Five of the Six Postsecondary Educational Institutions We Visited Had Errors in Their Reported Crime Statistics
Of the six postsecondary educational institutions (institutions) we visited, only Fresno City College (Fresno) fully complied with the requirements of the federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act) for reporting crime statistics.8 Five of the six institutions reported statistics that were inaccurate to varying degrees, including one institution that failed to report a crime. The six institutions we visited were Fresno; San Francisco State University (San Francisco); Shasta College (Shasta); Stanford University (Stanford); University of California, San Diego (San Diego); and University of Redlands (Redlands).
The Clery Act requires institutions to include statistics related to certain types of crimes that occur in certain types of locations in their annual security reports. We refer to these as Clery Act crimes in this report. Table 1 shows the Clery Act crimes that the six institutions reported for 2013, the latest year included in their 2014 annual security reports. For the number of Clery Act crimes these six institutions reported for 2011 and 2012, see Appendix B. To determine whether they reported Clery Act crimes accurately, we tested the information on 15 to 30 of the Clery Act crimes each institution reported for 2013.9 To determine whether the institutions failed to report crimes that they should have reported, we reviewed 13 to 25 additional crimes that occurred at each institution.
Our review found that five of the six institutions reported some inaccurate crime statistics. As shown in Table 2, we found a total of 13 reporting errors, including one Clery Act crime that an institution did not report, five crimes that institutions incorrectly reported as Clery Act crimes (overreporting), and seven crimes that institutions reported incorrectly (misreporting). Fresno was the only institution we visited that reported accurate crime statistics for the selection of crimes we reviewed. When institutions inaccurately report crime statistics, interested parties, such as prospective students and parents, could draw incorrect conclusions about safety on campus.
|Postsecondary Educational Institution (Institution)|
|Fresno City College||San Francisco State University||Shasta College (Shasta)*||Stanford University||University of California, San Diego||University of Redlands|
|Federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act) Criminal Offenses†|
|Motor vehicle theft||26||26||1||19||27||7|
|Murder and nonnegligent manslaughter||0||0||0||0||0||0|
|Sex offenses, forcible||2||5||7||26||20||3|
|Sex offenses, nonforcible||0||0||1||0||0||0|
|Clery Act Arrests|
|Drug abuse arrests||15||8||39||9||46||0|
|Liquor law arrests||4||27||0||89||67||0|
|Weapons law arrests||3||5||11||4||7||2|
|Clery Act Disciplinary Actions|
|Drug abuse disciplinary actions||3||9||15||0||406||114|
|Liquor law disciplinary actions||3||170||16||7||1,707||315|
|Weapons law disciplinary actions||0||0||4||0||3||8|
Sources: Crime statistics reported in the 2014 annual security reports for each institution and the California Community Colleges Chancellor’s Office’s annual 2013–14 student count, the California State University’s fall 2013 enrollment, Stanford University’s October 2013 enrollment, the University of California’s fall 2013 enrollment data, and University of Redlands’ fall 2013 enrollment.
Note: The crime statistics shown do not reflect any adjustments for the errors we found in our testing of 2013 crime statistics.
* Shasta’s director of campus safety stated that Shasta performed a review of the 2013 crime statistics it reported to the U.S. Department of Education’s Office of Postsecondary Education (OPE) in October 2014 and corrected some inaccuracies. However, Shasta’s review was not finalized and submitted to OPE until April 2015, which was after our file review; therefore, we did not verify the accuracy of the revised crime statistics. In addition, Shasta reported two hate crimes for 2013. It reported these crimes separately from the statistics reflected above. No other institutions reported hate crimes for 2013.
† The crime categories and crime statistics presented under Clery Act criminal offenses differ from those in Appendix B because we used the amounts from the respective institutions’ annual security reports in this table and crime statistics from the OPE website for Appendix B. We used different sources because institutions were only required to report information on incidents of dating violence, domestic violence, sexual assault—which is reported under forcible sex offenses—and stalking beginning with their 2014 annual security reports and we were able to include those statistics for 2013 in this table. However, we present three years of data in Appendix B and, in an effort to ensure comparability across all three years in the Clery Act criminal offenses shown in Appendix B, we used data from the OPE website.
|Postsecondary Educational Institution (Institution)|
|Fresno City College||San Francisco State University||Shasta College (shasta)*||Stanford University||University of California, San Diego||University of Redlands||Totals|
|Total federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act) crimes reported for 2013||92||278||173||273||2,369||477||3,662|
|Total Number of Crimes Tested†||29||32||32||55||45||32||225|
|Total Reporting Errors We Identified||0||5||1||2||4||1||13|
Clery Act crimes not reported to the Office of Postsecondary Education (OPE)
|Criminal act was a Clery Act crime||0||1||0||0||0||0||1|
Crimes erroneously reported as Clery Act crimes
|Criminal act was not a Clery Act crime||0||1||1||0||0||0||2|
|Crime did not occur in a Clery Act location||0||0||0||0||0||0||0|
|Crime erroneously reported multiple times||0||0||0||1||1||1||3|
Clery Act crimes reported incorrectly
|Crime reported as the wrong type of Clery Act crime‡||0||0||0||0||0||0||0|
|Location reported as the wrong type of Clery Act location||0||3||0||1||3||0||7|
Source: California State Auditor’s analysis of Clery Act crime statistics the six institutions reported for 2013.
* As noted in our Audit Results, Shasta’s director of campus safety explained that Shasta began conducting an internal review of its 2013 crime statistics in October 2014, which resulted in it reducing the number of on‑campus Clery Act crimes it reported by nine and increasing the number of on‑campus Clery Act arrests it reported by two. Shasta resubmitted the revised statistics to OPE in April 2015. Of the 11 Clery Act crimes that Shasta revised, eight were included in our selection that we initially identified as errors; however, because these crimes were identified by Shasta as errors before our review, and corrected accordingly, we do not present them as errors in this table.
† To determine if the institutions reported Clery Act crimes accurately, we tested the information on 15 to 30 of the Clery Act crimes each institution reported for 2013. To determine if the institutions failed to report crimes that they should have reported, we reviewed 13 to 25 additional crimes at each institution.
‡ We found some inaccurate statistics related to the reporting of domestic violence, dating violence, sexual assault, and stalking crimes. However, the institutions were only required to make a “good faith effort” to accurately report such crimes during our audit review period; thus, these inaccurate statistics are not reflected in this table as errors.
Federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act Locations
Campus: Any building or property owned or controlled by an postsecondary educational institution (institution) within the same reasonably contiguous geographic area and used in direct support of, or in a manner related to, the institution’s educational purposes, including residence halls; and any building or property that is within or reasonably contiguous to these areas, that is owned by the institution but controlled by another person, is frequently used by student, and supports institutional purposes (such as food or other retail vendor).
Noncampus building or property: Any building or property owned or controlled by a student organization that is officially recognized by the institution, or any building or property owned by the institution that is used in direct support of, or in relation to, the institution’s educational purposes, is frequently used by students, and is not within the same reasonably contiguous geographic area of the institution.
Public property: All public property, including thoroughfares, streets, sidewalks, and parking facilities, that is within the campus or immediately adjacent to and accessible from the campus.
Source: Code of Federal Regulations, Title 34, Section 668.46 (a).
As shown in Table 2, more than half of the errors we noted involved the institutions misreporting crimes by inaccurately reporting the location in which the Clery Act crime occurred. The Clery Act requires institutions to disclose statistics for crimes based on where those crimes occur. As shown in the text box, the Clery Act requires institutions to report crimes that happen on campus, in or on certain noncampus buildings or property, and on certain public property. Figure 2 shows an example of the areas that the U.S. Department of Education’s (U.S. DOE) Office of Postsecondary Education (OPE) considers to be public property for reporting purposes under the Clery Act.
San Diego, San Francisco, and Stanford misreported the locations of some of their Clery Act crimes. Specifically, all three institutions misreported at least one crime as happening in an on‑campus residential location when the crime should have been reported as happening at another location. San Francisco incorrectly reported a robbery as happening at an on‑campus residential location even though the crime happened on public property. Similarly, San Diego incorrectly reported a burglary as happening at an on‑campus residential location when the burglary occurred in an academic building. Finally, Stanford incorrectly reported a stalking incident as happening at an on‑campus residential location; however, the incident occurred in an academic building. All three institutions acknowledged that these incidents were inadvertently misreported. Although the institutions correctly identified these crimes as Clery Act crimes, they did not provide consumers accurate information about where the crimes occurred.
Federal Crime Statistic Reporting Definitions of Theft and Burglary
Burglary is reportable under the federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act) and is the unlawful entry of a structure to commit a felony or a theft.
Theft is not reportable under the Clery Act and is the unlawful taking, carrying, leading, or riding away of property from the possession or constructive possession of another.
Source: Federal Bureau of Investigation’s Uniform Crime Reporting Handbook, 2004.
In addition, as shown in Table 2, some of the errors we noted involved institutions overreporting crimes. For example, two thefts were misreported as burglaries, and the Clery Act requires institutions to report the latter but not the former. Specifically, we found that San Francisco reported an incident as a burglary that did not involve unlawful entry, and Shasta reported an incident as a burglary that did not occur in a structure. Thefts and burglaries for Clery Act purposes are defined in the text box. The errors concerning burglaries occurred because the institutions did not carefully follow the guidance concerning these crimes in the OPE’s The Handbook for Campus Safety and Security Reporting (OPE handbook) and the Federal Bureau of Investigation’s Uniform Crime Reporting Handbook. According to the OPE handbook, an incident must meet three conditions to be classified as a burglary: There must be evidence that a person committed unlawful entry, meaning that he or she did not have the right to be at the location at the time the incident occurred; the person must have committed the unlawful entry within a structure; and the person must have committed the unlawful entry with the intent to commit a felony or theft. If only two of these conditions are present in a crime, the incident does not meet the Clery Act definition of burglary and in most cases would be correctly classified as a theft.
Example of Public Property for Which Postsecondary Educational Institutions Must Report the Federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act Crime Statistics
Source: Adapted from The Handbook for Campus Safety and Security Reporting, issued by the U.S. Department of Education’s Office of Postsecondary Education (2011 edition).
The incidents that San Francisco and Shasta reported did not meet all three conditions to be classified as burglaries under the Clery Act, so these crimes should not have been reported as Clery Act crimes. The interim chief of police at San Francisco stated that the incident was classified as a burglary because of the person’s intent to commit theft and acknowledged that because the crime did not include unlawful entry, it should not have been classified as a burglary under the Clery Act. The director of campus safety at Shasta indicated that he based his decision to categorize the incident as a burglary on state law rather than the Clery Act. Regardless of whether this incident was a burglary under California law, institutions must follow federal definitions to comply with the Clery Act, not those contained in state law.
In addition, we found two robberies that were incorrectly reported, leading to an overreporting of crimes. Specifically, San Diego reported a single robbery involving three victims as three robberies. According to the OPE handbook, in any instances of robbery, institutions are to report one offense for each distinct incident. Institutions should not report a robbery with multiple victims as multiple robberies, as this leads to overreporting. San Diego had become aware of this error before we conducted our review, and we note that it plans to correct this statistic for its 2015 annual security report. Additionally, Redlands reported that a robbery and an aggravated assault occurred when the victim involved in the crime was assaulted and robbed of property. According to the hierarchy rule described in the Federal Bureau of Investigation’s Uniform Crime Reporting Handbook, institutions must report only the most serious offense when more than one offense is committed during a single incident. Thus, for this crime, under the hierarchy rule, Redlands should have reported only the more serious offense of robbery, which the institution acknowledged. By reporting both offenses, Redlands overreported the number of aggravated assaults that occurred in 2013. The director of the department of public safety at Redlands indicated that the institution plans to correct these statistics in its October 2015 report.
In addition, although not appearing in Table 2 because they were not yet required to be reported, we found that two institutions inaccurately reported crimes as domestic violence crimes. The Violence Against Women Reauthorization Act of 2013 (Reauthorization Act) requires institutions to report incidents of domestic violence, dating violence, and stalking. Although the U.S. DOE issued guidance in July 2014 describing these crimes, during our review period the institutions were required only to make a good faith effort to accurately report statistics for incidents of domestic violence, dating violence, and stalking. We found that in the instances where the two institutions inaccurately reported crimes as domestic violence that should have been reported as other types of crimes, they appeared to have made a good faith effort to report these crimes, and thus we did not include these instances as errors in Table 2. However, as of July 1, 2015, the institutions are required to report accurate Clery Act statistics for these crimes, and thus they should ensure that they clearly understand domestic violence, dating violence, and stalking crimes as legally defined.
Although the institutions stated that they take steps to review the accuracy of the crime statistics before submitting them to OPE, most still had errors in their crime reporting. All six institutions informed us that they have a review process to ensure that Clery Act crime statistics are accurately reported to OPE. For example, Stanford explained that it has a Clery Act compliance team that conducts a monthly review to ensure that cases have been properly classified and that the statistics are accurate. However, all institutions we reviewed, with the exception of Fresno, still reported at least one crime incorrectly, suggesting that their reviews could be improved. Fresno stated that it uses a case management system as well as a crime statistics spreadsheet that it reconciles against each other and, in doing so, verifies that the cases are reportable under the Clery Act and the statistics are accurate. Fresno explained that it then forwards the statistics to the institution’s police lieutenant for his final approval before they are submitted to OPE. Shasta’s director of campus safety explained that the campus began conducting an internal review of its 2013 crime statistics in October 2014 and identified errors that resulted in Shasta reducing the number of on‑campus Clery Act crimes it reported by nine and increasing the number of on‑campus Clery Act arrests it reported by two. The institution resubmitted the revised statistics to OPE in April 2015 when the U.S. DOE first allowed corrections. Nevertheless, the fact that these corrections occurred roughly six months after the initial submission to OPE could have resulted in prospective students, their families, and potential employees making misinformed decisions about where to study or work.10
Institutions could increase their compliance with the Clery Act by establishing and following written procedures to ensure that they thoroughly review the accuracy of the crime statistics included in their annual security reports before submitting them to OPE. Officials from each of the six institutions we reviewed explained that their respective institutions perform some review of their crime statistics to ensure that they are accurate and complete. However, at the time of our review, only one of the six institutions—Stanford—had established written procedures that clearly describe the steps of its review process. The remaining five institutions did not. After we notified the institutions of this shortcoming, Redlands established a written policy that describes its review procedures for reporting Clery Act crime statistics. Without written procedures that clearly describe the steps their review process entails, institutions lack assurance that they are reviewing their crime statistics adequately and consistently from year to year.
Five of the Six Institutions Failed to Include All Necessary Security Policy Disclosures in Their Annual Security Reports
Of the six institutions we visited, only Stanford fully disclosed all of the information that the Clery Act and federal regulations require in its 2014 annual security report. We identified 46 federally mandated disclosures covering a wide range of topics and specific security policies that the Clery Act and federal regulations require be included in an annual security report. For example, the report must include policies for assisting students who report sexual assaults and for assisting individuals who report that a student is missing. As shown in Table 3, Stanford had no missing or incomplete disclosures, while San Francisco had the most with 12. Table C in Appendix C lists the disclosure requirements and indicates whether the institutions we visited fulfilled them.
|Postsecondary Educational Institution (Institution)||Quantity|
|Fresno City College||6|
|San Francisco State University||12|
|University of California, San Diego||1|
|University of Redlands||6|
Source: California State Auditor’s analysis of the institutions’ 2014 annual security reports.
Note: We identified 46 total disclosures that federal laws and regulations require in the annual security reports.
Policy statements related to the Reauthorization Act were the most frequently incomplete or missing disclosures in the institutions’ reports. As discussed in the Introduction, the Reauthorization Act added specific policy statements that institutions must include in their annual security reports. As shown in Table 4, five institutions failed to fully disclose at least one of the 12 required Reauthorization Act policies we identified in this area. These omissions may have occurred in part because the Reauthorization Act, effective in March 2014, first required institutions to disclose related procedures in their 2014 annual security reports.
|Postsecondary Educational Institution (Institution)|
|Policies Revised by the Violence Against Women Reauthorization Act of 2013 (Reauthorization Act)||Fresno City College||San Francisco State University||Shasta College||Stanford University||University of California, San Diego||University of Redlands|
|Policies Concerning Campus Law Enforcement and Crime Prevention|
|1||A statement of policies encouraging accurate and prompt reporting of all crimes to campus police and appropriate police agencies, when the victim of such crime elects or is unable to make such a report.||✔||Partially Implemented||✔||✔||✔||✔|
|Policies Regarding Campus Sex Offense Programs and Procedures|
|2||A description of educational programs to promote the awareness of rape, acquaintance rape, domestic violence, dating violence, sexual assault, and stalking. These programs should include primary prevention and awareness programs for all incoming students and new employees, which must include a statement that the institution prohibits the offenses of domestic violence, dating violence, sexual assault, and stalking, including the definition of these crimes; the definition of consent in reference to sexual activity; safe and positive options for bystander intervention; and information on risk reduction to recognize warnings of abusive behavior and how to avoid potential attacks, and ongoing prevention and awareness campaigns for students and faculty.||Partially Implemented||Partially Implemented||Partially Implemented||✔||✔||Partially Implemented|
|3||A statement of the procedures an institution will follow once an incident of domestic violence, dating violence, sexual assault, or stalking has been reported, including a statement of the standard of evidence that will be used during any institutional conduct proceeding arising from such a report. Procedures victims should follow if a sex offense, domestic violence, dating violence, sexual assault, or stalking has occurred, including information in writing about the importance of preserving evidence as may be necessary to the proof of criminal domestic violence, dating violence, sexual assault, or stalking, or in obtaining a protection order.||✔||✔||Partially Implemented||✔||✔||✔|
|4||Options regarding notifying law enforcement and campus authorities, including notification of the victim’s options to notify proper law enforcement authorities, including on‑campus and local police; be assisted by campus authorities in notifying law enforcement authorities if the victim so chooses; and decline to notify such authorities.||✔||✔||✔||✔||✔||✔|
|5||Written notification of student and employees about existing counseling, health, mental health, victim advocacy, legal assistance, and other services available for victims, both on campus and in the community.||✔||✔||✔||✔||✔||✔|
|6||Written notification of victims about options for, and available assistance in, changing academic, living, transportation, and working situations, if requested by the victim and if such accommodations are reasonably available, regardless of whether the victim chooses to report the crime to campus police or law enforcement.||Partially Implemented||Partially Implemented||Partially Implemented||✔||✔||✔|
|7||A description of the rights of victims and the institution’s responsibilities regarding orders of protection, no‑contact orders, restraining orders, or similar lawful orders issued by a criminal, civil, or tribal court.||✔||Not Disclosed||Partially Implemented||✔||✔||Partially Implemented|
|Processes the Institution Will Use to Take Disciplinary Action in Cases of an Alleged Sex Offense|
|8||A statement that the accuser and accused are entitled to the same opportunities to have others present during an institutional disciplinary proceeding, including the opportunity to be accompanied to any related meeting or proceeding by an advisor of their choice.||✔||✔||✔||✔||✔||✔|
|9||A statement of policies that both the accuser and accused will be simultaneously informed in writing of the outcome of any institutional disciplinary proceeding that arises from an allegation of domestic violence, dating violence, sexual assault, or stalking; of the institution's procedures for the accused and the victim to appeal the result of the institutional disciplinary proceeding; of any change to the results that occurs prior to the time that such results become final; and when such results become final.||✔||Partially Implemented||Partially Implemented||✔||Partially Implemented||✔|
|10||A statement of policy of possible sanctions or protective measures that an institution may impose following a final determination of an institutional disciplinary procedure regarding rape, acquaintance rape, domestic violence, dating violence, sexual assault, and stalking.||✔||✔||Partially Implemented||✔||✔||✔|
|11||A statement of the institution's procedures for institutional disciplinary action in cases of alleged domestic violence, dating violence, sexual assault, or stalking, which shall include a clear statement that such proceedings shall provide a prompt, fair, and impartial investigation and resolution, which will be conducted by officials who receive annual training on the issues related to domestic violence, dating violence, sexual assault, and stalking and how to conduct an investigation and hearing process that protects the safety of victims and promotes accountability.||✔||Partially Implemented||Not Disclosed||✔||✔||✔|
|12||A statement of policy on how an institution will protect the confidentiality of victims, including how publicly available record keeping will be accomplished without the inclusion of identifying information about the victim, to the extent permissible by law.||✔||✔||✔||✔||✔||✔|
Sources: California State Auditor’s analysis of the six institutions’ 2014 annual security reports and revisions to United States Code, Title 20, Section 1092 (f) as a result of the Reauthorization Act (Public Law 113‑4).
✔ = Fully implemented
We brought the missing disclosures to the attention of the five institutions, and we asked for their perspective on why the disclosures were not made. The director of the department of public safety at Redlands stated that he believed the institution was diligent in its compliance with the interim requirements and felt it demonstrated a good faith effort regarding what it included in its annual security report. The police lieutenant of Fresno’s community college district indicated that it is learning what the Reauthorization Act requires and, as a result, inadvertently overlooked disclosing the required policy statements and will add these statements to the institution’s 2015 annual security report. Shasta’s director of campus safety stated that the institution revised its policies to include the Reauthorization Act’s requirements; however, the policies were not finalized before the release of Shasta’s 2014 annual security report and, therefore, were not included. San Diego’s police department’s records and communications manager and San Francisco’s police department’s deputy chief of police stated that they will include the omitted information in their 2015 annual security reports. Nonetheless, the law was enacted in 2013, giving a full year’s lead time. Moreover, the U.S. DOE provided guidance to the institutions in May 2013 and July 2014 explaining that institutions should use the Reauthorization Act as the basis for revising or developing policies, procedures, and programs in advance of the annual security report due October 1, 2014. Thus, we believe that institutions had adequate advance notice and time to ensure that their annual security reports included all necessary policy statements related to the Reauthorization Act.
Policies and Processes Postsecondary Education Institutions (Institutions) Must Describe in Their Annual Security Reports
- Policies concerning annual reports and access to campus.
- Policies concerning campus law enforcement and crime prevention.
- Policies concerning illegal drugs and alcohol.
- Policies regarding campus sex offense programs and procedures.
- Processes the institution will use to take disciplinary action in cases of an alleged sex offense.
- Policies regarding campus emergency response and evacuation procedures.
- Processes the institution will use when there is a report of a missing student.
Source: Code of Federal Regulations, Title 34, Section 668.46, and United States Code, Title 20, Section 1092(f).
The institutions did not always provide descriptions of certain security policies and processes as the Clery Act and federal regulations require. In fact, three of the six institutions failed to fully disclose three or more policies related to their emergency response and evacuation procedures in their annual security reports. Further, four of the six institutions did not fully disclose at least one of the policies regarding campus sex offense programs and procedures. These are two of the seven areas of policies and processes for which the Clery Act and its implementing regulations require descriptions, as shown in the text box. The omitted or incomplete disclosures covered a variety of areas, such as policies encouraging accurate and prompt reporting of all crimes to campus police and appropriate law enforcement agencies, and a statement publicizing emergency response and evacuation procedures in conjunction with at least one test of those procedures per calendar year.
When we inquired about the missing or incomplete security policy disclosures, some of the institutions stated that they intentionally did not disclose the information. For example, the police lieutenant of Fresno’s community college district indicated that the institution omitted a statement publicizing its emergency response and evacuation procedures in conjunction with at least one test per year to avoid compromising campus safety. He gave the example of wanting to prevent a potential active shooter’s access to information on how and where the campus community will evacuate. Similarly, when we asked the director of Redlands’ department of public safety about why the institution did not disclose a description of the process it will use to confirm that there is a significant emergency or a dangerous situation, he stated that the campus deliberately did not disclose this information because doing so could compromise campus safety in the event of criminal acts of violence against the campus community. However, the OPE handbook states that institutions are not required to publish in great detail how they would respond to specific emergencies; rather, institutions are to include all of their procedures and describe them in a manner that lets the campus community and others know what they will do and who or what office or organization will be responsible for each step along the way. Further, according to the OPE handbook, institutions are required to describe the process they will use to confirm that an emergency or dangerous situation exists.
The director of Redlands’ department of public safety stated that the institution thought its 2014 annual security report contained sufficient disclosures of certain policies; however, we disagree. Specifically, the director of Redlands’ department of public safety indicated that the institution believed its disclosure in the annual security report was sufficient. However, we found that Redlands did not disclose a description of the process it uses to test its response and evacuation procedures, including a description of the exercise, the date, the time, and whether it was announced or unannounced—components required by the OPE handbook.
In response to our concerns, the five institutions with missing or incomplete security policy disclosures agreed to strengthen their disclosures in their future annual security reports. For example, Redlands provided us with a draft of its 2015 annual security report that shows statements it plans to include that would fully address all disclosure requirements. San Francisco also indicated that it is working on a draft of its 2015 annual security report and stated that it would be revising and updating its disclosures to include language that adequately addresses the federal policy disclosure requirements. Fresno, San Diego, and Shasta stated that they will either make changes to or include policy disclosures that we found to be incomplete or missing.
If institutions do not make all required security policy disclosures, students and other stakeholders may not have the information they need to make informed decisions about safety on campus, including information on the prevention of crime and the actions they should take in the event of emergencies. Moreover, institutions that fail to make these disclosures risk incurring federal financial penalties, as described in the Introduction.
Two of the Six Institutions Did Not Have Complete Daily Crime Logs
The Clery Act requires that institutions with campus police or campus security departments maintain written daily crime logs of all crimes occurring on campus and reported to them, including Clery Act crimes and crimes that are not reportable under the Clery Act, such as petty theft. All entries in the daily crime logs must be open to public inspection within two business days of the initial report being made to the campus police or security department, unless disclosure of such information is prohibited by law or would jeopardize the confidentiality of the victim. According to the OPE handbook, these daily crime logs must be accessible on campus in either hard copy or electronic format and must be available for public inspection for the most recent 60‑day period.
However, two of the six institutions we visited did not keep complete daily crime logs as required. When we reviewed a selection of Clery Act crimes that each institution reported, we also determined whether the institutions had recorded the crimes in their daily crime logs. The daily crime logs at Fresno, San Diego, San Francisco, and Stanford included all of the incidents we reviewed. However, Shasta’s daily crime log did not include four of the 18 crimes we reviewed, and Redlands’ daily crime log did not include three of the 17 crimes we reviewed.
According to Shasta’s director of campus safety, he could not explain why the four crimes were omitted from the daily crime log because the individual who was responsible for the respective reportable period is no longer employed by the college. However, he stated that Shasta has developed and implemented a tiered approach to entering and approving the submission of crimes into the crime log; he explained that a team of three employees now conducts a daily review of the information that is entered into the daily crime log. In the case of Redlands, the director of the department of public safety stated that the daily crime log did not include a weapon law arrest and two stalking cases because of a rare occurrence in which Redlands’ crime database did not accurately populate the crime into the daily crime log. Redlands’ director of the department of public safety stated that the campus has amended its internal reporting procedures to prevent these types of errors. If institutions do not maintain complete daily crime logs, the public may not have complete and timely information related to campus safety.
Most Campuses We Surveyed Reported Having Processes in Place to Help Ensure the Accuracy of Their Clery Act Statistics
In addition to the six institutions discussed previously, we surveyed 79 campuses throughout the State with student enrollments of 500 or more that participate in certain federal financial aid programs and that reported no criminal offenses for 2013 to determine whether the institutions had established adequate processes for compiling and distributing their crime statistics to help ensure that they met Clery Act requirements.11,12 Most of the 79 respondents indicated that they had sufficient processes in place to do so. However, based on their responses, we believe some institutions should strengthen their practices for notifying students and employees of the availability of their annual security reports.
Most survey respondents reported that they have practices in place to help ensure that they fulfill their Clery Act crime‑reporting requirements. For example, 76 percent of respondents indicated that they have provided specific training to the individuals responsible for compiling and distributing their annual crime statistics. Of the respondents, 76 percent indicated that their institutions follow guidance from the OPE handbook when compiling and distributing the annual crime statistics. Furthermore, 94 percent of respondents indicated that they have written policies and procedures for collecting and reporting crime statistics, which can be helpful in establishing consistent methodologies for fulfilling reporting requirements.
The majority of survey respondents also reported that they take steps to ensure that the campus crime statistics they report are complete and accurate. As mentioned earlier, federal regulations permit institutions to trust certain information they receive from outside law enforcement agencies. Specifically, federal regulations state that institutions “may rely on” information or crime statistics they receive from local or state law enforcement agencies and are not required to verify the accuracy of statistics they receive from those agencies. Nonetheless, 72 percent of our survey respondents indicated that they verified the accuracy of the information they received from their off‑campus sources, most often by reviewing reports. In addition, 81 percent of respondents said they took steps to verify the accuracy of the information they received from on‑campus sources, most typically by emailing their on‑campus sources and by reviewing reports from their off‑campus sources. The majority of the campuses indicated that they request information in writing; specifically, 81 percent of respondents indicated that they request information about crimes from on‑campus entities by email, and 62 percent stated that they request information about crimes from off‑campus sources by email.
Although most survey respondents indicated that they provide a link on their websites to their security policies and annual crime statistics, some did not indicate that they take all the steps required to ensure that their students and employees are aware that these reports are available. For example, 77 percent of respondents to our survey indicated that their institution’s websites include direct links to their policies and statistics. However, 21 percent of these respondents did not indicate that they notify their current students and employees by email, publication, or other means of their campus security policies and annual crime statistics. If institutions do not provide proper notification of the availability of their annual security reports, their students and employees are less likely to be aware of important information about the institution’s security policies and crime statistics.
More Guidance Is Needed to Increase Institutions’ Compliance with the Clery Act
Since a statute in 2002 added the requirement for the California State Auditor (state auditor) to audit compliance with the Clery Act, our office has conducted five audits of a selection of California’s institutions. Because of similarities in the issues we identified in this report and in our four previous reports published in December 2003, January 2007, January 2010, and October 2012, we believe that California’s institutions’ compliance with the Clery Act could improve with additional guidance both from the systemwide offices for their respective institutions and from a state entity that provides guidance to all institutions. Although the systemwide offices provide some guidance to their institutions regarding compliance with the Clery Act, the level of guidance they provide varies significantly and can be improved. In addition, although the U.S. DOE is responsible for overseeing compliance with the Clery Act by institutions that participate in federal student aid programs under Title IV of the Higher Education Act of 1965 (Title IV), according to information available on its website, the U.S. DOE did not issue any final determinations on campus crime program reviews of California institutions between 2011 and 2014. Further, there is currently no state entity or other governing body to provide guidance to institutions throughout the State that could help ensure their compliance with the requirements of the Clery Act and the Reauthorization Act. As discussed in the Introduction, the U.S. DOE has stated that along with other considerations, the issue of campus safety is a vital concern for students and their families when choosing an institution. Without additional guidance at the state level, institutions may continue to report inaccurate crime statistics or fail to adequately disclose security policies in their annual security reports as the Clery Act requires. As a result, students and their families may be hindered from making fully informed decisions about campus safety, and institutions could be exposed to U.S. DOE penalties.
The University of California Office of the President (UCOP) currently provides guidance and trainings to its campuses regarding the Clery Act and is in the process of improving its efforts to ensure that institutions comply with the Clery Act’s requirements. Specifically, according to its senior vice president and chief compliance and audit officer (senior vice president), staff communicate regularly with each campus’s Clery Act coordinator, including via in‑person meetings, monthly calls, in‑person trainings, online trainings, and webinars. Additionally, the senior vice president explained that UCOP works closely with each campus’s police chief and often invites the chiefs and other law enforcement personnel to Clery Act trainings and meetings. She stated that in conjunction with legal counsel, UCOP provides guidance to Clery Act coordinators concerning clarification and consistency in institutions’ annual security reports. Further, the senior vice president explained that because of the complex requirements of the Clery Act, the Reauthorization Act, and the sexual violence/sexual assault components of Title IX of the Education Amendments of 1972 (Title IX), UCOP recently created a new director position to oversee compliance and guidance in these areas. She stated that UCOP is also in the process of developing a systemwide policy that will specifically address Clery Act requirements and reporting, which, according to its draft policies, will require periodic audits to confirm institutions’ compliance. The senior vice president told us that UCOP expects this policy to be finalized in early 2016 and plans to implement an interim policy in July 2015.
Similarly, in March 2013 the California State University (CSU) Office of the Chancellor identified a need to increase the guidance and training it provides to its campuses regarding compliance with the Clery Act’s requirements. As a result, according to the assistant vice chancellor of strategic initiatives and support services (assistant vice chancellor), the CSU Office of the Chancellor initiated a task force, including a subcommittee dedicated to the Clery Act, which identified a further need and desire for training on Clery Act issues. Since April 2014 CSU has hosted two Clery Act trainings per year with presenters who have included, according to the assistant vice chancellor, an expert in the Clery Act field. In June 2014 the CSU Office of the Chancellor allotted additional resources to contract with Clery Act consultants, with the most recent contract ending in May 2016. The assistant vice chancellor explained that all CSU campuses have direct access to these consultants for any questions regarding compliance, reporting, or campus safety. Further, in January 2015, the CSU Office of the Chancellor’s Office of Audit and Advisory Services identified the Clery Act as a high‑risk area and subsequently began conducting audits of selected institutions for Clery Act compliance. The assistant vice chancellor stated that the CSU Office of the Chancellor is aware that formal policies and procedures regarding Clery Act compliance would enhance guidance to the institutions; however, while a general systemwide policy already exists, it is roughly 10 years old and additional substantive policies and procedures are in the process of being drafted.
In contrast to the efforts made by UCOP and the CSU Office of the Chancellor, according to the deputy chancellor of the California Community Colleges Chancellor’s Office (Community Colleges Chancellor’s Office), it has provided limited guidance to its institutions regarding Clery Act compliance and reporting. The deputy chancellor explained that although Clery Act reporting is the responsibility of the colleges, the Community Colleges Chancellor’s Office endeavors to support the colleges in meeting this requirement as its staffing resources allow. He stated that the Community Colleges Chancellor’s Office passes along information it receives from, for example, the California Department of Justice (Justice), Office of the Attorney General’s (attorney general) summary of new and amended legislation to its respective institutions; however, it does not provide its institutions with formalized policies, procedures, or recommended internal controls to increase their compliance with the Clery Act. The deputy chancellor acknowledged that more can be done to provide guidance; however, he stated that the Community Colleges Chancellor’s Office does not currently have the resources to give the requirements of the Clery Act, the Reauthorization Act, or Title IX the attention they deserve. As a result, we believe that California’s community colleges are at a greater risk of reporting inaccurate Clery Act crime statistics and providing current and prospective students and their parents with incomplete information regarding safety on campus as well as incurring financial penalties.
In addition to the guidance the systemwide offices provide, the U.S. DOE offers guidance to the institutions through publications. As described earlier, the U.S. DOE’s OPE handbook provides guidance to institutions on how to comply with the Clery Act. However, according to the U.S. DOE’s director of Clery Act compliance (director), the U.S. DOE is in the process of adding new chapters to the handbook to reflect the changes made to the Clery Act requirements by the Reauthorization Act. He stated that the U.S. DOE intends to issue the revised handbook to the institutions in 2015. In addition to the OPE handbook, the director explained that the U.S. DOE provides additional guidance by way of distributing “Dear Colleague” letters and electronic announcements to institutional officials to provide updates or reinforce Clery Act areas of compliance.
In addition to providing guidance, the U.S. DOE is, according to federal law, the entity responsible for oversight of the institutions’ compliance with the Clery Act. The director explained that the U.S. DOE conducts campus crime program reviews as part of that oversight. According to the director, in most years the U.S. DOE conducts between 10 and 20 campus crime program reviews, which are generally prompted by consumer complaints. According to the director, onsite regional teams also conduct general assessments as part of the U.S. DOE’s reviews for Title IV compliance, which include a limited review of Clery Act compliance. Information obtained through its website indicates that between 2011 and 2014 the U.S. DOE issued final determinations on campus crime program reviews it conducted of 29 institutions. None of the 29 campus crime program reviews were of California institutions; however, according to the director, as of June 2015 the U.S. DOE had four open campus crime program reviews of California institutions. Further, information from the U.S. DOE’s website as of June 2015 indicates that 17 of the 29 campus crime program reviews resulted in fines, and that reaching either a resolution or a settlement amount took from a year and a half to over three and a half years. The campus crime program reviews that are currently being conducted of four California institutions could take a similar length of time, if violations are found. The director at the U.S. DOE agreed that additional guidance by a state entity could help increase California institutions’ compliance with the Clery Act and could help establish consistency among the institutions’ policies and procedures related to the Clery Act.
As previously discussed, although oversight of institutions’ compliance with the Clery Act is the responsibility of the U.S. DOE, the State does not currently have an entity or other governing body to ensure that institutions have the guidance and information necessary to ensure that they consistently interpret, and comply with, the requirements of the Clery Act. Such an entity could, among other activities, conduct periodic reviews of a selection of institutions’ crime statistics and annual security reports to ensure that they satisfy Clery Act requirements and provide them with any necessary feedback on how to improve their reports. Further, the state entity could establish a help desk for institutions to call when they have questions regarding the Clery Act, such as how to properly categorize the location of a crime, an issue certain institutions have struggled with, as described earlier in this report and as noted in our past audits. Also, institutions could seek the state entity’s perspective on whether their annual security reports satisfy the Clery Act’s requirements by, for example, requesting that the state entity review the reports to make sure they contain all required security policy disclosures. Additionally, in this report and our prior campus crime reports issued in 2003, 2007, and 2010, we found that certain institutions were unsure of how to convert crimes defined in California’s laws to Clery Act reportable crimes. A state entity could compile a comprehensive list converting crimes defined in California’s law to Clery Act reportable crimes. Further, to ensure that institutions receive timely and consistent training on the Clery Act’s requirements, a state entity could develop and disseminate training materials and conduct trainings at the institutions’ request. Without this additional guidance, institutions will likely continue to inconsistently report their crime statistics and fail to fully disclose all required security policies—misinforming users of the reports and exposing the institutions to the U.S. DOE’s penalties.
To identify whether the three systemwide offices would support such statewide guidance, we obtained their perspective. According to UCOP’s senior vice president, UCOP would be fine with this type of collaborative relationship. The CSU Office of the Chancellor’s assistant vice chancellor stated that a state entity to provide clarification of Clery Act requirements and coordinate training could be very beneficial. In addition, the deputy chancellor of the Community Colleges Chancellor’s Office indicated that a state entity to provide coordination, direction, and assistance could be beneficial for California’s community colleges, as the Community Colleges Chancellor’s Office does not currently have the necessary resources to provide a sufficient level of guidance to its institutions. Further, California’s private institutions do not have a systemwide body, such as UCOP, to provide guidance on the Clery Act, and we believe it is important for them to receive guidance on this topic as well.
Justice, headed by the attorney general, the State’s chief law enforcement official, is well positioned to advise institutions on which California criminal statutes align with what must be reported under the Clery Act, and could therefore provide additional guidance on the Clery Act to all institutions. When we asked Justice for its perspective on this new role, it stated that it agrees that consistent statewide guidance regarding the Clery Act—along with Title IX and other protections under state and federal law—is important to ensure that students across California are able to live and thrive in learning environments free from harassment, discrimination, and violence. Justice explained that accurate, transparent crime statistics are a critical component of ensuring trust and accountability for keeping students safe. Further, Justice stated that providing guidance to institutions regarding the Clery Act and other state and federal campus safety requirements can help to improve compliance with these important laws. However, Justice stated that the recommendation to create a help desk and a process by which institutions could request a review of their reports would be a departure from the traditional role of Justice and would require substantial new resources. Notwithstanding these reservations, according to Justice, it would welcome the opportunity to work with the Legislature and the California Department of Finance to assess how the State can improve its guidance in this area and what additional financial resources would be required to adequately implement the state auditor’s recommendation.
The Legislature should require Justice to provide guidance to California’s public and private institutions and systemwide offices regarding compliance with the requirements of the Clery Act and the Reauthorization Act.
Redlands, San Diego, San Francisco, Shasta, and Stanford should review and adhere to applicable guidance related to the Clery Act, including the OPE handbook and the Uniform Crime Reporting Handbook, to ensure that they are accurately reporting their crime statistics.
Fresno, San Diego, San Francisco, and Shasta should create written procedures that clearly describe the review process they will undertake to ensure that they are reporting crime statistics consistently and accurately in their annual security reports.
Fresno, Redlands, San Diego, San Francisco, and Shasta should review and adhere to applicable guidance related to the Clery Act, including the OPE handbook and the Uniform Crime Reporting Handbook, to ensure that they are including all required disclosures in their annual security reports.
Redlands and Shasta should ensure that they include all crimes on their daily crime log, as required under the Clery Act.
To ensure that its respective institutions comply with the Clery Act, UCOP should finalize and implement its draft policy that will provide additional guidance and oversight to its institutions.
To ensure that its respective institutions comply with the Clery Act, the CSU Office of the Chancellor should develop written policies and procedures to provide guidance to its institutions on how to report accurate Clery Act crime statistics and ensure that all required disclosures are included in its respective institutions’ annual security reports. The CSU Office of the Chancellor should then annually revisit the written policies and procedures to ensure that they are up to date.
To ensure that its respective institutions comply with the Clery Act, the Community Colleges Chancellor’s Office should develop written policies and procedures to provide guidance to its institutions on how to report accurate Clery Act crime statistics and ensure that all required disclosures are included in its respective institutions’ annual security reports. The Community Colleges Chancellor’s Office should then annually revisit the written policies and procedures to ensure that they are up to date.
We conducted this audit under the authority vested in the California State Auditor by Section 8543 et seq. of the California Government Code and according to generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives specified in the Scope and Methodology section of the report. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.
ELAINE M. HOWLE, CPA
July 16, 2015
Laura G. Kearney, Audit Principal
Rosa I. Reyes
Charles H. Meadows III, CPA
Bridget Peri, MBA
IT Audit Support:
Michelle J. Baur, CISA, Audit Principal
Benjamin Ward, CISA, ACDA
Stephanie Ramirez‑Ridgeway, Sr. Staff Counsel
For questions regarding the contents of this report, please contact Margarita Fernández, Chief of Public Affairs, at 916.445.0255.
8 Clery Act requirements apply to an institution that qualifies as an institution of higher education, a proprietary institution of higher education, or a postsecondary vocational institution, and that meets other requirements outlined under federal regulations, such as offering fewer than 50 percent of its courses as correspondence courses and not having filed for bankruptcy relief. Go back to text
9 The specific number of crimes we reviewed varied with the total Clery Act crimes each institution reported. Go back to text
10 Because Shasta submitted the revised crime statistics to OPE in April 2015, which was after our site visit, we did not verify the accuracy of the revised crime statistics. However, we did verify that Shasta revised these statistics in April 2015, as Shasta’s director of campus safety asserted. Go back to text
11 We initially surveyed 80 institutions; however, one of the institutions closed after our survey was distributed. Go back to text
12 Although we have used the term institutions throughout this report to describe the entities that must comply with the Clery Act, in this section we discuss survey responses we solicited from selected campuses of institutions. Some institutions have more than one campus: For example, Shasta’s main campus is in Redding, but Shasta also maintains campuses in Red Bluff and Burney. We surveyed individual campuses, asking each respondent to tell us about his or her institution’s policies as they apply to that campus. Go back to text