New ACIDs are trying to use FTP and fail with the following at a windows command prompt: 

U:\>ftp p01 
Connected to ftp.abc.com. 
220-FTPSERVE IBM FTP CS V2R1 at ftp.abc.com, hh:mm:ss on yyyy-mm-dd. 
220 Connection will close if idle for more than 5 minutes. 
User (ftp.abc.com:(none)): xxxxxx
331 Send password please. 
Password: 
530 PASS command failed 
Login failed. 
ftp> quit 
221 Quit command received. Goodbye. 

In the USS /var/syslog/info.log we see: 

D01 ftpd[67174654]: EZYFS50I ID=FTPSERVE CONN starts Client IPaddr=xx.xx.xxx.xxx hostname=xxx.yyy.com 
D01 ftps[67174654]: EZYFS57I ID=FTPSERVE ACCESS fails USERID= Reason=11 Text=The access to the user database by userid failed 
D01 ftps[67174654]: EZYFS52I ID=FTPSERVE CONN ends Input=0 bytes Output=0 bytes 

No violations appear in the Top Secret Violation report.

TSSUTIL reports violations on the z/OS side of things. 
TSSOERPT reports on the violations on the USS side of things. 

So if you dont see any violations on the zOS side with TSSUTIL side, run the TSSOERT to see if you are getting any violations on the USS side of things. 

TSSOERPT shows the following violation:

initUSP xxxxxx * N/A N/A 8 8 
mm/dd/yy yy.ddd hh.mm.ss FTPSERVE xxxx 
Failed - Current group incompletely defined as OpenMVS group

The ACID was missing a GID.

After adding a GROUP to the user ACID, the problem was resolved.

​Example:
TSS ADD(acid) GROUP(groupname)

You cant attach a GID directly to a user. You attach a GID to a GROUP acid, then attach that GROUP acid to a user ACID.