Last month, Kate Grayson provided us with a good descriptive analysis of the problems faced by public sector agencies that rely on the Australian Government Security Vetting Agency (AGSVA) to process applications for Top Secret Positive Vetting (TS(PV)) clearances. I’m a big supporter of Kate’s perspective that ‘the long delays in security vetting for some of our key intelligence agencies are clearly unacceptable’. I also think that Michael L’Estrange and Stephen Merchant were on the money in the 2017 Independent Intelligence Review when they recommended that ‘ASIO receive additional resourcing to allow it to second staff to AGSVA as soon as possible’ and that ‘the situation with AGSVA TS(PV) clearances be reviewed in early 2018 to allow time for the current remediation program to have effect’.
Nevertheless, I would argue that Kate’s recommendation to ‘reinstitute the model of individual entities managing their own security vetting based on Australian government policy requirements’ will worsen, rather than remediate, the problem. Decentralisation will do little more than permit contracted vetting service providers to increase the per unit price (which has already risen by 35% in six years—see here and here) of clearances by creating a competitive market with limited suppliers.
To find policy options to address this issue, it’s worth considering the historical and economic factors that have shaped today’s challenges. The backlog has its origins in a series of events starting in the late 1990s from which Australia’s TS(PV) clearance providers have never been unable to recover.
Until the late 1990s, Australia had a rather modest number of public servants and Australian Defence Force personnel with TS(PV) clearances: for the most part those serving in the intelligence community. During that period, processing of TS(PV) applications was generally completed within six months of submission.
In 1999, it was discovered that former Defence Intelligence Organisation (DIO) staff member Jean-Philippe Wispelaere had managed to steal 1,382 classified documents. Then, in 2001, DIO analyst Simon Lappas provided classified documents to a Canberra-based prostitute to sell to a foreign government. Shortly after those incidents, Australia’s TS(PV) process was drastically strengthened with regard to initial clearance and ongoing monitoring of personnel. With precious additional funding, the processing time slowed down markedly under the weight of a major review of all current clearances. By the end of 2002, the average wait time for a TS(PV) clearance had increased to 12 months.
With the September 11 terror attacks, the need for the global exchange of nationally classified intelligence increased dramatically. The 16-year war on terror has increased the numbers of intelligence staff who need security clearances (in 2013–14, more than 33,000 clearances were granted, compared with 15,000 ten years before). At the same time, the number of non-intelligence agency staff with a need to access classified information has grown even more rapidly. That created a second balloon impact on the waiting time for TS(PV) clearances, which is still being felt today.
Following Edward Snowden’s extensive unauthorised disclosure of US classified material in 2013, the TS(PV) environment changed again. In an effort to remediate the vulnerabilities exposed by Snowden, the number of Australians requiring TS(PV) clearances rose dramatically. Furthermore, the requirements for TS(PV) clearances were tightened to align with the minimum standard that our allies would recognise.
The Gillard government established AGSVA within the Department of Defence in October 2010 as a remediation measure. There should be no doubt that over time AGSVA has improved the consistency of vetting practices. Nevertheless, the government of the day’s expectation that ‘centralised vetting would: result in a more efficient vetting process; … and deliver $5.3 million in annual cost savings’ was simply naive when vetting numbers and standards were in a period of rapid change. In a matter of months in 2015, the number of active TS(PV) cases managed by AGSVA jumped by 29%.
The government’s assumption was flawed from the start:
- The initial AGSVA concept didn’t appear to take into account the changes in US policy on security clearance requirements for access to allied information systems.
- AGSVA wasn’t given enough qualified vetting staff to provide remediation or surge capacity to address the existing backlog of clearance applications. In its first three years of operation, AGSVA was forced to increase staff numbers by 23%.
- While AGSVA could do many things, it wasn’t able to remediate the delays caused by incomplete applications or ASIO background checks. One of the most critical, and yet under-resourced, components of the vetting processes involves ASIO staff checking their intelligence holdings for adverse findings against applicants.
The security clearance process relies on having enough appropriately skilled and experienced vetting staff. Even with the centralisation of the Commonwealth’s vetting staff and contractors, there still isn’t sufficient capability to meet the market’s demand for TS(PV).
While I can understand the attraction of a decentralised approach, it’s unlikely to resolve the Commonwealth’s TS(PV) problems, but it will increase costs and imperil the consistency of the clearance system.
The Turnbull government should focus its efforts on providing sufficient resources to key agencies with responsibility for our national security vetting framework, including AGSVA and ASIO. It should also investigate the development of incentives for increasing the number of appropriately qualified vetting staff.