State Department Security Review Committee Final Rule Effective May 27

Content

ACTION:

Final rule.

SUMMARY:

The Secretary of State is promulgating rules defining the membership and operating procedures of the Department of State's
Security Review Committee, an internal panel that reviews serious security incidents.

DATES:

This rule is effective on May 27, 2026.

FOR FURTHER INFORMATION CONTACT:

Alice Kottmyer, Attorney Adviser,

Office of Management, Office of the Legal Adviser, kottmyeram@state.gov.

SUPPLEMENTARY INFORMATION:

Why is the Department promulgating this rule?

In 2022, section 9302(d) of Public Law 117-263 established the Security Review Committee (SRC), which required the Secretary
of State to also publish rules relating to the SRC's membership and operating procedures. The SRC is an internal review process
by a panel composed of designated assistant secretary-level federal employees, who are directed to assess a serious security
incident involving loss of life, serious injury, or significant destruction of property at or related to a U.S. diplomatic
mission abroad. The Committee determines whether the Department of State's security policies, procedures, and programs worked
appropriately and as intended. Meetings of an SRC are not open to the public.

Regulatory Analysis

Administrative Procedure Act

This rulemaking is a rule of agency organization, practice and procedure, and hence is exempt from notice and comment rulemaking
pursuant to 5 U.S.C. 553(b).

Regulatory Flexibility Act

The Department of State, in accordance with the Regulatory Flexibility Act (5 U.S.C. 605(b)), has reviewed this regulation
and, by approving it, certifies that this rule will not have a significant economic impact on a substantial number of small
entities.

Unfunded Mandates Act of 1995

This rule will not result in the expenditure by State, local, and tribal governments, in the aggregate, or by the private
sector, of $100 million or more in any year and it will not significantly or uniquely affect small governments. Therefore,
no actions were deemed necessary under the provisions of the Unfunded Mandates Reform Act of 1995.

Congressional Review Act

This rule is exempt from the Congressional Review Act, pursuant to 5 U.S.C. 804(3)(C).

Executive Order 12866, 14192, and 13563

The Office of Information and Regulatory Affairs has designated this rulemaking as not significant under Executive Order 12866,
section 3(f), Regulatory Planning and Review. The Department has reviewed the regulation to ensure its consistency with the
regulatory philosophy and principles set forth in Executive Order 12866. The Department of State has considered this rule
in light of Executive Order 13563 and affirms that this regulation is consistent with the guidance therein. Since this rule
is not significant, it is not subject to the provisions of Executive Order 14192.

Executive Orders 12372 and 13132

This regulation will not have substantial direct effects on the States, on the relationship between the national government
and the States, or on the distribution of power and responsibilities among the various levels of government. Therefore, in
accordance with section 6 of Executive Order 13132, it is determined that this rule does not have sufficient federalism implications
to require consultations or warrant the preparation of a federalism summary impact statement. The regulations implementing
Executive Order 12372 regarding intergovernmental consultation on Federal programs and activities do not apply to this regulation.

Executive Order 12988

The Department of State has reviewed the rule considering sections 3(a) and 3(b)(2) of Executive Order 12988 to eliminate
ambiguity, minimize litigation, establish clear legal standards, and reduce burdens.

Executive Order 13175

The Department of State has determined that this rulemaking will not have Tribal implications, will not impose substantial
direct compliance costs on Indian Tribal governments, and will not pre-empt Tribal law. Accordingly, the requirements of Section
5 of Executive Order 13175 do not apply to this rulemaking.

Paperwork Reduction Act

This rule does not impose any new reporting or record-keeping requirements subject to the Paperwork Reduction Act, 44 U.S.C.
Chapter 35.

List of Subjects in 22 CFR Part 7

Organization and functions (Government agencies).

Regulatory Text For the reasons set forth in the preamble, the Department of State adds part 7 to title 22 of the Code of Federal Regulations
to read as follows:

PART 7—SECURITY REVIEW COMMITTEE

Sec. 7.1 Introduction. 7.2 Security Review Committee Membership. 7.3 Security Review Committee Operating Procedures.

Authority:

22 U.S.C. 2651a; 22 U.S.C. 4801 et seq.; 22 U.S.C. 4833.

§ 7.1 Introduction. The Secretary of State is required to convene a Security Review Committee in case of a serious security incident involving
loss of life, serious injury, or significant destruction of property at, or related to, a U.S. diplomatic mission abroad,
and in any case of a serious breach of security involving intelligence activities of a foreign government directed at a U.S.
mission abroad.

§ 7.2 Security Review Committee Membership. (a) The Security Review Committee is comprised of officials filling the positions below, to include an official authorized
to perform the duties of the position listed below in paragraphs (a)(1) through (6) by operation of federal law or through
delegation of authority from the Secretary of State:

(1) the Executive Director of the Executive Office for Management;

(2) the Assistant Secretary of State responsible for the region where the incident occurred;

(3) the Assistant Secretary of State for Diplomatic Security;

(4) the Assistant Secretary of State for Intelligence and Research;

(5) an Assistant Secretary-level representative from any involved United States Government department or agency; and

(6) other personnel determined by the Secretary of State to be necessary or appropriate.

(b) The Executive Director of the Executive Office for Management serves as chairperson of the SRC, unless otherwise designated
by the Secretary of State in a particular case.

§ 7.3 Security Review Committee Operating Procedures. (a) All U.S. diplomatic posts must follow standard incident reporting requirements established by Diplomatic Security, including
an official cable notification of an initial report of a potential serious security incident not later than three days after
such incident occurs, whenever feasible.

(b) The Under Secretary for Management directs Diplomatic Security to assemble a Security Investigative Team within 10 days
of receiving a report of a potential serious security incident.

(c) When directed by the Secretary, either Deputy Secretary, or the Under Secretary for Management, the Assistant

Secretary for Diplomatic Security forms the Security Investigative Team and reviews the Security Investigative Team's composition
for any conflict, appearance of conflict, or lack of independence and on an expedited basis seeks approval from the Under
Secretary for Management for the composition of the Security Investigative Team.

(d) The Under Secretary for Management approves the composition of the Security Investigative Team. The Under Secretary for
Management will endeavor to respond within five days to Diplomatic Security's request for approval of the composition of the
Security Investigative Team.

(e) The Security Investigative Team investigates the potential serious security incident and independently establishes what
occurred consistent with the statutory requirements. The Security Investigative Team collects information, conducts interviews,
reviews relevant information and evidence, and makes a written administrative Report of Investigation within 90 days of the
occurrence of the potential serious security incident.

(f) The Secretary convenes a Security Review Committee within 60 days of the occurrence of the potential serious security
incident, or within 120 days of the potential serious security incident if the Secretary extends the period by 60 days.

(g) The Security Review Committee reviews the Report of Investigation and any other evidence, reporting, and relevant information
related to a potential serious security incident. The Security Review Committee makes a written report to the Secretary no
later than 60 days after receiving the Report of Investigation, unless the Secretary extends this period for an additional
60 days. The written SRC report provides a full account of what occurred, makes required determinations as set out in the
Security Review Committee statute, and makes recommendations, as warranted.

(h) The Bureau of Legislative Affairs will provide the designated committees of Congress with the following: a notification
within eight days of identifying a potential serious security incident; a notification promptly upon establishment of a Security
Review Committee; a copy of any written report by the Security Review Committee submitted to the Secretary of State no later
than 90 days after the Secretary of State receives it.

(i) Nothing in 22 CFR part 7 precludes the Secretary from immediately directing the formation of a Security Investigative
Team or a Security Review Committee following an initial report of a potential serious security incident.

Dated: April 21, 2026. . Alice M. Kottmyer, Attorney-Adviser, Office of the Legal Adviser, U.S. Department of State. [FR Doc. 2026-08148 Filed 4-24-26; 8:45 am] BILLING CODE 4710-35-P

Download File

Download