The Partner Vetting System (PVS) is a pilot program created to vet individuals in nongovernmental organizations (NGOs) and for-profit entities who apply for United States Agency for International Development (USAID) contracts and grants, to ensure that USAID-funded activities are not inadvertently providing support to entities associated with terrorism. Under the PVS pilot program, the U.S. government requires many grant applicants to submit detailed personal information on key employees and subcontractors to USAID for comparison with intelligence databases.
The PVS pilot program operates pursuant to two rules—one for acquisitions and another for assistance. The acquisitions rule (48 CFR Parts 704, 713-16, 744 and 752), part of USAID’s procurement regulation, and the assistance rule (2 CFR Part 701) are similar. They require vetting of key personnel (both U.S. and non-U.S. persons) of potential awardees and sub-awardees. The PVS program applies to non-federal entities, nonprofit organizations, for-profit entities and foreign organizations that apply for USAID contracts, grants, cooperative agreements or other funding.
The pilot, implemented by USAID and the U.S. State Department, is operated in Guatemala, Kenya, Lebanon, the Philippines and Ukraine. However, USAID’s authority is not limited to these five countries. The agency has the legal authority to conduct vetting outside the pilot program “where a risk assessment indicates that vetting is an appropriate higher level safeguard that is needed to protect U.S. taxpayer resources in high-risk environments like Afghanistan,” according to the most recent PVS final rule (80 FR 36693, June 26, 2015).
USAID applies a risk-based assessment to determine if a particular award is subject to vetting. This involves a number of factors, including the operating environment, nature of the program or activity, geographic locations of the proposed program or activity, and the amount of the award.
At the same time, the U.S. State Department runs a parallel program known as Risk Analysis and Management (RAM). Direct recipients of State Department funds under Bureau of Population, Refugees and Migration solicitations in the same five pilot countries must undergo pre-award vetting. The State Department uses USAID's PVS database to collect and store information on partner organizations and their key individuals, although the RAM information is accessible only to State Department employees. Few additional details on RAM are available.
If vetting is required, the applicant must submit the Partner Information Form (USAID Form 500-13) for all “key individuals,” including “key personnel,” regardless of whether they are employees of the applicant or sub-awardees. The organization applying for an award subject to vetting is responsible for selecting the key individuals to be vetted and verifying that the Partner Information Form for each individual is accurate and complete.
A “key individual” is defined as the principal officer of the organization’s governing body (such as chairman or vice-chairman of the board of directors), the principal officer and deputy principal officer of the organization (such as the executive director), the program manager or chief of party for the U.S. government-financed program, and any other person with significant responsibilities for administration of the relevant activities or resources. “Key personnel” are those individuals identified for approval as part of substantial involvement in a cooperative agreement whose positions are essential to the successful implementation of an award.
Selection of a successful grant applicant proceeds separately from vetting. For those awards that USAID has determined are subject to vetting, awards are given only to those applicants determined to be eligible after vetting is completed. While award recipients are not required to re-submit the Partner Information Form annually if no information has changed or expired, they must submit another form within 15 days of a change in key individuals, sub-recipients or contractors. USAID may vet any key individuals periodically during program implementation, using information already submitted.
USAID offers a type of direct vetting as an option for acquisition and assistance awards. At the option of the prime awardee, USAID will communicate directly with the potential sub-awardee solely for the purposes of vetting, including the transmittal of eligibility and ineligibility notices. However, the prime awardee remains responsible for verifying that the information provided by its sub-prime organizations to USAID is accurate and complete to the best of its knowledge.
If there is a “match” between information provided by an applicant and information contained in non-public databases or other sources, USAID will determine whether the match is valid or a false positive. If a match is valid, and any key individual is found ineligible, the organization is ineligible to receive an award. If this happens, the organization may submit a reconsideration request within seven days to USAID and may choose to remove and/or replace a key individual when reapplying. USAID must give a reason for denial of an award, with a reasonable amount of detail given the nature, source and sensitivity of the information. Within seven days of receiving a request for reconsideration, USAID will determine whether the applicant’s additional information merits a revised decision.
When an ineligible determination is made by USAID, the agency may consult with other U.S. government agencies and share terrorism information in order to update existing records. The agency states that individuals and organizations deemed ineligible will not be “blacklisted,” or barred, from seeking other U.S. grants or contracts. Organizations and individuals are vetted based on a specific contract or grant to be considered for an award and vetting rules do not prevent the organization from bidding on other solicitations. This appears to contradict the statement that information will be shared with other government agencies, who will then use it to update their databases.
In situations where humanitarian assistance is urgently needed, USAID does not intend to require pre-award vetting, so that delivery of aid can be made more quickly. The June 2015 final rule states that “USAID reserves the right to conduct post-award vetting in such situations,” adding that vetting would take place once the humanitarian situation has stabilized.
The Fiscal Year 2012 Appropriations Act requires a joint USAID/State report to Congress following completion of the pilot that evaluates the estimated timeline and criteria for evaluating PVS for expansion. Report language in the Omnibus Budget for FY 2017 contains language that would, prior to the completion of the evaluation and consultation with the Committees on Appropriations, prohibit USAID and State from implementing similar vetting systems outside the pilot countries unless required to respond to existing security threats. The report language also requires State and USAID to ensure that all individuals vetted through the pilot are able to obtain information on how data is used by the U.S. government. The report following completion of the pilot must include recommendations for standardizing and streamlining vetting processes; consideration of exemptions for humanitarian and democracy assistance; analysis of privacy and data protection concerns, a description of consultations with governmental and nongovernmental stakeholders affected by the pilot program; and responses to concerns raised during these consultations.
Numerous NGOs oppose the PVS pilot and have recommended that the Department of State and USAID consider alternative approaches to vetting its partners.
Is PVS a Solution in Search of a Problem?
Many NGOs who filed comments on the proposed pilot program noted that there is no evidence that USAID funds have been diverted to terrorist organizations through NGOs. Many aid groups describe PVS “as a solution in search of a problem.” In fact, the USAID Office of the Inspector General has reported that it “did not identify any instances where terrorist organizations received USAID funds" [p. 18] when exercising its oversight of programs in USAID's sensitive West Bank/Gaza portfolio for 2006 and 2007. Nor has it reported finding such diversions elsewhere.
Before proposing PVS, USAID had already taken action to prevent diversion of its funds to terrorists. In March 2002, it began including a clause in grant agreements reminding grant applicants of the prohibition on transactions with terrorist organizations in Executive Order 13224. This bars transactions with organizations on a list of Specially Designated Global Terrorists (SDGT) published by the Department of the Treasury's Office of Foreign Assets Control (OFAC). In December 2002, USAID began requiring all grantees to certify that funds do not assist terrorist activity, and in November 2005, it issued a bulletin reminding USAID officers of their responsibility to check the SDGT list during the grant award process. When introducing the PVS pilot, USAID now said that these procedures are insufficient, and that “merely checking names against the OFAC master list and requiring self-certification may not constitute adequate due diligence in certain situations.”
Intelligence Gathering and Aid Worker Safety
Perhaps the biggest concern surrounding PVS is that NGOs will be perceived as intelligence arms of the U.S. government, increasing the security risk for partner employees and violating the neutrality of NGOs. As such, PVS can discourage international and local partners from working with U.S. NGOs and deter U.S. citizens and foreign nationals from working for U.S.-funded programs.
The perception that grantees are acting as agents of the U.S. government undermines the basic principles of neutrality and trust upon which NGOs rely to preserve the safety of their staff in dangerous regions or in politically sensitive environments, and could lead to retaliation against aid workers by terrorist organizations, militias and foreign governments. Rather than “enhancing” security, requiring NGOs to collect and submit personal information to the U.S. government increases the risk of violence against aid workers.
InterAction, the largest alliance of U.S.-based humanitarian and international development NGOs, has said that PVS “could lead communities to suspect complicity between intelligence and U.S. NGOs, inflame conspiracy theories, and shatter trust fostered between NOGs and local partners.”
In 2012, the U.S. State Department admitted there can be no guarantee that collecting this data will not create suspicion and hostility toward NGOs. “[State] cannot, of course, control the perceptions of other parties about U.S. government activities and must acknowledge the possibility of such a view; however, those organizations relying on U.S. government funding for their operations already face such suspicions among hostile parties.” This statement demonstrates a disturbing lack of understanding of the independent nature and, more often than not, dangerous working environment of NGOs by USAID. Elizabeth Ferris, a Senior Fellow at the Brookings Institution focusing on refugees and responses to humanitarian crises, says systems like PVS compromise the principles that have enabled NGOs to provide life-saving assistance to civilians in some of the world’s most dangerous places. “[T]hese principles have come under increasing threat as policy-makers try to use humanitarian assistance in support of the struggle against terrorists and insurgents,” she wrote on her blog. "Rather than aid being seen as a response by the U.S. population to suffering people in need,” Ferris said, “it [will be] increasingly seen as another tool of U.S. foreign policy."
Concerns with Government Lists
The ACLU's comments on PVS said these databases "raise serious due process concerns….in light of the fact that the lists are error-filled and unreliable, with many false positives, and there is no effective means for challenging the fact that one is on the list." ACLU research has uncovered numerous instances where people have been put into terrorism-related databases because of activities supporting human rights, the environment, peace and other causes.
The U.S. government maintains many lists and databases, all with different standards for listing people and how the information is intended to be used. A match could mean someone has a relative or neighbor suspected of associating with a terrorist organization or they have a similar name as someone else on the list. "There are numerous reports of cases of mistaken identity or 'false positives' on government watch lists...One of the better known terrorist watch list errors includes the listing of the alias of Anthony Romero (Antonio Romero), the executive director of the ACLU, on the OFAC listing in 2004," OMB Watch said.
Processing Delays and Undue Burden on Applicants
For years, NGOs have voiced concerns that State and USAID underestimate the bureaucratic red tape, increase in costs, and other burdens PVS will impose on their humanitarian and development activities around the world. Although USAID will not require pre-award vetting of urgent humanitarian assistance, it has yet to offer details on how a determination of urgency will be determined. PVS also will discourage small NGOs from applying for grants because they lack the necessary staff and resources to comply.
Save the Children, a prominent international charity, says that the costs of PVS are merely financial. “Legal, reputational and administrative burdens associated with processing personal information of individuals…are significant and are often not covered as an allowable grant expense.” Complicating it further, Save the Children says PVS will require NGOs to institute potentially discriminatory practices against foreign individual and partners:
“For example: if Save the Children is required to provide the personal information of a Belgian citizen heading up a local non-profit partner to the U.S. government for its non-public databasing, Save the Children will need to obtain consent from that individual to waive the privacy protections afforded to them under the Belgian personal information privacy statutes. Given that individual may choose not to waive their privacy protections, Save the Children may be required to decline making the award to the organization. The legal and reputational implications for U.S. NGOs working with individuals and organizations protected by varying legal framework (e.g. the European Union Data Directive) cannot be understated. U.S. NGOs are faced with a choice of intolerable options: (i) disclose to potential employees and/or grant recipients that personal information is being transferred to the U.S. government for non-public databasing to obtain consent and risk losing otherwise qualified partners and candidates; or (II) contravene foreign privacy laws to satisfy USAID”s vetting requirements.”
Lack of Specifics on PVS Procedures
Despite promises made by USAID and the State Department to provide information regarding “methodology and assumptions” used in the pilot, little if any such information as been made available. While the handout and information sheet from the September 2011 briefing provides some clarification, too many issues, procedures and definitions have yet to be determined. For example:
- How does USAID define a "threat to national security"?
- What is "derogatory information"?
- Will USAID have deadlines for completion of its vetting process?
- Has USAID considered alternative vetting strategies?
Better Approaches to Vetting
The NGO sector has pooled its expertise on numerous occasions to develop standards and programs that protect the integrity of their operations. In addition to careful planning and implementation practices, and thorough documentation of financial transactions, a principle shared among these approaches is an emphasis on strong ties and relationships in the communities where programs operate.
For grantmakers, it is called “Know Your Grantee.” For operating charities the same principle applies. Frequent site visits, research on the local community and maintenance of long term relationships with key local contacts provide in-depth knowledge about the people running local organizations and their place in the community. As Evan Elliott of InterAction stated at a March 2009 panel, “It’s almost silly to think that an FBI analyst here in the United States, sitting at a computer looking at a list, is going to be more effective in screening a potential employee than an NGO would be that has years of experience working in a particular community.”
The following are some of the many guidelines and best practice standards developed by charitable and philanthropic organizations. They reflect due diligence practices that protect charitable assets to be used solely for charitable purposes: The International Red Cross and Red Crescent Movement’s Principles of Conduct in Disaster Response Programmes; The Sphere Project’s Handbook, 2011 Edition; Principles of International Charity, published by the Treasury Guidelines Working Group in March 2005; InterAction’s Private Voluntary Organization (PVO); Muslim Advocates’ Accreditation Program; and Transparency International's Preventing Corruption in Humanitarian Operations Handbook of Good Practices.
Ethical principles are also brought to bear on operations. For example, the International Committee of the Red Cross Code of Conduct requires that “the humanitarian imperative comes first” and bans discrimination in aid eligibility determinations. The Do No Harm Handbook provides methods for avoiding negative impact for assistance programs in conflict areas. It recognizes that “assistance is often used and misused by people in conflicts to pursue political and military advantage,” and offers tools to understand how this occurs and prevent it.
The Partner Vetting System, as conceived and designed by the Department of State USAID, is built on flawed assumptions about how effective vetting is conducted. The agencies have pursued a strategy that relies on secret governed databases rather than on-the-ground experience and personal relationships developed over time. It fails to take advantage of the experience and expertise of the NGO sector. The narrow focus on intelligence databases fails to consider how USAID resources are actually used. Finally, it ignores the universal warnings from the NGO sector that data gathering for PVS will create a perception that NGOs are arms of the U.S. government. This creates safety hazards for aid workers and undermines program effectiveness.
U.S. nonprofits strongly support smart and effective due diligence and vetting procedures to make sure their assets are used exclusively for charitable purposes, and are not diverted to terrorism or any other illegal use. To make this happen, USAID must engage in good faith collaboration with the NGO sector to develop a vetting system that is effective and workable.