NAFA member, Scott McCreary, Vice President at McAfee & Taft, shares the GAO Report.
Today the U.S Government Accountability Office issued its long awaited report regarding the audit of the FAA Aircraft Registry. The report, titled "Aviation: FAA Needs to Better Prevent, Detect, and Respond to Fraud and Abuse Risks in Aircraft Registration" and can be found at www.gao.gov/products/GAO-20-164. The audit was extensive and ultimately provides the following recommendations:
- The Administrator of FAA should conduct and document a risk assessment that considers inherent and residual fraud and abuse risks that may enable criminal, national security, or safety risks. (Recommendation 1)
- The Administrator of FAA should determine impact, likelihood, and risk tolerance as part of a risk assessment. (Recommendation 2)
- The Administrator of FAA should develop a strategy that outlines specific actions to address analyzed risks, including periodic assessments to evaluate continuing effectiveness of the risk response. (Recommendation 3)
- The Administrator of FAA should collect and record information on individual registrants, initially including name, address, date of birth, and driver's license or pilot's license, or both, with subsequent PII elements informed by the risk assessment, once completed. (Recommendation 4)
- The Administrator of FAA should collect and record information on legal entities not traded publicly—on each individual and entity that owns more than 25 percent of the aircraft; for individuals: name, date of birth, physical address, and driver's license or pilot's license, or both; and for entities: name, physical address, state of residence, and taxpayer identification number. (Recommendation 5)
- The Administrator of FAA should verify aircraft registration applicants' and dealers' eligibility and information. (Recommendation 6)
- The Administrator of FAA should increase aircraft registration and dealer fees to ensure the fees are sufficient to cover the costs of FAA efforts to collect and verify applicant information while keeping pace with inflation. (Recommendation 7)
- The Administrator of FAA should ensure, as part of aircraft registry IT modernization, that information currently collected in ancillary files or in PDF format on (1) owners and related individuals and entities with potentially significant responsibilities for aircraft ownership (e.g., beneficial owners, trustors, trustees, beneficiaries, stockholders, directors, and managers) and (2) declarations of international operations is recorded in an electronic format that facilitates data analytics by FAA and its stakeholders. (Recommendation 8)
- The Administrator of FAA should link information on owners and related individuals and entities with significant responsibilities for aircraft ownership through a common identifier. (Recommendation 9)
- The Administrator of FAA should, as part of IT modernization, develop an approach to check OFAC sanctions data on owners and related individuals and entities with potentially significant responsibilities for aircraft ownership for coordination with OFAC and to flag sanctioned individuals and entities across aircraft registration and dealer systems. (Recommendation 10)
- The Administrator of FAA should use data collected as part of IT modernization as well as current data sources to identify and analyze patterns of activity indicative of fraud or abuse, based on information from declarations of international operations, postal addresses, sanctions listings, and other sources, and information on dealers, noncitizen corporations, and individuals and entities with significant responsibilities for aircraft ownership. (Recommendation 11)
- The Administrator of FAA should develop and implement risk-based mitigation actions to address potential fraud and abuse identified through data analyses. (Recommendation 12)
- The Administrator of FAA should develop mechanisms, including regulations if necessary, for dealer suspension and revocation. (Recommendation 13)
- The Administrator of FAA, in coordination with relevant law-enforcement agencies, should enhance coordination within the Aircraft Registry Task Force through collaborative mechanisms such as written agreements and use of liaison positions. (Recommendation 14)
- The Administrator of FAA, in coordination with relevant law-enforcement agencies, should develop a mechanism to provide declarations of international operations for law-enforcement purposes. (Recommendation 15)
If implemented, these changes will clearly affect many individuals and companies that own and operate aircraft. The lawyers in the McAfee & Taft Aviation Group will continue to provide updates as the industry digests this information.
This article was originally published by McAfee & Taft on March 25, 2020.