Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
Another federal subsidy program is garnering congressional attention for large amounts of fraud, waste, and abuse. This time it’s the Lifeline program that provides discounts to low-income households for home or wireless telephone and broadband service. This program, which many Americans have likely never heard of, distributed $1.5 billion in subsidies to 12.3 million households in 2016.
The problem is that a recent study by the General Accounting Office (GAO) could not confirm the eligibility of a whopping 36% of program beneficiaries. The surprising part of this is that validating eligibility is as straightforward as checking an applicant’s enrollment form against a qualifying benefit program, such as Medicaid-- if someone has already been deemed eligible for Medicaid, then they are also eligible for Lifeline.
It is also troubling to note that the 84-page GAO report comes after a 2010 study that found problems with the program and led to a number of recommended reforms in 2012. Fast forward five years to today, and the problems persist.
Fraud in Lifeline stems from several factors common to most government programs: pressure to distribute timely benefits, a lack of effective data matching, and service providers (in this case telecommunications carriers) that benefit from a lack of control. The GAO actually called this last one out in their report when they explained that “companies may have financial incentives to enroll as many customers as possible” despite questionable eligibility.
None of the problems outlined in the report are particularly difficult to solve from a technical standpoint. But turf battles often lead to data sharing problems that lead to eligibility validation issues. And an unwillingness to enforce fraud reforms on businesses provides them with incentives to simply “look the other way”. Multiply this problem over the 2,300 federal subsidy programs operating today, and this adds up to a lot of money, all lost due to fraudulent, wasteful behavior.
Last week, the Department of Justice announced that they had made the largest “National Health Care Fraud Takedown” in history. In all, the DOJ brought charges against 412 people in 30 states responsible for $1.3 billion in false billings. Those charged included 115 doctors, nurses, and other licensed health care providers.
Many of those busted included operators of clinics that were alleged to be illegally distributing prescription opioids—a subject that we address all too often in this blog. One Houston clinic simply sold the opioids to a room packed full of addicts and drug dealers. Another clinic in Palm Beach, FL recruited addicts by offering them drugs and visits to strip clubs. There were even cases of single doctors prescribing more medications than entire hospitals.
In their press release, the DOJ points out that 59,000 Americans died last year from opioid related drug overdoses. Many of these were from prescription opioids. This is clearly a growing problem in our country and we applaud the DOJ, HHS, and law enforcement for their efforts in this takedown. This, and similar busts, should send a strong message to the bad actors in America’s health care system.
It is important to note, however, that we still have a lot of work ahead of us. As large as these takedown numbers are, one must consider that they still represent only a small percentage of the problem. The government’s own Paymentaccuracy.gov website assigns $96 billion per year in overpayments for Medicare Fee-for-Service, Medicaid, Medicare Advantage (Part C), and the Medicare Prescription Drug Benefit (Part D). So even if all of the $1.3 billion from this bust was falsely billed in one year (which it wasn’t), it would still represent only 1.35% of the total estimated problem.
I, for one, am hoping that this is simply one of many steps in the right direction.
After one of the nuttier fraud busts in recent memory, the FBI is searching for former Kentucky attorney Eric Conn, who recently pled guilty to committing over $600 million in Disability Insurance fraud. For 10 years, Conn perpetrated his scheme by bribing a doctor and several judges to approve his clients’ disability claims. In all, he represented 1,700 of these claimants.
After pleading guilty and securing his $1.25 million bail with the equity in his home, the appropriately named Conn simply cut off his GPS monitoring bracelet and skipped town. He unfortunately had to leave behind his mobile home law office including his replicas of the statue of Liberty and the Lincoln Memorial he kept out front.
In his time as an attorney, he hired B-list celebrities for television commercials and described himself as “Superman without a cape” ... and without a conscience apparently. He even performed rap songs in English and Spanish, claiming that he learned Spanish off a tape.
Two aspects of this case really bother me, outside of the crime itself of course. One is that Conn could commit such brazen fraud over a period of 10 years without being prosecuted. The other is that his bail was set low enough that he was easily able to take off.
Both of these facts illustrate the struggles that many of our clients face when dealing with fraud. Until we, as a country, decide to provide more funds to quickly detect fraud and decide to impose more serious penalties to those who commit fraud, we’ll continue to read about these cases. For now, I can only hope that the FBI catches up with Conn before he is able to do more damage.
Regular readers of our blog know that Pondera has strong feelings about the need to protect the elderly from abuses while they are being cared for in facilities and their homes. In fact, in April of this year we wrote about the devastating abuses in nursing homes that continue to plague the elderly. Now, a number of states are stepping up the pressure on the federal government to allow them to more effectively fight the problem.
In a letter dated May 11th, 37 states’ attorney generals requested that the U.S. Department of Health and Human Services eliminate several restrictions on the use of Medicaid Fraud Control Unit (MFCU) funds. In the letter, they point out that 10% of elderly Medicaid recipients who receive care in their homes will be abused. They also cite a report that indicates that only 1 in 24 incidents are ever reported.
Specifically, the states asked for the ability to use the funds to “investigate and prosecute abuse and neglect of Medicaid beneficiaries in non-institutional settings” and to “screen complaints or reports alleging potential abuse or neglect”. In effect, this would allow the states to close “loopholes” in the use of MFCU funds that were previously only available to investigate abuses in facilities. And they point out that Medicaid currently covers over 6.4 million people over the age of 65.
At Pondera, we are pleased to see this increased attention by the MFCU. In addition to physical abuse, we also see other types of in-home abuses including identity theft (often strong-armed) that leads to theft from other government programs. We applaud the states’ continuing efforts to address this heinous problem and hope their progress is dramatic and expedient.
As a resident of California, I took personal interest in a recent bill introduced to the legislature that would create a drugged driving task force and the use of oral swabs to help identify drivers under the influence of drugs. Californians, after all, approved the use of recreational marijuana in last November’s elections.
This bill follows a recent study showing that drugged driving deaths have now passed drunk driving deaths, with a whopping 43% of fatalities in 2015 showing the use of a legal or illegal drug. This all makes me wonder just how lawmakers, law enforcement, and the courts are going to handle field sobriety tests in the future.
After all, the cheek swab test used to test for cannabis cannot test for alcohol and many other drugs. And we’ve written on this blog many times about the dangers of and rise in the use of opioids. With all these “choices”, it appears that officers may need to administer multiple tests (alcohol, opioids, cannabis, etc.) to identify potential influences affecting a driver.
While it would be nice to think that drivers would act responsibly, history shows us this is not the case. In Colorado, for example, CDOT conducted a study that revealed that 55% of marijuana users believed it was safe to drive under the influence of marijuana. And the number of fatalities with active THC has increased 250% from 2013 – 2015. While I know that this doesn’t necessarily prove causation, to me at least, it certainly provides reasons for concern.
A recent Cambridge University study revealed what many of us already know: each time we “like” a Facebook post, we are revealing something about ourselves. The results of the study were pretty jarring though as researchers found that Facebook “knows” their customers quite well with a just a small number of likes:
10 likes: as well as a colleague
70 likes: as well as a close friend
150 likes: as well as your parents
300 likes: as well as your spouse
This data can be used to predict gender, sexual orientation, political affiliations, and other important personal details. In fact, Facebook recently came under considerable criticism for research designed to identify psychological states of teenagers that could potentially be used for targeted advertising.
Analyzing social media data certainly presents opportunities for good, such as predicting and tracking influenza outbreaks. In many ways, it offers the digital version of predicting future behaviors, replacing anecdotal methods such as that of a friend of mine who claimed he could predict future prison riots by analyzing canteen purchases (inmates would stock up on supplies anticipating a future lockdown).
Regardless of how you feel about social media, it’s important to know that each time you press the enter key, you are revealing a little bit more about yourself – even to people you will never meet. This may not be a bad thing… but it is a thing.
By this time, just about everyone has watched or read a news report about the WannaCry ransomware attack that hit the world’s computer networks on May 12th. Multiple variants of the program will likely attack computers for the foreseeable future, forcing individuals to pay bitcoin ransom or lose their data and causing serious harm to businesses including hospitals and governments.
Plenty has been written about the source of the attack and how it works. So, while every “connected” person should read about WannaCry to help protect themselves against future attacks, I don’t see any need to cover this ground here. For me, though, two interesting facets of the story really stand out.
First, I find it fascinating and somewhat inspiring that the attack was stopped by a 22-year-old vacationing cyber analyst who goes by the name MalwareTech; with assistance from his colleague Kafeine. These two, and countless others, operate in a world that most of us know almost nothing about to keep our systems safe. It reminds me of the classic Jack Nicholson speech from “A Few Good Men” where he excoriates Tom Cruise for challenging him while he protects our safety. Of course, in this example, there is no evidence of MalwareTech or Kafeine “fragging” any of their tech colleagues.
The second interesting point I took form this attack was that most of us could have protected ourselves simply by updating our operating systems and virus protection software. This is a conversation I’ve had innumerable times with my own family. Of course, this also puts software manufacturers in the difficult position of patching years-old operating systems to accommodate those who won’t or can’t upgrade.
Bottom line for me: this is just another reminder to remain vigilant and to be thankful for the computer techs who have dedicated their careers to protecting us from those who have chosen to attack us. I hope you can “handle that truth”.
One of my favorite websites, paymentaccuracy.gov, has received a number of updates which may provide some insight into the current administration’s priorities. If you haven’t done so already, I encourage you to visit the site as it provides improper payment information on the government’s high-priority programs: those that report over $750 million of improper payments in a year or have not established or reported on their error rates.
The current version of the site includes many of the usual suspects including Medicaid ($36.3 billion in errors), Medicare fee-for-service ($41.1 billion), and the Earned Income Tax Credit ($16.8 billion with a whopping 24% error rate). SNAP continues to be listed but still does not provide relative numbers because of inaccurate state reporting—something we have discussed in previous posts.
Other items of note are the inclusion of three Veterans Affairs programs for Disability Compensation, Community Care, and Purchased Long Term Services and Support. While the .59% error rate on the $64 billion Disability Compensation plan appears surprisingly low, the 75.86% error rate for the $4.7 billion Community Care program is likely the result of new reporting requirements… at least I genuinely hope so.
Other high error-rate programs include school nutrition services (both breakfast and lunch), student loan programs, and Unemployment Insurance which ticked up to 11.65% this year.
Regardless of political leanings, I think we can all agree that we want our tax dollars going to those who need them the most. And the transparency provided by paymentaccuracy.gov is a great step toward this goal. My hope is that the government will continue to provide easy access to this information. I am still disappointed each time I visit the expectmore.gov website (which reports on program performance, not just fraud, waste, and abuse) where I see the following message:
“Expect More.gov was an initiative of the George W. Bush administration. This website has been archived and is posted here as an historical resource. It has not been updated since the end of 2008 and links to many external websites and some internal pages will not work.”
Last month CNN published a horrifying report on sexual abuse in America’s nursing homes and assisted living facilities. The report provided details on dozens of assaults, rapes, and other incidents that, quite frankly, were extremely difficult to read. In my opinion, however, this level of detail is probably necessary to shock people into taking action against what CNN rightly labelled “an unchecked epidemic”.
The numbers themselves are devastating. Approximately one million senior citizens are currently residing in 15,000 government-regulated long term care facilities. Since 2000, it appears that over 16,000 cases of sexual abuse have been reported, but the number is probably higher because of complex reporting systems and processes. And it’s impossible to determine the number of unreported cases.
Between 2013 – 2016, CNN found that 1,000 government-regulated facilities had been cited for mishandling or failing to prevent sexual assaults. 100 of the facilities had been cited numerous times. And despite this, only 226 facilities were fined just $9 million. Only 16 of the facilities were cut off from Medicaid and Medicare!
What is equally disturbing to the actual cases of abuse is the blatant disregard of safeguards and even the intentional impeding of investigations. Consider a case here in California where the employer allowed a nurse to continue working for weeks after reports of him kissing and fondling a female resident. This crime, by the way, resulted in only a $27,000 fine.
At Pondera, we often say that fraud and abuse is most prevalent at the intersection of large amounts of money and vulnerable populations. This makes nursing homes “ground zero” for abuse because it is here that the escalating costs of long term care combine with dementia and other health issues that can make senior citizens problematic witnesses.
Among several recommendations made by CNN was a call for improved reporting systems. We agree that this is an important piece of the solution. It will provide greater transparency and help regulators identify trends and clusters of abuse. But clearly, stricter oversite and enforcement are needed. So too is the type of no-nonsense reporting that CNN did for this report.
It’s April, which every year brings more news about tax fraud scandals. The news this year, however, is even more disturbing than expected. IBM’s X-Force threat intelligence group released a report last week that showed a 6,000% increase in spam emails designed to steal information from W-2s and other tax documents. Last year, these criminals “earned” over $3 billion through similar scams. And if you were one of the victims, then you are already familiar with the hassles of having your return stolen or a completely false one filed using your identity.
The continuing use of the Dark Web is a major factor behind the acceleration in this form of cybercrime. Stolen identities that include tax information are currently fetching around $40 on illicit marketplaces. While this may not seem like much, it is extremely lucrative when a fishing scam succeeds at stealing thousands of identities. So lucrative, in fact, that would-be scammers can even visit the Dark Web to buy online tutorials on how to perpetrate tax fraud.
Popular scams this year include sending emails that appear to be sent from TurboTax and other tax preparation companies. The hope is that you respond because you use that tax service. So-called spearfishing scams are also targeting corporate human resource departments. They will often send an email to an HR manager, seemingly from a member of the company’s executive staff, requesting W-2 and other tax information on the company’s employees.
Cybercriminals will continue to hone their skills resulting in more convincing emails and websites. They will continue to take advantage of technologies that allow them to increase the number of outbound messages. And they will continue to learn and share new techniques on the Dark Web. This means that all of us, as businesses and as private citizens, need to step up our efforts to protect data. These days, it’s no longer just “a fool and his money” who are soon parted.