Last month Secretary of State Mike Pompeo announced that the Trump administration would reduce a cap on the number of refugees the United States could admit into the country to thirty thousand, representing the lowest ceiling since the program’s creation in 1980. The move reportedly reflects the administration’s priority to screen hundreds of thousands of asylum seekers already in the country as well as concerns that vetting procedures may not be up to snuff.

In announcing the decision, Pompeo characterized legacy screening procedures as “defective,” citing their inability to identify several refugees with criminal backgrounds and one with ties to ISIS. While not elaborating on that case, Pompeo was likely referencing an Iraqi refugee arrested in August who allegedly was a member of Al Qaeda and ISIS and reportedly killed an Iraqi police officer before resettling to Sacramento in 2014.

While the circumstances of that case are alarming, policymakers would be wise to recognize that no screening system by itself is likely to weed out all threats. No matter how rigorous and lengthy new vetting procedures may be, on occasion, refugees with criminal backgrounds and even terrorist sympathies are likely to slip through the cracks.

This is true for two primary reasons. First, security agencies are unlikely to identify every potential red flag in a refugee’s background, particularly if the applicant never publicly expresses—or acts on—his or her terrorist sympathies. Security agencies, for example, were not aware of private Facebook messages that San Bernardino shooter Tashfeen Malik sent under an alias to a small group of friends pledging her support for Islamic jihad before entering the United States on a fiancé visa.

Second, as studies have shown, most foreign-born immigrants who subsequently attempt terrorist attacks in the United States are often admitted as children and later radicalized while living in the country. No screening program can reliably predict if an applicant will develop terrorist sympathies in the future.

Indeed, these realities are not comforting to any security official charged with preventing terrorists from infiltrating the United States, and likely have informed the administration’s approach of cutting refugee admittance rates and implementing additional screening requirements. But a security policy that depends too heavily on vetting, and expects these systems to be foolproof, is likely to fall short.

Therefore, a better security standard the administration could consider is not whether vetting failures ever occur, but rather whether they pose an acceptable risk to the United States. Of course, vetting systems are only one of many safeguards in place to protect against attacks by refugees—or any other individual who may seek to do harm inside the United States.

And studies have shown that not only are vetting failures exceptionally rare, but when they do occur, they rarely lead to lethal attacks. For example, a 2018 study published by the Cato Institute identified only thirteen vetting failures since 9/11 in which an individual with ties to terrorism entered the United States and subsequently committed a terrorism-related crime. Of these thirteen cases, only one involved a deadly attack—Tashfeen Malik, who entered the United States on a fiancé visa rather than as a refugee.

These findings suggest that the risks resulting from vetting failures are minimal, particularly from refugees. Indeed, this is partly because additional security measures aimed at identifying suspected terrorists inside the United States have generally proved effective at detecting threats before they materialize. These additional security layers include a variety of intelligence and law enforcement investigative tools, such as online surveillance, confidential informants and information provided from foreign partners, as well tips from the public.

Take the example of the ISIS-linked refugee that Pompeo referenced last month. While the case raises serious concerns about vulnerabilities in the vetting program, the man’s terrorist ties were nevertheless identified through an FBI investigation and information provided by Iraqi authorities.

Another high-profile vetting breakdown that involved two Al Qaeda-linked men living as refugees in Bowling Green, Kentucky, was ultimately identified in 2009 because of an intelligence tip and a sophisticated FBI sting operation.

While the vetting system failed in these cases, additional security layers that act as a backstop to screening programs were effective at identifying these refugees’ terrorist ties before they could do harm. In addition, each weakness that these cases revealed in the screening program have already informed improvements that could help detect future threats. For example, the case in Bowling Green, which revealed that one man’s fingerprints were located on explosive devices recovered in Iraq, prompted an expanded vetting of the fingerprints of refugee applicants.

Administration officials developing security policies often face a challenging task of finding the right balance between competing interests, in this case the risk of accepting refugees weighed against the benefits of doing so. Several former policymakers have highlighted the reputational and economic benefits of the refugee resettlement program, as well as the humanitarian interests served by providing protection for vulnerable peoples. When weighing these interests in the future, the administration would be wise to recognize the effectiveness of all the security measures in place that reduce risk that a few refugees might pose to the United States.

Ian Mitch is a senior policy analyst at the nonprofit, nonpartisan RAND Corporation.

Image: Reuters