SUPPORTING STATEMENT FOR
PAPERWORK REDUCTION ACT SUBMISSION

Risk Analysis Information

OMB Number 1405- 0204
DS-4184

A. JUSTIFICATION

1. The Risk Analysis Information form (DS-4184) is a supplementary form for security screening that is completed by organizations, entities or individuals applying for Department of State contracts, grants or other funding. Data collected includes the name, date and place of birth, gender, citizenship(s), U.S. passport or Social Security number if US citizen or Legal Permanent Resident, address, telephone and fax numbers, e-mail address, and current employer and job title of each of the “key personnel” of the organization. The information is entered into government and public databases for screening to mitigate the risk that funds awarded by the Department of State might benefit entities or individuals deemed to be a risk to national security. The statutes and regulations authorizing the collection of information are: 18 U.S.C. 2339A, 2339B, 2339C; 22 U.S.C. 2151 et seq.; Executive Orders 13224, 13099 and 12947; Homeland Security Presidential Directive 6; and Department of State, Foreign Operations, and Related Programs Appropriations Act, 2016 (Div. K, P.L. 114-113).

2. Risk Analysis and Management (RAM) analysts use the information collected from commercial, public, and U.S. government databases to assess the risk that Department funds might benefit entities or individuals deemed to be a risk to national security. RAM will collect additional information from former civilian and military officials of the Syrian government to support the Department of State’s effort to avoid supporting public security actors who have committed human rights abuses while affiliated with the Syrian government.

3. The Department of State Risk Analysis Information form is completed by the organization, entity or individual and sent to RAM electronically via the secure portal, e-mail, fax or by paper via mail. It is estimated going forward, 98% will be submitted electronically via the Portal and 2% will be submitted via other means. The Department is aware of the concerns of members of the public that this data collection may be duplicative of data collected by other US government agencies. While it understands those concerns, and acknowledges that under many circumstances it is unavoidable due to the fact that access to proprietary data collected by other government agencies about their contractors and grantees is not available to the Department.

4. No other comprehensive vetting program currently exists to analyze the risk that DOS funds awarded in contracts or other funding might benefit entities or individuals deemed to be a risk to national security. The information provided by the respondent on the Risk Assessment Information form is not collected elsewhere in the Department. The Department may designate additional programs to assess and/or validate the effectiveness of risk analysis.

5. The collection of information does not impact small businesses or other small entities.

6. There currently is no other comprehensive vetting program in place to help mitigate the risk that Department funds might benefit entities or individuals that are deemed to be a risk to national security. The information collected is used to identify those who are a risk, and to mitigate the risk that Department funds might benefit entities or individuals deemed to be a risk to national security.

7. No special circumstances exist.

8. The Department of State has published a 60-day notice in the Federal Register on January 28, 2015 (80 FR 4618). The Department has published a 30-day notice in the Federal Register on April 23, 2015 (80 FR 9109). The Department subsequently published a 30-day notice in the Federal Register on August 3, 2015 (80 FR 9211). There was one comment. See attached addendum of responses to comments.

9. No payments or gifts are given to respondents.

10. The form includes a Privacy Act Statement explaining the routine uses of the information collected under the Act. Other than provisions for confidentiality in the Privacy Act, no assurances of confidentiality have been made to the respondent.

11. The form does not ask questions of a sensitive nature.

12. For the pilot program, we estimate 800 DS-4184 information forms will be completed in the first year. We also estimate that the average form will include information on five key personnel. The overall estimated time required to gather the necessary information, complete each form, and submit it, is 75 minutes. The estimated annual hour burden to the public is 1000 hours (800 responses X 75 minutes to complete each response, divided by 60 minutes). Estimates on the time associated with the Risk Assessment Information form (DS-4184) were acquired by asking a group of persons not involved in creating the form to complete it using fictitious information. Extra time was added for research that may have been required to collect the information.

The hour burden for the individual providing information via the DS-4184 is estimated at 75 minutes. Based on wage rates calculated by the US Department of Labor, Bureau of Labor Statistics for an Executive Assistant/Executive Secretary to enter the data, the estimated cost to the respondent at $41.94 an hour for 75 minutes, is $52.43 per submission.

13. There is no cost burden for the public associated with this form.

14. Cost of the form to Federal government:

Based on experience, the assumption is that 800 DS-4184 forms will be submitted annually.  We estimate that no more than 10% of the information forms will be submitted outside the RAM Portal.  If information is not submitted electronically, the Department pays a contractor to manually enter data from the DS-4184.  The estimate provided to the Department by the contractor includes cost for contractor labor, supplies, equipment, printing, materials, delivery, overhead, support staff, etc.  Estimating 80 respondents being submitted outside the system, the cost for a contractor to enter the data is calculated at the hourly rate of $40.91. Based on transaction time during the pilot, entering the data manually generally takes 15 minutes per name. (80 names x 15 minutes = 1200 minutes. 1200 minutes = 20 hours. 20 hours x the hourly rate of $40.91 = $818.20) The annual cost to the federal government would be $818.20.

Based on a 2014 study that measured performance including data entry, acceptance, review and evaluation of data, the total projected operating budget including labor, supplies, equipment, printing, materials, overhead, support staff, hardware, software, etc. is $3,400,000.

The total cost to the Federal Government is $818.20 + $3,400,000 = $3,400,818.20.

15. The numbers cited in this Supporting Statement have been revised to more accurately reflect the number of responses and burden hours in the initial stages of the pilot program and the expansion of the system to use a secure web based portal for electronic submissions. The decrease in responses from 6250 to 800 and the decrease in the hours from 7813 to 1000 reflect actual submissions and the implementation of our electronic portal.

16. Results of this collection will not be published.

17. The expiration date for OMB approval of the information collection will be displayed on the form.

18. The Department is not requesting any exceptions to the certification statement.

B. COLLECTION OF INFORMATION EMPLOYING STATISTICAL METHODS

This collection does not employ statistical methods.

30-Day Notice of Proposed Information Collection: Risk Analysis and Management (RAM),

OMB Control Number 1405–0204, Form Number DS-4184

Addendum

Responses to Public Comments

Public Comment: The single organization that provided comments to the 30-Day Notice stated that the data collection is contrary to Congressional direction.

Response: To mitigate the risk that assistance for Syria might benefit entities or individuals who present a national security risk, the Department of State has been conducting vetting with respect to assistance for Syria consistent with congressional guidance, including the requirement that the Secretary of State shall take all appropriate steps to ensure that mechanisms are in place for the adequate monitoring, oversight, and control of such assistance inside Syria. The collection of the additional information contemplated by this notice from former civilian and military officials of the Syrian government is intended to support the Department of State’s effort to avoid supporting public security actors who have committed human rights abuses while affiliated with the Syrian government.

Public Comment: The single organization that commented noted that the collection of information regarding individuals’ past human rights abuses is beyond the scope of the current law.

Response: The Department has the authority to provide foreign assistance under such terms and conditions as the President determines to be appropriate. Foreign assistance is provided in a manner that is consistent with U.S. foreign policy and national security interests. Given the sensitivities and the scope of the crisis in Syria, the Department believes it is prudent and consistent with these interests and applicable law to take steps to mitigate the risk that United States assistance could be used to support public security actors who have committed human rights abuses. The Department of State, Foreign Operations, and Related Programs Appropriations Act, 2015 (Div. J, P.L. 113-235) does not restrict the Department’s authority to conduct vetting activities, including human rights vetting.

Public Comment: The single organization that commented stated that the data collection is vague regarding the references to Syria in the revised version of the DS-4184.

Response: The references to “Syria” and the revised DS-4184 refer to work that relates to the provision of assistance in or for Syria. To address the discrepancy identified in the comment, the phrase “Work Performed in Syria Use Only” will be revised to state “Work Performed for Syria Use Only”. If further clarification is needed as the revised form is used by contractors and grantees in a particular situation, RAM staff is prepared to provide additional information/clarification as needed.

Public Comment: The single organization that commented voiced concern that its compliance with a U.S. government mandate to furnish personal information about its “key individuals” for use in checking classified databases would create the impression abroad that they were collecting intelligence for the U.S. government. The organization believed that this impression would increase the danger under which they operated overseas, and also felt that it undermined the trust they had earned abroad and which was essential to their operations. Finally, the organization commented that the proposed collection will cause foreign organizations they count upon for their operations abroad to decline to work with or for them.

Response: The Department notes that this comment concerns the data collected for the RAM program in general, and is not specifically applicable to the collection of the additional information from former civilian and military officials of the current Syrian government contemplated by this notice. The additional data sought in this change is intended to support the Department of State’s effort to avoid supporting public security actors who have committed human rights abuses while affiliated with the Syrian government.

Public Comment: The single organization that commented stated that the data collection underestimates the time burden placed on respondents. The organization also stated that there was no information provided on how this estimate was derived and suggested that the Department could not have any degree of confidence in this estimate.

Response: We are estimating the burden based on our best knowledge of Department programs. We know how many contracts and grants were let in a recent year and how many would potentially involve public security actors, and can reasonably make the estimates described above based on prior experience. We appreciate comments from participating organizations on what their burden actually was or is.

Public Comment: The single organization that commented voiced concern about the efficacy of the Terrorist Screening Database (TSDB) and that the Department of State uses that database as its primary source of information for identifying terrorists.

Response: The Department of State RAM vetting office uses commercial, public, and U.S. government databases for vetting. The classified holdings of the U.S. government will be used along with other information available to mitigate the risk that United States assistance could be provided to former civilian and military officials of the Syrian government who have committed human rights abuses. The Department decides which databases for human rights vetting to use based on its best judgment about the efficacy of those databases for such a purpose.