What’s keeping the government from addressing fraud in federal programs?

Terry Gerton GAO recently provided congressional testimony on managing fraud in federally funded state administered programs. And when I looked at this, something caught my eye. It noted that GAO has made more than 200 recommendations to better manage fraud risk, many of which still require action. Why is it so hard to get a handle on fraud in these kinds of programs?

Seto Bagdoyan Yes, great question. A question of longstanding. A lot of it has to do with tone at the top. One of the points I made during my testimony was at the fundamental level, there’s a lack of acknowledgement that fraud is a problem. And that lack of acknowledgment drives everything else. The leadership attention to create a capacity, to identify and manage fraud risks, and then make sure that that capacity is sustained over the long term because fraudsters evolve much quicker than federal agencies or even the private sector for that matter can respond. So that is very important. Acknowledge this upfront, not attack the auditors or YouTubers from the Minnesota experience, for example. It’s out there, it is significant, and it needs a lot of attention and quickly.

Terry Gerton Well, the Trump administration has certainly put attention on fraud in many of the federal benefits programs. But I wonder how much can agencies really affect since many of these programs are created in law and many of their requirements are established in statute. Where do agencies have the flexibility to address the fraud risks?

Seto Bagdoyan Yes, that’s a great question. And program design and implementation, as we call it, is, in many respects, at the heart of this issue. As you said, programs are in statute, then they may have implementing regulations, and those regulations have administrative processes and procedures that operationalize them. So part of the problem is that agencies either too narrowly or too broadly interpret all those things and they say, well we are sort of precluded from doing data analytics for example or sharing information with other agencies or states municipalities that in this case are equal partners because that’s where all the action is and then another issue is the money flow. You know, once the federal government gives the money to the states and the states give it to, say, grantees and subrecipients, the audit trail starts to fade and oversight becomes lax and then that’s when you start running into problems.

Terry Gerton So is that oversight chain and the gaps in it a federal function? Is it a state function? Is it distribution function? All of the above?

Seto Bagdoyan It’s a mix, right. So with unemployment insurance, for example, during the pandemic, the Department of Labor, you know, facilitated the flow of all these funds, almost $900 billion in unemployment insurance benefits flowed during the Pandemic. They went to these state workforce agencies who were the ones responsible for distributing the funds through the benefits application and dispersal process. A lot of those funds were distributed based purely on self attestation, at least initially. So then when the feds finally figured out this is not such a great idea, and they obtained congressional direction to dial it back, guess what happened? Most of the money was already gone. So by the time they went into more traditional controls for identity verification and eligibility determination, the money had left the barn, fraudsters probably, based on our estimate, made off with up to $135 billion, which is 15% of the total amount. So it’s a vital function, top to bottom, that oversight accountability controls are part of that system.

Terry Gerton I’m speaking with Seto Bagdoyan. He’s a director in the Forensic Audits and Investigation Service at GAO. Let’s follow that thread. You mentioned unemployment insurance during the pandemic. TANF is another big benefits program. We heard a lot about that program during the government shutdown when it didn’t flow and then tried to get back out as quickly as possible. Medicaid is the other huge piece of federally funded —

Seto Bagdoyan It’s enormous, that’s right.

Terry Gerton State administered programs. So, many of these are designed to meet immediate human needs. How does the pressure to get those funds out interact with the desire to be compliant and have that auditability? We talk about the burden, right? How do you balance burden with compliance?

Seto Bagdoyan Yep, so that’s another great question. It basically comes down to fundamentals of the capacity to manage integrity risks, fraud risks, if you will. So it is a very difficult trade-off, there’s no doubt about it. But the more sophisticated your capacity to do the identity verification, eligibility determination, calculate the benefit, disperse it, and so forth, the better off you are not slowing down the benefit to the legitimate recipient. So there are ways, they’re mostly technology and process and procedure-based. We’re not there yet, we’re far from it. So the typical response is, oh my goodness, this is going to slow things down. We get pressure from the Hill, we get pressure form governors, cut the checks, don’t worry about it, we will catch it at the end. Guess what, there is even less capacity at the end to catch any of this.

Terry Gerton That’s the pay and chase model, right?

Seto Bagdoyan Pay and chase. That’s right. Yep. Yep, that’s it. And it is as failed as self attestation is at the front end.

Terry Gerton Let’s just stick with those three big programs we just talked about, UI, TANF, and Medicaid. These programs are massive. They’re already designed and implemented. The rules are out there. Every state has massive IT systems that they’ve built to be compliant. At this point, how do you go back and insert technology, if that’s the way to fix this, or other sorts of process controls that can get a handle on fraud on the front end.

Seto Bagdoyan Right. So, I mean, if it’s statutorily driven, then obviously one of the fixes would be to amend the statutes to allow certain things and also to preclude bad things, allow good things like data sharing, data analytics, timely investigation, those kinds of things, and then eliminate or mitigate bad things like self attestation, or we will catch them at the end type of mindset. And then relatedly, there are things that agencies and their partners at the state and municipal level can do in terms of reinterpreting certain things and saying, okay, well, are we sure that we can’t share data or are we that we cannot analyze this against this and act decisively on the results? That’s a problem. A lot of times they do do data analytics in a fairly sophisticated way, depending on the state or the federal agency. And then when they see the results, it’s like, holy cow, we just flagged hundreds of thousands of people who are potentially ineligible. What do we do now? So they don’t do anything. They allow it all to happen. And then with the proviso of we’ll catch the real bad ones at the very end.

Terry Gerton Is this a problem that technology alone can solve or do we need the right people with the right experience and the right amount of people to be doing these kinds of, making these kinds judgment decisions?

Seto Bagdoyan Yeah, absolutely. Technology is at the heart of it. Data analytics is at the heart technology. But again, you also have to have the controls, the processes and procedures, as well as the desire to act decisively against the results. You can have very elegant data analytics that yield multiple flags of potential fraud. But if you don’t act on those flags because of some sort of reluctance or downstream capacity, if you will. Nothing’s really going to change.

Terry Gerton So when we have the people in the loop and they say, wow, if we could change this process or if we can change this parameter or if could put this tool in place, we could get after fraud, who in the structure has the power and the authority to say yes to that? You mentioned a lot of people who say no. No, we can’t do that. But who has the authority and the power to say, yes, and then make it stick?

Seto Bagdoyan Right. So, you know, it’s part of the administration, it is part of Congress, it is part the accountability sector like GAO, the state auditors, the inspectors general. We all have to be, in my personal view, all have be in sync. Now, the current president has made fraud a priority. He has various initiatives underway. There is a new division at DOJ, for example. The vice president is leading a separate effort. Certain cabinet secretaries have initiatives like Dr. Oz over at CMS with his 50-state Medicaid audit. Those are positive, constructive states or actions, but not only do they have to be integrated with the rest of the accountability sector, but also sustained over the long term. Say, if the president’s successor is from the other party— in 2029, is that going to carry over or are we going to go in a different direction? And again, as I said at the very beginning, when we were speaking earlier, this runs across administrations based on my 34 years at GAO, 12 years in the fraud business. I have yet to see it achieve reasonable assurance level that is also sustained across administrations. That’s where we need to be.

Terry Gerton So it sounds like a thorough addressing of fraud is a little bit like turning the Titanic. But if you could see any azimuth adjustment, what would you hope to see in the short term from the president’s initiatives?

Seto Bagdoyan Yeah, I think from that aspect of it is again, the acknowledgement that fraud is a problem and that acknowledgement has to be pushed down, sometimes kicking and screaming, but hopefully in an accepting manner that yes, we can’t, as GAO has estimated, can’t afford to lose over half a trillion dollars a year to fraud and not say it’s not a problem and play the percentage game, which is what OMB’s reaction was to that estimate. Well, it’s only 7% of the budget, and they played that percentage game which is the reddest of red herrings for me. You apply small percentages to very large numbers, you get significant numbers, you roll all those up and then you have a big fraud problem.