By James R. Lint
Faculty Member, School of Business, American Public University
On August 30, 2016, Military Times published an article about a Department of Defense (DoD) Inspector General (IG) report pertaining to the improper use of government credit cards. This report found that many people used their government credit cards in strip clubs and casinos and requested government reimbursement for their charges. Cardholders often used these credit cards to prevent their spouses from discovering their visits to either a strip club or a casino.
Misuse of Credit Cards Not Reported
The article also described how the report from the IG assessed how military officials took action to cope with this misbehavior. One of the IG report’s suggestions was to conduct a review of past credit card misconduct, a much-needed action. In the corporate world, a manager or leader would behave in a similar manner, working to determine if this misconduct was a first-time event or a long-term problem.
[Also by James R. Lint: Infragard: Helping the Nation’s IT Security Professionals]
Also, the IG report discusses multiple individual cases of credit card misuse while the owner was traveling. According to Andrew Tilghman, the author of the Military Times article, “The IG also concluded that the credit card misuse revealed “potential national security vulnerabilities.” Credit card misuse is a violation that can warrant revocation of a security clearance, but the misconduct is not routinely reported to the personnel overseeing security clearances for the Joint Personnel Adjudication System (JPAS), according to the IG report.”
Criminal or Unethical Activity Leads to Potential Security Threat
Any time people conduct criminal activity, especially when they are embarrassed about a certain type of activity, the situation has the potential for blackmail. For counterintelligence personnel, this is a strong concern because it means that flawed employees could be potentially controlled by foreign intelligence entities (FIE).
The IG is correct; this type of activity should be reported to JPAS. This behavior could show other past indicators of possible hostile control or indicators leading to the discovery of an insider threat.
In fact, Department of Defense (DoD) personnel (which includes active and reserve military personnel) are legally obligated to report security concerns. The Counterintelligence Awareness and Reporting DoD Directive 5240.06 Paragraph 4c states, “Failure to report FIE threats as identified in this Directive may result in judicial or administrative action or both pursuant to applicable law or policy.”
Sometimes managers try to use removal of a security clearance to punish military or civil service personnel. This practice is ineffective, because the investigation and hearings involved in a revocation of a security clearance are long and exhaustive. This extensive process is necessary to ensure no misuse occurs in the revocation process, because the removal of a security clearance has a significant impact on a person’s employment and future.
The proper method of handling credit card fraud from one of your employees is to press criminal investigative authorities to charge that employee with a crime. That gives the human resources office at your organization the necessary information to conduct the employment removal process.
Any results from a criminal investigation and conviction should be forwarded to an organization’s security manager or facility security officer. They will ensure it is put into the JPAS system of record for security information, which is used in future security clearance adjudication actions.
Criminal Misconduct Is an Ongoing Security Concern for US Government
In my 36 years of work as a counterintelligence special agent and an intelligence community senior manager, I often saw security clearance and insider threat problems. These security issues were poorly handled by managers and leaders and festered into counterintelligence problems later on.
After most insider threat or espionage incidents that occur involving government employees, it is common for a review to be conducted by Counterintelligence Special Agent and reported to. It is often amazing that people saw indicators of criminal activity, but they failed to report it to their superiors.
We will have additional insider threat events in the future. When criminal activity is not handled correctly, that gives foreign intelligence entities an opportunity to hurt both our organizations and our country.
About the Author
James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded the 40th scholarship for national security students and professionals. He has 38 years of experience in military intelligence within the U.S. Marine Corps, U.S. Army, government contractor environment and civil service.
James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. In 2016, he was selected to be an associate member of the Military Writers Guild. He has served in the DHS Office of Intelligence and Analysis and at the Department of Energy’s S&S Security Office. James had an active military career in the Marine Corps for seven years and also served 14 years in the Army. His military assignments include South Korea, Germany and Cuba in addition to numerous CONUS locations. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” and a new book in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea.”