeks, which is much better than the general schedule 
can. It is every 2 or 3 years.
    And so I want to step back and take a look at, hey, what 
makes sense for longevity? Where do we reach the point where 
people we know are making decisions as to whether they stay or 
they go? And ensure that we recognize experience at those key 
critical points. And I would be happy to come back to this 
subcommittee once I have that blue ribbon panel report and just 
lay out for you what they said, independent group of folks not 
employed by TSA who are experts in human capital management.
    Final thing is that my focus is on leadership and on 
properly taking care of the entire workforce. And that is where 
I ask all my leaders to focus their time, as well, so that we 
are keenly aware of what the needs of the workforce are.
    Mr. Newhouse. Good, good. Well, I would be certainly 
interested in seeing that if it comes available, and also 
looking for ways that we can work with you as you meet the 
growing needs of travelers in the country and the growth at 
airports that we are seeing, as well. So thank you very much 
for your questions. I yield back, Madam Chairman.
    Ms. Roybal-Allard. Mr. Price.
    Mr. Price. Thank you, Madam Chairman. Welcome, 
Administrator. We are happy to have you, and appreciate your 
testimony.
    Let me turn to the area of general aviation and ask about 
your work in that area, and in cooperation with general 
aviation stakeholders. The recently enacted FAA reauthorization 
act included provisions which encouraged more focus on TSA's 
efforts with general aviation airports and operators, and 
specifically encourages a dedicated general aviation 
representative. And part of the rationale for such a dedicated 
staff person is the desire to support general aviation's 
efforts to encourage and improve secure operations.
    This includes efforts to modernize existing security 
programs, particularly in specialized areas, like the DCA 
access standard security program and gateway airports, which 
are used to provide access during temporary flight restrictions 
for special events and so on. A number of these efforts 
underway.
    I think it is fair to say that the progress in most of them 
has been limited so far. So that leads to my question. What 
steps are being taken by TSA to encourage modernization and use 
of these programs in a responsive and timely manner for 
stakeholders? How are you prioritizing programs such as DASSP, 
gateway, and other security programs used by general aviation 
aircraft to increase operational flexibility?
    Mr. Pekoske. Yes, sir. We spend a lot of time making sure 
that any interest group having to do with aviation security or 
surface transportation security has a clear entry point into 
the TSA organization and somebody that can champion their 
issues so that would be an expert and be able to reflect on a 
short notice question generally what that segment of the 
industry would desire.
    Additionally, we have the Aviation Security Advisory 
Committee that is a group of volunteers who has provided 
invaluable advice to me as the administrator. And I use them 
extensively. And I know general aviation interests are well 
represented there.
    I have met with individuals from the general aviation 
industry over the course of my time as the administrator. I am 
very familiar with the concerns that they have. We did, in 
fact, look very specifically at the DC special access area and 
the regulations attendant there, too, and determined that what 
we had in place made sense given the threat that we still see. 
But we said that we would be willing to look at ways that we 
could provide an equivalent level of security by potentially 
doing something a little bit differently.
    And that is generally an approach that we have taken with 
industry, is to say, hey, here is the security outcome that we 
need to achieve. This is our mission. This is the outcomes that 
we need to achieve. And then how would you propose that we 
achieve those outcomes? Because I want to hear from the 
industry as to what specific ways and measures--these are folks 
that are all running businesses--that they have a certain 
perspective that I think is incredibly valuable to our decision 
process. And that is the process we use is, hey, here is the 
threat, here is the outcome, tell us how you would achieve that 
outcome. And then we work together to then determine what 
specific measures we put in place.
    Mr. Price. And can you give us some estimation of the state 
of play with respect to these efforts? How successful have they 
been? How far along are they? What would be maybe an example of 
the progress you hope to make?
    Mr. Pekoske. Yes, sir, I will give you an example with 
commercial non-general aviation. I think that is the best 
example. We were facing a threat that had to do with powders 
being introduced into a cabin of an aircraft. We were able to 
bring representatives of the major carriers into TSA 
headquarters, all had security clearances. We revealed with 
them at a certain level what that threat entailed and told them 
what security outcome we wanted to achieve.
    We went back and forth in this process for about 2 months 
and then came up with a series of measures that the true 
success of it is that we significantly raised security at our 
domestic airports and our international last point of departure 
airports, and most passengers never even noticed that something 
had happened. And the nuanced change was that we asked 
passengers to take large volumes of powders out of their 
carryon bag.
    And then we put certain protocols in place. We had to 
decide what volume and then how we were going to resolve what 
those powders were. But that was a very successful process that 
actually has been adopted by other countries as a result.
    So my point is, as open as we can be, a lot of 
collaboration, and then a clear explanation as to why we go 
down a certain path.
    Mr. Price. Thank you. Thank you, Madam Chairman.
    Ms. Roybal-Allard. Ms. Meng.
    Ms. Meng. Thank you, Madam Chairwoman, and thank you, Mr. 
Administrator, for being here today. I want to, as a frequent 
flier through LaGuardia Airport in Queens, New York, very 
grateful to you and the TSA agents who work there who I see at 
least twice a week. So thank you for your commitment.
    I wanted to ask about reports from the House Committee on 
Oversight from the fall 2018, revelations about the hostile 
work environment, history of sexual harassment and retaliation. 
Wanted to know if--what has been done to address this issue 
from an institutional perspective? Has anyone been terminated? 
Have there been new trainings? And how can we ensure that 
employees are able to report malfeasance without any sort of 
retribution?
    Mr. Pekoske. Yes, thank you for the question. And I have 
been very, very strong on this issue. I think that job 
satisfaction, workplace environment are things we control 
largely. And we need to make sure, one, we comply with the law 
and, secondly, that we create an environment where every person 
who is an employee of TSA can succeed.
    And so what we have done--specifically to respond to your 
question--is, yes, we have provided a lot more training. But I 
think what is important is what the leadership emphasis is. And 
I published in a couple of documents--first one was the new 
strategy for TSA that I published about a year ago. And one of 
the core values that we put into the TSA strategy was respect, 
because that was not a core value of the agency.
    And to me, that means respect for each other in the 
workplace and also respect for passengers as they receive the 
services that we provide. First core value is integrity, 
second, respect, the third is commitment.
    The other thing that we did was when we published the 
administrator's intent, which is a document that basically 
says, hey, while I am the administrator of this agency, here is 
what I am going to do to execute on that strategy. In the 
administrator's intent, I put a whole series of leadership 
principles. The very first leadership principle is caring for 
your people, because I want to create a leadership culture that 
gets at these longstanding inside TSA job satisfaction, work 
environment issues.
    I am happy to report a couple things. One is that our FEV 
scores, the federal employee viewpoint survey, that survey that 
is done every year of every single federal agency, shows 
noticeable progress across all dimensions. We didn't go down or 
stay the same in any dimension. We went up in every single one.
    Additionally, if you look at the complaints that we 
receive, those complaint rates are way down from this year over 
last. And so I just look at those trends to say, hey, are we on 
the right track here? And what else do we need to do?
    Finally, I have asked every leader to be open and 
accessible to the people that they work with. And the only way 
you are going to do that, if you are a federal security 
director at LaGuardia airport, the only way you are going to 
have a feeling for how well your people feel about the job that 
they perform and the people that they work with is to walk 
around and to talk to them. You can get them one on one and 
just ask them questions, give them the opportunity to get to 
know you and you them.
    And then you will get some direct feedback. And as I travel 
around, I get a lot of direct feedback. And I can tell almost 
instantly how an airport operates, you know, after about 3 or 4 
minutes on the ground, just in a couple of interactions with 
people.
    Ms. Meng. Great. But had--from the revelations from that 
hearing, had anyone been terminated or what were the results?
    Mr. Pekoske. From the hearing, the incidents that were 
referenced in that hearing go back several years. And what I 
said at the hearing was, I am not going to go back and 
readjudicate things that happened several years ago, because as 
long as I am told that the process was not fundamentally flawed 
and decision-makers made decisions with the facts that were 
available to them, that I wasn't going to go reverse those 
actions.
    But that we would take very quick action on any future 
incidents that have occurred, and that is what we have done. 
And so, you know, I--in many cases, the actions that were the 
subject of that hearing had already been taken and involved 
agreements between the employees affected and the agency. So I 
really couldn't undo those from my perspective.
    Ms. Meng. Okay. So, I have a second quick question about 
religious and racial profiling. Since 2012, over 700 complaints 
have been filed against the TSA using the FlyRights app, 
addressing mistreatment and discrimination. In contradiction to 
TSA protocol, Sikh Americans have been required to remove their 
turbans, Muslim Americans have been interrogated about which 
mosques they attend, for example.
    To ensure that this type of profiling does not occur at 
airports across the country, what types of accountability 
systems are currently in place?
    Mr. Pekoske. A number of things. First, we screen on 
average 2.4, 2.5 million passengers a day. And that number 700 
goes back to 2012. So if you look at the volume of passengers 
to put that number 700 in context, but there are still 700 
people who had a complaint. I am very mindful of that.
    And we have a process that we have that allows people to 
register a complaint and then us to get back to the 
individuals, do whatever investigation is deemed necessary at 
that point in time, and try to resolve these as expeditiously 
as we can.
    Additionally, I have made it a point as I am traveling 
around the country to visit different groups around the 
country, just to be able to establish that connection from the 
top leadership of TSA with different communities in this 
nation. So we are trying to make sure that we have a very good 
dialogue.
    And, you know, we have a multicultural day every year in 
TSA. It is widely attended. And the attendance is growing year 
after year. So I think our levels of communication are very 
good.
    Final point I would make is that when we see a passenger 
who has a complaint, first thing we do is we, one, ensure that 
our officers were following our standard operating procedures. 
And I will tell you that in almost every case that is the case. 
So then we back up our officers. Our officers were following 
our procedures.
    But then the second question is, are our procedures still 
the appropriate procedures? Because every case we use to kind 
of re-review our procedures to make sure they are appropriate, 
given the security concerns that we have.
    Ms. Meng. Okay, thank you. I yield back.
    Ms. Roybal-Allard. Mr. Aguilar.
    Mr. Aguilar. Thank you, Chairwoman. Thanks, Administrator, 
for being here. And I know I missed your answer to questions 
related to the shutdown and working without pay. But your folks 
do an amazing job each and every day.
    But I did want to ask, specific to those issues and morale, 
how is morale among TSA employees? And if you could benchmark 
that against things from years past. You know, where are we at 
today?
    Mr. Pekoske. I think the best indicator of morale is that 
federal employee viewpoint survey, because it is every year. It 
is the same questions. And last year, for example, that was 
what is called a census year, which means that every single 
employee was issued an e-mail invitation to participate in the 
survey.
    Our performance on that FEV survey is constantly improving. 
We went up in every single category across the board. And I 
think our average increase was 3 percentage points, which is 
pretty good, given the size of the agency.
    Mr. Aguilar. What is the response rate? How many people? 
What is the percentage?
    Mr. Pekoske. I will have to get back to you on the record 
with that, but I want to say it is something around 19 percent 
or so, which is actually not a bad response rate. But one of 
the things that we are going to do this year, is because most 
of our employees are doing shift work at a screening checkpoint 
and they only have a limited number of computers to access, is 
to continue to make a push--because I want to see is as high a 
level of participation as we can, because that will give me 
more confidence in the results.
    [Mr. Pekoske responded for the record:]

    In 2018, 22,888 TSA employees completed the Federal Employee 
Viewpoint Survey (FEVS). This represents 38.9 percent of the eligible 
workforce at the time of the survey, as determined by OPM. Although TSA 
hopes to improve on this number in the 2019 survey, it is comparable to 
other government benchmarks. For example, the 2018 government wide 
response rate was 40.6 percent, and the response rate for DHS was 41.3 
percent. In Headquarters, TSA had a response rate of 57.2 percent, well 
above the government average. And while response rates are much lower 
in the airports (37.5 percent). TSA is encouraged that many airports do 
participate in FEVS at high levels. For example, Detroit Metropolitan-
Wayne County Airport (DTW), a Category X airport, had 61 percent 
participation. TSA's largest workforce, Los Angeles International 
Airport (LAX), had 52 percent participation. These participation rates 
are due to local leadership, support, and planning.
    The timing of the survey, which is administered by OPM, occurs in 
the midst of the busy summer travel season. The vast majority of the 
TSA workforce serves on the frontlines and has limited access to 
computers during shifts. However, TSA is committed to encouraging every 
employee to participate in the survey. TSA believes that employee 
participation in the FEVS is driven by two factors: ease of access to 
the survey and a belief that TSA takes action on survey results.
    Regarding ease of access, TSA encourages local leaders to break 
down barriers to taking the survey. For example, many airports set 
aside time when employees are scheduled to attend training, and have 
access to computers, for FEVS participation. This year TSA will also be 
piloting tablets at Los Angeles International Airport (LAX) checkpoints 
to determine whether improved mobile access will boost response rates.
    To help employees understand why FEVS Matters, TSA is directly 
engaging employees across all internal communications platforms to 
improve employee understanding of how survey results are used. TSA 
solicited local success stories, describing how the 2018 results were 
used at the local level to drive improvements, and stories are being 
shared with the larger agency each week, leading up to and during the 
2019 FEVS administration period. Each success story is shared via the 
National Shift Brief, iShare homepage, TSO Advisor blog, and multiple 
TSANews app channels. TSA is also highlighting how leadership values 
employee input in making TSA a great place to work by highlighting the 
leadership team's ongoing efforts to include every level of employee in 
the agency's decision making process.
    As OPM is again deploying the survey as a full census, TSA intends 
to make the most of this opportunity to hear from the full TSA 
workforce.

    Mr. Aguilar. Appreciate it. News reports have mentioned 
that a team of TSA agents made a trip to Saudi Arabia with the 
goal of helping Saudi Arabia with aviation security and 
technical assistance. Can you expand on that, that government-
to-government relationship? And how long is it scheduled to 
continue?
    Mr. Pekoske. That government-to-government relationship 
actually started out with a technical cooperation agreement 
back in 2008. And really the process from 2008 to today has 
been a series of visits to really understand what the Saudi 
government was seeking in terms of our expertise and where we 
could best help them out.
    And so there have been a series of visits back-and-forth 
over the intervening years. We signed an MOU--we being the 
Department of State and TSA--in September of 2017 as to how we 
were going to operationalize the requests that the Saudi 
government had made. But to date, where we sit right now is we 
are still going back and forth on scheduling and figuring out 
exactly what we are going to provide, but we haven't actually 
provided any training at this point.
    Mr. Aguilar. Does the MOU talk about timeframe?
    Mr. Pekoske. The MOU goes out, I think, until 2023, if my 
memory serves me correctly.
    Mr. Aguilar. Okay. I appreciate it. Thank you. I yield 
back, Madam Chair.
    Ms. Roybal-Allard. Ms. Wasserman Schultz.
    Ms. Wasserman Schultz. Thank you, Madam Chair. I want to 
follow quickly on the heels of my colleague from California 
with a question, or really a statement, about our TSOs.
    These are folks who are abused and ridiculed for just doing 
their jobs. Abuse and ridicule is not in their job description, 
but one would think it was, given how I have witnessed--and I 
know so many of us have witnessed them being treated. And then 
on top of that, they went through a government shutdown and did 
those same jobs without pay.
    So have we now fully paid all of the TSOs that did not 
receive pay during the shutdown?
    Mr. Pekoske. Yes, ma'am. And in any large organization, you 
are always going to have a very small percentage of people 
unrelated to the shutdown or just--that have pay issues that we 
work very quickly to resolve. But a lot of the pay issues that 
we had immediately following the resumption of full operations 
and appropriation were mostly related to system issues with the 
pay system itself. It wasn't the actions that we were taking; 
it was actually executing through the pay system.
    Ms. Wasserman Schultz. Okay, thank you. I know you are 
aware on January 6, 2017, a man walked into the baggage claim 
area of Fort Lauderdale-Hollywood International Airport, 
collected his luggage, removed a firearm from that bag, opened 
fire on his fellow passengers, and murdered five people and 
injured six others.
    The aftermath of that shooting rampage was nothing short of 
chaos, mostly due to a lack of coordination. The takedown of 
the suspect was immediate. Since that date, I know I have been 
working closely with TSA and with our airports and our airlines 
to ensure that we have a more effective model for ensuring 
coordination between federal, state and local law enforcement 
at airports so that the response to similar incidents, because 
we had one at LAX, we had one at JFK, can be swift and 
coordinated.
    And so after researching and talking with many airport 
professionals, I am convinced that this can most effectively be 
accomplished by establishing unified operations centers in 
airports, which I had the good fortune to talk to you about in 
my office the other day, that would serve as a centralized hub 
for coordination during a security incident, like what we had 
at our airport.
    So can you share with us whether you agree that a unified 
command-and-control center at airports, particularly the Cat X 
airports, would improve the response to security incidents?
    Mr. Pekoske. I completely agree that having a unified 
operations center at any large airport--actually, any airport--
is very beneficial to the day-to-day operation of the airport 
and certainly to the operation of an airport when there is an 
emergency like what happened at Fort Lauderdale airport, 
unfortunately.
    And I also believe that the best model is to have them up 
on a day-to-day basis and not start them when you have an 
emergency, because that loss of time and just the coordination 
that needs to occur, precious seconds are lost and that really 
counts, as we saw in Fort Lauderdale.
    There are provisions in the TSA Modernization Act that have 
us set some guidelines for airport operation centers, and we 
are on pace to do that, because I want to see that in writing 
and publish that as an agency. And then we have scheduled in 
the Mod Act a brief to members on this very topic. So I am 
looking forward to both those opportunities.
    Ms. Wasserman Schultz. Great. And I look forward to working 
with you as we discussed on my legislation so that we can 
further actualize that concept. And lastly, I wanted to just 
touch on the advanced imaging technology that since 2015 has 
been approved and utilized by our international partners at 
some of the world's busiest airports.
    The newer, next-generation AIT technology used in Europe 
and internationally has been at the Transportation Security Lab 
since 2014. Data from TSL assessments clearly indicate that 
this new technology performs better than TSA's current 
technology. It is less intrusive. It makes it a little bit 
less--quite a bit less confrontational for our TSOs where there 
is an alarm.
    Can the TSA leverage the performance data of our 
international partners to reduce the time and TSA resources 
needed to accelerate the validation of the new AIT technology 
and make it available more quickly for airports to equip new 
terminals?
    Mr. Pekoske. Yes, ma'am, absolutely. In fact, we have 
already certified that technology, which means that we have 
tested it in our labs and we have said it meets the performance 
specifications that are required for use in our screening 
checkpoints. So we are already doing that.
    And to your larger point, we worked very, very closely with 
all of our international partners on their technology 
advancements so that we don't repeat each other's good work and 
that we benefit from the lessons that each other learns.
    Ms. Wasserman Schultz. Thank you. Thank you, Madam Chair. I 
yield back.
    Ms. Roybal-Allard. Mr. Administrator, the administration's 
budget request for transportation security officer staffing 
would accommodate a passenger growth rate of 2.5 percent. But 
it estimates that the actual passenger growth rate is expected 
to be 4.5 percent. Why is there a mismatch? And wouldn't that 
result in an expansion of wait times at checkpoints?
    Mr. Pekoske. Yes, ma'am, you are correct. The resources we 
are requesting will basically accommodate a 2.5 percent 
increase. We know it is 4.5 percent or 5 percent. But we also 
know that in certain airports around the country, we really 
can't add any more people, because we are maxed out in terms of 
the number of screening lanes that we have. And so that is a 
factor, is the fact that in some airports you just can't add 
any more lanes, even if you knew you needed to. And we 
essentially wait with the airports with infrastructure 
improvement projects to give us that additional capacity.
    Also, we were looking for ways to become ever more 
efficient in the screening operations that we conduct. And I 
will give you two really good examples. For the CT, the CAT 
scan X-ray technology that we are looking at, that will 
eventually make us much better to be able to specifically 
isolate in a carryon bag, if the bag alarms through the X-ray, 
what specifically we need to look at. And that should speed the 
process along.
    Congresswoman Wasserman Schultz mentioned the AIT 
technology, and she is right. With the current technology, our 
false alarm rate is higher than what we would all like it to 
be. The new technology that we are looking at brings that false 
alarm rate down. And so what that means is that we have--when 
we need to do a pat-down of a passenger, it is more likely than 
not that there is an anomaly, something on that person's body 
that alarmed the machine.
    And so the technology advancements should improve our 
efficiency overall. But we are just in a position that with the 
top-line resources that the department has and the TSA has, we 
really can't get up to the full 4.5 percent. I don't think we 
really need to. And settling it at 2.5 percent is I think a 
very reasonable place to be at this point in time.
    Ms. Roybal-Allard. The budget request recommends the 
elimination of three programs that Congress has repeatedly 
endorsed--the visible intermodal prevention and response teams, 
the LEO reimbursement program, and TSA staffing of exit lanes 
at certain airports. Are the elimination of these programs 
based on assessments that they are poor investments of tax 
dollars? Or are there other reasons that you can talk about?
    Mr. Pekoske. Yes, ma'am. All three programs are very 
valuable programs. And they are appropriate investments. The 
VIPR teams are appropriate investments. They provide security 
in surface transportation and airport centers. The law 
enforcement reimbursement reimburses our law enforcement 
partners who provide a presence at our screening checkpoints. 
And I think both of those are very valuable programs.
    It really is an issue of when you look at, you know, a top-
line budget number, not just for TSA, but for the entire 
department, what kinds of tradeoffs do we have to make to stay 
within that top-line budget number? And there are some 
difficult choices that are made in any process like that.
    But what I would say, without question, that those are 
important programs. We are just fiscally not able to support 
them in this budget.
    Ms. Roybal-Allard. Okay. Now, if we were able to find 
additional resources, what would you recommend in terms of 
these three programs? I mean, that we could fund all three or 
if we have budget constraints, could you tell us the order in 
which you would prioritize these?
    Mr. Pekoske. Yes, ma'am. I would prioritize them VIPR 
first, because the VIPR program also provides ground-based 
assignments for federal air marshals. It gives them a chance to 
rotate from being in an aircraft on a regular basis to being in 
a ground-based assignment. It is good for the physical well-
being of our federal air marshals, and it is also good for 
their family and just kind of stabilizes these schedules much 
more so than being in the air. So I would put VIPR first.
    I would put law enforcement officer reimbursement second. 
And then the third--and only third because I think we might be 
able to get some technology solutions for this--is exit lane 
staffing, because when you think about it, we ought to be able 
to put a technology in place that prevents somebody from coming 
in the reverse direction in an exit lane.
    And so I would rather push on the technology solution for 
that rather than the people solution.
    Ms. Roybal-Allard. Okay. Mr. Fleischmann.
    Mr. Fleischmann. Thank you, again, Madam Chair. And Mr. 
Administrator, thank you for this very thorough hearing.
    Sir, I understand that the TSA is in the process of 
updating key screening technology at our airports in order to 
keep passengers safe from threats that continue to evolve. I 
think using contractors in certain airports and registered 
known traveler programs, like TSA Pre and Clear, are areas 
where we have tried to make screening process faster and more 
efficient not only for the TSA, but also for the traveling 
public.
    How is TSA using commercial technology to improve 
efficiency of operations at the checkpoint?
    Mr. Pekoske. Sir, almost everything at our checkpoints is 
either commercial off-the-shelf or an adaptation of commercial 
off-the-shelf technology. And that is where we are proceeding 
for most of the technology infusion for the next several years 
in our screening checkpoints.
    But in answer to your first question, about research and 
development, there are some aspects of what we need to do at 
our screening checkpoints that there really is not a commercial 
solution available and we just need to get into some basic 
research and development on those items.
    And I also think it is really important to be able to apply 
the security processes that we do based on the risk that 
passengers present. And that is where that credential 
authentication technology comes in so importantly, because just 
think from a technology perspective, we are going from taking 
somebody's driver's license or passport and visually examining 
it, putting an ultraviolet light on it or looking at it through 
a magnifying glass, and then trying to compare what is on the 
credential with the passenger in front of the officer to the 
point where those credentials get inserted into a machine and 
the machine comes back and says, yes, this is a valid Florida 
or a valid California or a valid Tennessee driver's license.
    And then the really good part about it is that it 
automatically pulls the information from the credential, so it 
will pull the name, gender, and date of birth from the 
credential, and in real time, while the passenger is standing 
there, send that information back to our Secure Flight 
database, which will return a result that will say, yes, this 
is a bona fide pre-check passenger. This is a standard lane 
passenger. This is someone who needs additional screening.
    And the other part is, it will also say, and this passenger 
has this flight today. So we will see the travel information. 
We will validate the credential. The image will come up on a 
screen. And so what ends up happening for the officer is, 
rather than being heads down, trying to match some very small 
printed info with the passenger in front of them, the machine 
takes care of a lot of that automatically, and then all of the 
information comes up on a screen. So you are looking more at 
the passenger, which I think is very beneficial from a security 
perspective. And it gives you the opportunity to have a 
conversation with the passenger, as well.
    So I think the technology part of this is going to be 
critically important for not just passenger convenience, but 
really for security effectiveness, because this is also from an 
identity perspective very significant improvement.
    Mr. Fleischmann. Yes, sir. How has TSA fostered 
relationships with the private sector, specifically, when it 
comes to new technologies?
    Mr. Pekoske. Sir, the reason we were able to move the 
computed tomography acquisition so quickly is because of our 
relationships with the private sector and because of the 
authorities that you have provided in law. We can accept gifts 
of technology from the private sector, as long as it is 
certified for operation in our screening checkpoints.
    And so what we were able to do is do a lot of operational 
test and evaluation with equipment that was gifted to us from 
the private sector, which sped along that acquisition process.
    Mr. Fleischmann. Yes, sir. As you move forward with rolling 
out new systems, sir, are you collaborating with your partners 
to continue best practices to keep the security lines moving?
    Mr. Pekoske. Yes, sir. We collaborate on everything, and I 
am always interested if there are better ways that we can 
collaborate that we will do them, because I want to make sure 
we have good, robust dialogue with our partners.
    Mr. Fleischmann. Good. Very briefly, the fiscal year 2020 
budget request proposes to draw down funds from the aviation 
security capital fund to finance additional CT screening 
machines. I wholeheartedly endorse increasing the number of CT 
scanners in our airports, and I agree that purchasing the 
scanners using the aviation security capital fund meets the 
eligibility criteria for the fund.
    However, I have concerns that the dollars in the fund have 
already been spoken for and have been allocated to very 
worthwhile security projects already on the drawing board for 
airports around the country. Can you say with certainty, sir, 
that this purchase will not have an unintended effect on 
delaying security projects already on the books?
    Mr. Pekoske. Sir, the reason why we chose to go that route 
was because we felt that it would not have an effect on 
projects that were already on the books, but we also viewed 
this as a one-time event.
    Mr. Fleischmann. Yes, sir. One final question. Is the 
proposal one-time deal for fiscal 2020? Or do you anticipate 
using this accounting practice again?
    Mr. Pekoske. Sir, we will evaluate it every year. But at 
this point, one time on 2020.
    Mr. Fleischmann. Thank you, sir. Madam Chair, I yield back.
    Ms. Roybal-Allard. Ms. Wasserman Schultz.
    Ms. Wasserman Schultz. Thank you, Madam Chair. I just had 
one additional question. And I know we already touched on the 
FAMS program, as well as the VIPR program. But having been 
involved in safety issues in my legislative agenda for many, 
many years, I really have sympathy for the difficulty 
associated with directly correlating the tangible benefits of 
programs that are intended to prevent harm, like the FAMS 
program, and I know the DHS IG expressed concern over the 
contribution that--to aviation security that the FAMS has, FAMS 
being the air marshals, for those that don't speak acronym.
    So having said that, and knowing that we have safety 
programs that we utilize to make sure that we can put obstacles 
in the path of someone who might try to do someone else harm, 
and there is not really a way to measure, per se, what we 
prevented from occurring, can you explain how you are 
modernizing the FAMS program to address threats faced today? 
And then also just in terms of--you alluded to it on a previous 
answer, but I mean, I don't think people really realize how 
debilitating it can be on the human body for an individual to 
fly and go up and down and up and down. I mean, I know how 
debilitating it is just to be a commuter, but to fly, you know, 
three or so times a day.
    Can you address whether you believe there is some value in 
giving the air marshals some ground-based assignments, like the 
VIPR teams, which certainly also provide a valuable service so 
that they have a visible deterrence at airports, which would 
obviously help us expand our reach in terms of protecting 
people, and also address the impact--the physical impact on our 
air marshals?
    Mr. Pekoske. Yes, ma'am. We just changed the concept of 
operations for how we deploy the federal air marshals. And I 
can't really go into a lot of detail on that new CONOPS in this 
setting, but suffice it to say that the new CONOPS results in 
much more effective employment of a very, very valuable and 
limited resource.
    I would also say that, you know, I have great admiration 
for our federal air marshals. They perform a difficult job. It 
is not easy sitting in a plane for hours on end. If you are on 
a domestic deployment, sometimes three flights in a given day, 
just three takeoffs and landings, that is fatiguing. And they 
have got to be alert all the time.
    And so we changed the concept of operations to be much more 
risk-based. And I think it has an awful lot more fidelity to 
it. And we also changed the way we place the air marshals in 
aircraft to be able to execute on that concept of operations.
    Once we put that in place, we agreed with the inspector 
general in that we did not have good measures. And like you 
said, it is very hard to measure prevention, right? But 
nonetheless, we can measure certain things that will give us 
sort of a surrogate for how we are doing. And as we published 
this new CONOPS will be a set of measures that we will put in 
place to be able to assess the importance of this important and 
really this last layer of security. That is what I think about 
all the time is, you know, we spend a lot of money in all the 
vetting operations, very, very important for us to do a lot of 
money in our screening checkpoints, a lot of money in checked 
baggage screening.
    We do really want to have that last line of defense with 
the Federal Air Marshal service. And as you have correctly 
stated, it is hard to be a flying federal air marshal for 6, 7, 
8, 9, 10 years on end. And so one of the things that we are 
looking at is, how do we better manage that very important 
force of individuals for us? And part of that analysis is, can 
we identify more ground-based assignments to give them a bit of 
a break, and also importantly, to use their significant 
expertise?
    I mean, these folks are experts in law enforcement. They 
are experts in aviation security. We can really get a lot more 
value, I think, by doing it that way.
    Ms. Wasserman Schultz. Absolutely. And, Madam Chair, I 
think it is important to just remind people, as we got a very 
unfortunate reminder at FLL, that our transportation security 
officers are part of the layers of protection. Safety, to be 
successful, requires layers of protection, because you need one 
there, and when that fails, then you have another. And, you 
know, you can't have infinite layers, but the air marshals are 
one of those layers and, like you said, the last line of 
defense.
    And what we were reminded about--and I think many people 
weren't even consciously aware--that our TSOs actually are 
there to protect the airplane. And so we do have some work to 
do to educate the traveling public about what the role of the 
various security and safety responsibilities are at the 
airport, law enforcement, TSOs, the VIPRs, the air marshals, 
and make sure that we continue to move forward on the 
discussion that has been sparked from FLL and other airports on 
the run, hide, fight concept, and who is responsible for 
actually making sure that we can support the airport and 
protect passengers that aren't traveling--about to travel on an 
airplane.
    Thank you. I yield back.
    Ms. Roybal-Allard. I just have a follow-up question on the 
issue that was raised by the ranking member about the 
credential authentication technology. How long will it take to 
get to full operating capability?
    Mr. Pekoske. Madam Chair, we should be able to purchase 
about 500 of the credential authentication technology systems 
in fiscal 2019. And then the budget requests another 300 or so 
more. It is going to take us about 2 more years after that to 
get the full operating capability, but we are going to be very 
smart as to how we deploy these systems.
    And we are going to start with our pre-check lanes, because 
one of the concerns the Congress has expressed and I share is 
that we need to make sure that the individuals who voluntarily 
give us their background information and their biometrics get 
some noticeable, tangible benefit from their investment in the 
pre-check program. Because for us, this now becomes a trusted 
traveler, and we adjust our security based on that.
    And so I want to put the CAT machines--I want to put 
technology where it will help accelerate a pre-check passenger 
or a global entry passenger's passage through security so we 
can focus our efforts more so on the individuals that need a 
little bit more attention.
    Ms. Roybal-Allard. Has there been any issue with regards to 
the Clear program, anything that has raised any concerns about 
that?
    Mr. Pekoske. There is a difference between the trusted 
traveler programs and a registered traveler program. A trusted 
traveler is a government program where we have the full 
background of individuals and we vetted those individuals and 
we also have their biometrics.
    A registered traveler program is--exists for the sole 
purpose of validating identity. It doesn't do any government 
vetting of those passengers. And some registered traveler 
clients are standard lane passengers and some are pre-check 
passengers. It kind of varies across the board, alternative the 
predominance are pre-check passengers.
    And we are looking at, how can we best integrate all the 
capability across? But with the credential authentication 
technology, because that is going to have risk-based 
information on passengers, that is a very critical, important 
function in our screening checkpoint. It is basically your 
entering argument to screening. And that is something, given 
that the information that is available to the officers, 
particularly as we get this live connection with the 
technology, that is so integral that it is a government 
function in our view.
    And so we are exploring with our registered traveler 
partner how we move forward given that the CAT deployment is 
really beginning now and it is going to be in earnest in fiscal 
2020, as well.
    Ms. Roybal-Allard. Do you have any further questions?
    Mr. Fleischmann. I am good. Thank you, Madam Chairman.
    Ms. Roybal-Allard. Okay. We still have a little bit of 
time, so I am going to just leave it up to you. Are there any 
questions that we didn't ask that you wished we had or any 
additional information that you would like to provide the 
subcommittee?
    Mr. Pekoske. A couple things, ma'am. I appreciate the 
opportunity, because it is rare that a witness gets this 
opportunity. You will see in a very short period of time our 
first capital investment plan that kind of lays out what we 
know we need to invest over the future years' homeland security 
plan. And it is going to be constrained by the levels that the 
administration has approved in the FYSP, which is a logical 
presentation, but at least you will get to see all of the 
projects that we envision, so you can understand the scale of 
the technology investment that we think is needed.
    You know, we have talked about the CT X-rays and we have 
talked about the credential authentication technology. Those 
are two that are already underway. CT, you know, to give you 
kind of a sense of scale, we are going to have 300 with this 
current fiscal 2019 purchase that we just made. Another 300 if 
the fiscal 2020 levels get approved. That is 600, but we have 
about 2,400 X-ray systems in the entire 440 airports that are 
federalized.
    So it makes progress, but we have still got a long way to 
go. When Congressman Wasserman Schultz was talking about the 
AIT technology, the technology you put your hands over your 
heads, that is not even an acquisition program at this point in 
time. Now, as I mentioned to her, we have certified that 
technology, which means that if an airport or an airline wants 
to gift it to us, they have got some standards of performance 
that the machines need to meet that we--and we will tell them 
which machines are certified to those standards of performance, 
so we can accept those gifts, but there is no formal 
acquisition program for that.
    So just context of, hey, you know, more technology 
investment is needed. And I would be most happy at anybody's 
convenience to sit down with you and kind of lay out the threat 
and then look at the capability of the existing screening 
system, and it will really illuminate why we need to make these 
technology enhancements--and the other thing is, you know, I 
think that has a big effect on the screening workforce.
    You know, when you are working with more up-to-date tools, 
particularly the onbody anomaly detection, for example, if you 
don't need to do as many pat-downs as you are doing--because 
nobody likes to be patted down and nobody likes to conduct a 
pat-down--if we can get technology that gives us more certainty 
in that process and better detectability, I think it is a win 
for passengers and certainly a win for screening effectiveness.
    The other thing that I would emphasize is how important the 
human dimension of what we do is. And you all know that--you 
have all expressed appreciation for the work of the TSA 
workforce. One of the things that has been really something 
that I reflect on all the time is how complex an agency this 
is. You know, most people think of TSA and they think of the 
screening checkpoint as the only part of the agency, and it is 
a very important part, and certainly the most visible part of 
TSA. But there is a lot of work that TSA does that most people 
don't realize that we are doing.
    They don't see the checked luggage that is going to go in 
the hold of an aircraft that we inspect. They don't see our 
inspectors walking around airports making sure that there is 
compliance with our airport security plans and our carrier 
security plans. They don't see all of the international 
inspectors that we have all around the world making sure that 
if you get on a flight at an airport that has a direct flight 
to the United States, that we have a presence there and we are 
looking out for the security levels in those airports.
    They don't see all of the individuals that work in our 
intelligence enterprise, that do all the very important vetting 
work that is important to be able to make sure that we have 
properly assessed the risk by passenger. And they really don't 
see everybody that needs to support that enterprise. And we 
have got thousands and thousands of very dedicated employees 
that make sure, you know, that our IT systems are up and 
running, that our pay systems are up and running, that our 
human capital systems are up and running.
    And so it is a very complex enterprise. And I am very proud 
of every single person in the agency, because without--you 
know, we need everybody to be able to perform our mission. 
Congressman Wasserman Schultz talked about the Federal Air 
Marshal Service. They are designed to be not visible to 
passengers. And I am so glad that we have that layer of 
security.
    So I would just, you know, take the opportunity just to 
emphasize in my opening statement, I said, hey, there is two 
really important things we need in this budget, technology 
investment and investment in our workforce. And I really 
appreciate the flexibility of this subcommittee in working our 
reprogramming requests along the way as we want to move some 
money around to be able to accomplish some of the initiatives 
that we know we can self fund, but we just need to change the 
nature of the funding. And you have been very, very helpful in 
that regard, and we very much appreciate it.
    And you see a couple of--actually, three uniformed officers 
behind me. We made a change in our policy in TSA about a year 
ago, where I wanted to see a uniformed presence in the agency 
and I wanted to have transportation security officers--and they 
were all supervisory transportation security officers--I wanted 
to have them nearby all the senior leadership, so that when we 
were having policy discussions affecting our workforce, that we 
had people that actually represented the frontline right there 
in the discussion so that they could give us their input.
    And then also over my right shoulder is a member of the 
Federal Air Marshals Service also on our front office staff 
that provides me that same perspective from a federal air 
marshal perspective. And it is really valuable in that a TSO 
may not call me, but they will definitely call Charles--or Pam, 
and they will--and an air marshal will call Cara, but they may 
not call me.
    And so we are just trying to improve the levels of 
communication. But really, I sincerely--I said in my opening 
statement that I appreciate the oversight that you provide, 
because your questions cause us to constantly think about what 
we are doing to make sure that we have thought it through, and 
you and your staffs have been there to support us every step of 
the way. And so we really appreciate it.
    Ms. Roybal-Allard. Well, welcome to all of you, and thank 
you for everything that you do. As you can tell, there is 
bipartisan support and we will do everything we can to help you 
to continue to protect our nation.
    Mr. Pekoske. Thank you, Chairwoman.
    Ms. Roybal-Allard. Thank you.
    Mr. Pekoske. I appreciate it. Thank you, Ranking Member. 
Thanks.
    [Material submitted for inclusion in the record follows:]
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
   



                           W I T N E S S E S

                              ----------                              
                                                                   Page

Gaynor, Peter T..................................................    68
    Prepared statement...........................................    71
    Answers to submitted questions...............................   105

Kelly, John V....................................................     2
    Prepared statement...........................................     5
    Answers to submitted questions...............................    45

Krebs, Christopher...............................................   124
    Prepared statement...........................................   126
    Answers to submitted questions...............................   166

Pekoske, David...................................................   200
    Prepared statement...........................................   203
    Answers to submitted questions...............................   232

Schultz, Admiral Karl............................................   168
    Prepared statement...........................................   171
    Answers to submitted questions...............................   195