Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
It has been an interesting few weeks for the Supplemental Nutrition Assistance Program (SNAP), formerly known as the Food Stamp program, with two high profile busts. Both cases illustrate common schemes used to defraud the SNAP program, which distributed over $70 billion in food-purchasing assistance last year to 44 million Americans.
In Georgia, two convenience store owners used stolen identities to apply for SNAP benefits which were then loaded onto EBT cards (similar to credit cards) and mailed to addresses they controlled. Once received, they swiped the cards at their own convenience stores and pocketed over $800,000 before being caught. The U.S. Attorney assigned to the case said, “They used the SNAP system as an ATM for their personal gain, diverting critical benefits that help those who need assistance in our communities.”
Then, in Delaware, seven case workers at the Department of Health and Social Services were indicted for creating 100 fake accounts and cashing $959,000 in benefits. After creating the accounts, the case workers had the EBT cards mailed to state service centers where they simply intercepted them and used the cards themselves. Their scheme was detected when a supervisor noticed incomplete application data for one of the cards.
The Georgia case illustrates just how easy it can be (at least for a time) to use stolen identities to defraud government programs. Even if the suspects hadn't owned the convenience stores, it would not have been difficult for them to find one that would pay them a discounted price in cash for their cards.
The Delaware case is one we commonly see across states and programs where unscrupulous employees use their knowledge of the system to defraud their own government agency. Large amounts of money, combined with loose supervision, often prove too tempting for those with questionable morals.
A quick check of the government’s fraud reporting website, paymentaccuracy.gov, reveals that improper payment rates for SNAP are still not posted because of reporting problems. I look forward to updated numbers when they are available because even a small number like the 3.2% reported rate for 2014 translates to over $2.2 billion per year in improper payments.
While I don’t often review books on this blog, I feel compelled to share my thoughts on American Kingpin by Nick Bilton, which chronicles the history of the Silk Road. For those who don’t know, the Silk Road was a market on the dark web that sold drugs, weapons, poisons, and even human body parts. By the time it was shut down in 2013, the site was selling over $1 billion per year.
The book offers fascinating insights into the dark web, the libertarian creator of the site, the investigators who worked to shut it down, and the political schisms that often make it possible to run sites like the Silk Road. And of course, the book has great relevance to the fraud detection business because fraudsters often acquire identities on the dark web to create fictitious businesses, file for tax refunds, and make fake unemployment insurance claims.
While American Kingpin ended with the shutdown of the Silk Road and the prosecutions of the major actors behind the market, it is important to note that similar sites continue to operate on the dark web. In fact, just days after I finished reading the book, Attorney General Jeff Sessions announced that the FBI had shut down a similar site 10 times the size of the Silk Road. At the time this site was shut down last month, it contained 369,000 listings for drugs, weapons, malware, chemicals, counterfeit items, and more.
This is a sobering reminder of the challenges facing law enforcement when dealing with anonymous browsers like TOR, the Bitcoin cryptocurrency, and international crime rings. The dark web is not going away. Neither is the demand for illicit items. It will be interesting to see how this “cat and mouse” games plays out over the coming years.
Another federal subsidy program is garnering congressional attention for large amounts of fraud, waste, and abuse. This time it’s the Lifeline program that provides discounts to low-income households for home or wireless telephone and broadband service. This program, which many Americans have likely never heard of, distributed $1.5 billion in subsidies to 12.3 million households in 2016.
The problem is that a recent study by the General Accounting Office (GAO) could not confirm the eligibility of a whopping 36% of program beneficiaries. The surprising part of this is that validating eligibility is as straightforward as checking an applicant’s enrollment form against a qualifying benefit program, such as Medicaid-- if someone has already been deemed eligible for Medicaid, then they are also eligible for Lifeline.
It is also troubling to note that the 84-page GAO report comes after a 2010 study that found problems with the program and led to a number of recommended reforms in 2012. Fast forward five years to today, and the problems persist.
Fraud in Lifeline stems from several factors common to most government programs: pressure to distribute timely benefits, a lack of effective data matching, and service providers (in this case telecommunications carriers) that benefit from a lack of control. The GAO actually called this last one out in their report when they explained that “companies may have financial incentives to enroll as many customers as possible” despite questionable eligibility.
None of the problems outlined in the report are particularly difficult to solve from a technical standpoint. But turf battles often lead to data sharing problems that lead to eligibility validation issues. And an unwillingness to enforce fraud reforms on businesses provides them with incentives to simply “look the other way”. Multiply this problem over the 2,300 federal subsidy programs operating today, and this adds up to a lot of money, all lost due to fraudulent, wasteful behavior.
Last week, the Department of Justice announced that they had made the largest “National Health Care Fraud Takedown” in history. In all, the DOJ brought charges against 412 people in 30 states responsible for $1.3 billion in false billings. Those charged included 115 doctors, nurses, and other licensed health care providers.
Many of those busted included operators of clinics that were alleged to be illegally distributing prescription opioids—a subject that we address all too often in this blog. One Houston clinic simply sold the opioids to a room packed full of addicts and drug dealers. Another clinic in Palm Beach, FL recruited addicts by offering them drugs and visits to strip clubs. There were even cases of single doctors prescribing more medications than entire hospitals.
In their press release, the DOJ points out that 59,000 Americans died last year from opioid related drug overdoses. Many of these were from prescription opioids. This is clearly a growing problem in our country and we applaud the DOJ, HHS, and law enforcement for their efforts in this takedown. This, and similar busts, should send a strong message to the bad actors in America’s health care system.
It is important to note, however, that we still have a lot of work ahead of us. As large as these takedown numbers are, one must consider that they still represent only a small percentage of the problem. The government’s own Paymentaccuracy.gov website assigns $96 billion per year in overpayments for Medicare Fee-for-Service, Medicaid, Medicare Advantage (Part C), and the Medicare Prescription Drug Benefit (Part D). So even if all of the $1.3 billion from this bust was falsely billed in one year (which it wasn’t), it would still represent only 1.35% of the total estimated problem.
I, for one, am hoping that this is simply one of many steps in the right direction.
After one of the nuttier fraud busts in recent memory, the FBI is searching for former Kentucky attorney Eric Conn, who recently pled guilty to committing over $600 million in Disability Insurance fraud. For 10 years, Conn perpetrated his scheme by bribing a doctor and several judges to approve his clients’ disability claims. In all, he represented 1,700 of these claimants.
After pleading guilty and securing his $1.25 million bail with the equity in his home, the appropriately named Conn simply cut off his GPS monitoring bracelet and skipped town. He unfortunately had to leave behind his mobile home law office including his replicas of the statue of Liberty and the Lincoln Memorial he kept out front.
In his time as an attorney, he hired B-list celebrities for television commercials and described himself as “Superman without a cape” ... and without a conscience apparently. He even performed rap songs in English and Spanish, claiming that he learned Spanish off a tape.
Two aspects of this case really bother me, outside of the crime itself of course. One is that Conn could commit such brazen fraud over a period of 10 years without being prosecuted. The other is that his bail was set low enough that he was easily able to take off.
Both of these facts illustrate the struggles that many of our clients face when dealing with fraud. Until we, as a country, decide to provide more funds to quickly detect fraud and decide to impose more serious penalties to those who commit fraud, we’ll continue to read about these cases. For now, I can only hope that the FBI catches up with Conn before he is able to do more damage.
Regular readers of our blog know that Pondera has strong feelings about the need to protect the elderly from abuses while they are being cared for in facilities and their homes. In fact, in April of this year we wrote about the devastating abuses in nursing homes that continue to plague the elderly. Now, a number of states are stepping up the pressure on the federal government to allow them to more effectively fight the problem.
In a letter dated May 11th, 37 states’ attorney generals requested that the U.S. Department of Health and Human Services eliminate several restrictions on the use of Medicaid Fraud Control Unit (MFCU) funds. In the letter, they point out that 10% of elderly Medicaid recipients who receive care in their homes will be abused. They also cite a report that indicates that only 1 in 24 incidents are ever reported.
Specifically, the states asked for the ability to use the funds to “investigate and prosecute abuse and neglect of Medicaid beneficiaries in non-institutional settings” and to “screen complaints or reports alleging potential abuse or neglect”. In effect, this would allow the states to close “loopholes” in the use of MFCU funds that were previously only available to investigate abuses in facilities. And they point out that Medicaid currently covers over 6.4 million people over the age of 65.
At Pondera, we are pleased to see this increased attention by the MFCU. In addition to physical abuse, we also see other types of in-home abuses including identity theft (often strong-armed) that leads to theft from other government programs. We applaud the states’ continuing efforts to address this heinous problem and hope their progress is dramatic and expedient.
As a resident of California, I took personal interest in a recent bill introduced to the legislature that would create a drugged driving task force and the use of oral swabs to help identify drivers under the influence of drugs. Californians, after all, approved the use of recreational marijuana in last November’s elections.
This bill follows a recent study showing that drugged driving deaths have now passed drunk driving deaths, with a whopping 43% of fatalities in 2015 showing the use of a legal or illegal drug. This all makes me wonder just how lawmakers, law enforcement, and the courts are going to handle field sobriety tests in the future.
After all, the cheek swab test used to test for cannabis cannot test for alcohol and many other drugs. And we’ve written on this blog many times about the dangers of and rise in the use of opioids. With all these “choices”, it appears that officers may need to administer multiple tests (alcohol, opioids, cannabis, etc.) to identify potential influences affecting a driver.
While it would be nice to think that drivers would act responsibly, history shows us this is not the case. In Colorado, for example, CDOT conducted a study that revealed that 55% of marijuana users believed it was safe to drive under the influence of marijuana. And the number of fatalities with active THC has increased 250% from 2013 – 2015. While I know that this doesn’t necessarily prove causation, to me at least, it certainly provides reasons for concern.
A recent Cambridge University study revealed what many of us already know: each time we “like” a Facebook post, we are revealing something about ourselves. The results of the study were pretty jarring though as researchers found that Facebook “knows” their customers quite well with a just a small number of likes:
10 likes: as well as a colleague
70 likes: as well as a close friend
150 likes: as well as your parents
300 likes: as well as your spouse
This data can be used to predict gender, sexual orientation, political affiliations, and other important personal details. In fact, Facebook recently came under considerable criticism for research designed to identify psychological states of teenagers that could potentially be used for targeted advertising.
Analyzing social media data certainly presents opportunities for good, such as predicting and tracking influenza outbreaks. In many ways, it offers the digital version of predicting future behaviors, replacing anecdotal methods such as that of a friend of mine who claimed he could predict future prison riots by analyzing canteen purchases (inmates would stock up on supplies anticipating a future lockdown).
Regardless of how you feel about social media, it’s important to know that each time you press the enter key, you are revealing a little bit more about yourself – even to people you will never meet. This may not be a bad thing… but it is a thing.
By this time, just about everyone has watched or read a news report about the WannaCry ransomware attack that hit the world’s computer networks on May 12th. Multiple variants of the program will likely attack computers for the foreseeable future, forcing individuals to pay bitcoin ransom or lose their data and causing serious harm to businesses including hospitals and governments.
Plenty has been written about the source of the attack and how it works. So, while every “connected” person should read about WannaCry to help protect themselves against future attacks, I don’t see any need to cover this ground here. For me, though, two interesting facets of the story really stand out.
First, I find it fascinating and somewhat inspiring that the attack was stopped by a 22-year-old vacationing cyber analyst who goes by the name MalwareTech; with assistance from his colleague Kafeine. These two, and countless others, operate in a world that most of us know almost nothing about to keep our systems safe. It reminds me of the classic Jack Nicholson speech from “A Few Good Men” where he excoriates Tom Cruise for challenging him while he protects our safety. Of course, in this example, there is no evidence of MalwareTech or Kafeine “fragging” any of their tech colleagues.
The second interesting point I took form this attack was that most of us could have protected ourselves simply by updating our operating systems and virus protection software. This is a conversation I’ve had innumerable times with my own family. Of course, this also puts software manufacturers in the difficult position of patching years-old operating systems to accommodate those who won’t or can’t upgrade.
Bottom line for me: this is just another reminder to remain vigilant and to be thankful for the computer techs who have dedicated their careers to protecting us from those who have chosen to attack us. I hope you can “handle that truth”.
One of my favorite websites, paymentaccuracy.gov, has received a number of updates which may provide some insight into the current administration’s priorities. If you haven’t done so already, I encourage you to visit the site as it provides improper payment information on the government’s high-priority programs: those that report over $750 million of improper payments in a year or have not established or reported on their error rates.
The current version of the site includes many of the usual suspects including Medicaid ($36.3 billion in errors), Medicare fee-for-service ($41.1 billion), and the Earned Income Tax Credit ($16.8 billion with a whopping 24% error rate). SNAP continues to be listed but still does not provide relative numbers because of inaccurate state reporting—something we have discussed in previous posts.
Other items of note are the inclusion of three Veterans Affairs programs for Disability Compensation, Community Care, and Purchased Long Term Services and Support. While the .59% error rate on the $64 billion Disability Compensation plan appears surprisingly low, the 75.86% error rate for the $4.7 billion Community Care program is likely the result of new reporting requirements… at least I genuinely hope so.
Other high error-rate programs include school nutrition services (both breakfast and lunch), student loan programs, and Unemployment Insurance which ticked up to 11.65% this year.
Regardless of political leanings, I think we can all agree that we want our tax dollars going to those who need them the most. And the transparency provided by paymentaccuracy.gov is a great step toward this goal. My hope is that the government will continue to provide easy access to this information. I am still disappointed each time I visit the expectmore.gov website (which reports on program performance, not just fraud, waste, and abuse) where I see the following message:
“Expect More.gov was an initiative of the George W. Bush administration. This website has been archived and is posted here as an historical resource. It has not been updated since the end of 2008 and links to many external websites and some internal pages will not work.”