Plus ça change, plus c’est la même chose. Last night, CBS News nat-sec reporter Catherine Herridge highlighted the results of an Inspector General audit of the FBI’s attempts to improve its track record on identifying and following up on home-grown violent extremists (HVEs). After deadly attacks involving these so-called “known wolves,” the FBI kept finding deficiencies. And despite their efforts to fix them, they still have yet to correct these issues — and as many as 40% of potential threats remained under-investigated as a result until an auditor flagged the problem yet again:

BREAKING: IG report finds HVEs (Homegrown Violent Extremists) carried out 20+ attacks (since 9/11) in US, “some of which occurred after the FBI closed a counterterrorism investigation..FBI has not taken sufficient action to address weaknesses” @CBSNews https://t.co/0zNzEHTZSm

— Catherine Herridge (@CBS_Herridge) March 4, 2020

DEVELOPING: New IG report “…we found at least six attacks committed in the United States by individuals who the FBI had previously assessed or investigated…” including 2009 Fort Hood, 2013 Boston Marathon bombing, 2016 Pulse Nightclub READ: https://t.co/0zNzEHTZSm @CBSNews pic.twitter.com/msBeTbZxEp

— Catherine Herridge (@CBS_Herridge) March 4, 2020

Following attacks conducted by individuals previously assessed or investigated by the FBI, such as Nidal Hasan, Omar Mateen, and Ahmad Rahami, the FBI conducted reviews to identify weaknesses and areas for improvement in the FBI’s process for assessing potential HVEs. The reviews identified shortcomings and necessary improvements to the FBI’s assessment process, but we found that the FBI had not taken all appropriate actions to ensure that improvements and actions were implemented. For instance, the FBI issued a September 2015 policy that required field offices to conduct specific database checks and interview identified subjects of counterterrorism assessments done within the Guardian system, which is the FBI’s analytical and operational database that tracks and manages threats. However, in subsequent reviews, the FBI found that field offices had not complied with these requirements. In 2016, the FBI issued an internal report on the Guardian assessment process that contained recommendations and best practices but did not ensure that headquarters and field offices implemented them. As a result, FBI field offices continued to conduct assessments that did not meet FBI requirements or standards.

Grreeeaaaaaat. If you need a closer look at that graphic, here it is:

Yes, the FBI had all of these on their radar screen at one point or another prior to their attacks, but had not done sufficient follow-up to ensure that they weren’t a risk. That’s not just an off-the-cuff guess either, but the FBI’s own analysis of these cases. After each of these incidents, including the Santiago attack in January 2017, the FBI promised to re-evaluate and revamp its HVE processes and resources to prevent any repeats of those gaps and failures:

Following most of these attacks, the FBI conducted or requested various retrospective reviews to identify and assess its procedures and actions associated with its prior involvement with the subjects. While the results of these reviews varied, some of the conclusions and recommendations in these reports focused on the need for the FBI to update and improve its process for assessing counterterrorism threats and suspicious activities in the FBI’s Guardian system.

How well did these reviews and revamps work out? Not well, not even after the Ft. Lauderdale attack. In a point highlighted in a quote box on page 14 of the report, the IG found, “Nearly 40 percent of flagged Guardian assessments remained unaddressed for 18 months,” emphasis mine. From the executive summary, we also learn that some of these turned out to be real threats:

In 2017, the FBI undertook an internal review of all counterterrorism assessments closed between calendar year (CY) 2014 and CY 2016 to identify potential terrorist threats that the FBI may not have mitigated because of missed investigative actions. The FBI identified more than [redacted] assessments (or 6 percent) that required additional investigative steps. However, because the FBI did not effectively oversee and manage this review, over [redacted] closed assessments (or nearly 40 percent) identified as requiring additional investigative action were not addressed for 18 months, some of which have since resulted in the FBI opening preliminary or full counterterrorism investigations.

The conclusion hardly builds confidence in the FBI’s performance nearly two decades after 9/11, let alone the string of attacks mentioned in this report:

In addition, some FBI field offices may not be fully aware of the investigative tools and techniques that can be used to thoroughly investigate counterterrorism assessment subjects given the inconsistent application of such techniques throughout the FBI. Further, the FBI has not developed a comprehensive strategy for addressing emerging challenges in mitigating potential cross-cutting threats from subjects with mental illnesses or those involving criminal, non-terrorist threats to life.

That would be bad enough had this been the first IG or internal audit to discover this deficiency. However, the FBI has repeatedly reached these same conclusions, repeatedly promised to fix it, and apparently keep failing to do so.

The perhaps-too-easy conclusion to draw here would be that the FBI has been more focused on poking around political campaigns than on fixing its problems regarding actual acute threats to Americans. Had the FBI not embarrassed itself so badly in Operation Crossfire Hurricane, however, this still would be embarrassing enough.