Blog

Pondera FraudCast Blog

rss

Pondera FraudCast

Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.


Jon Coss
Jon Coss
Pondera's FraudCast Blog
The Most Important System Feature

The Most Important System Feature

I believe that simple things can make a big difference. This week, for example, I went through self-checkout at a local grocery store and the keypad gave me the options of “debit card” or “all other tenders” to complete my transaction. “All other tenders”—who talks like that? No doubt there was a group of people that decided that, technically, “tenders” was the best word to cover all the other options. It doesn’t really matter that it makes the system more confusing. That’s my problem.

Software systems suffer from this problem perhaps more than any other consumer product. I remember the old joke about having to go to the “start” button to stop the computer. This still happens, despite the fact that experience has shown us that the single most important feature contributing to the success of software is usability.

Put simply, even the most powerful system is completely worthless if people can’t figure out how to use it. My own brother discovered this when he recently decided to switch from the iPhone to an Android phone for the additional capabilities. Not a very technical person, he quickly switched back complaining that he was utterly confused by the “full fledged computer” he was carrying around in his pocket.

At Pondera, we make the claim that our system is “built by investigators, for investigators.” And it’s true. Our most important design principle is to “mask” the underlying complexity of the system and provide analysts and investigators with an intuitive system that works the way they do. Technical people can’t do this. Data scientists can’t do this. Only investigators can do this. That’s why we hire them and task them with our most important work.
Ugly Case of Health Care Fraud

Ugly Case of Health Care Fraud

A few weeks ago, I published a blog post titled “Money Obtained Fraudulently is Rarely Used for Good Purposes”. In it, I made the argument that government fraud is a serious, and at times very ugly problem. Now I no longer have to make that argument because the United States Justice Department is making the argument for me.

Last week, the Justice Department announced the largest health care fraud case it’s ever prosecuted; one that defrauded over $1 billion over the past 14 years. The alleged perpetrators of the fraud are said to have leased private jets and chauffeured limousines. One even bought a $600,000 watch! Remember, this is your tax money we’re talking about. The system ran on a complex network of bribes and kickbacks.

And if that’s not enough, here is one of the schemes they allegedly ran. They “treated” seemingly healthy, elderly people with medications they did not need in order to create addictions which would lead to further treatments. Pure evil. Unfortunately, fraudsters are most active where large amounts of money meet vulnerable populations. This is yet another example of that and more reason for us to do what we do.
The False Positive Problem

The False Positive Problem

Last year, 60 Minutes did a segment on the impact of errors in the Social Security Administration’s Master Death File—a database that stores dates of death for Americans. The system stores 86 million records, and despite all best efforts, it still has some issues.

60 Minutes pointed out that errors in the system contribute to millions of dollars in improper payments each year. After all, the system would seem to indicate over 6.5 million Americans over the age of 111 when, in fact, there are probably fewer than 100. On the other hand, false positives where people find themselves mistakenly placed on the list, lead to nightmarish scenarios for obtaining loans, opening bank accounts, and other everyday tasks.

This story demonstrates one of the largest challenges for government agencies: how to use imperfect data sources to minimize fraud, waste, and abuse while also not “harassing” legitimate people and businesses. And unlike a private business that may view a false positive as an inconvenience (who hasn’t had to call their credit card company to say that “yes, that large ice cream purchase was legitimate”), government officials are severely criticized when they act on false positives. In effect, they are criticized for not acting and they are criticized for acting.

Pondera suggests that governments mitigate the effects of false positives by using composite indicators that draw information from multiple sources—both simple data matches like the Master Death File and more complex behavioral sources. For example, a Medicaid investigator would feel much more confident looking into a person who not only shows up on the Master Death File, but also appears to be traveling 100 miles for 20-minute doctor appointments, receives highly unusual (and expensive) procedures for their apparent diagnosis, and often sees two doctors in distant cities on the same day.

Anyone who has worked for or with government program integrity units understands the unique pressures they face. Combining available data sources with intelligent analytics can go a long way toward helping them investigate the right cases while not interfering with program delivery.
Learning from Antivirus Software

Learning from Antivirus Software

Almost everyone is familiar with antivirus software. Not everyone is familiar with how it works though. Even fewer have examined how we can apply the way antivirus software works to combat fraud. I believe that there are important lessons here which can improve our approach to fraud detection and prevention.

At a high level, antivirus software performs two important functions prior to opening a file on your computer: 1) It compares the file to known viruses and other forms of malware, and 2) It checks the file for suspicious code which may indicate a new, previously unknown virus.

The first function depends on a network of users willing to share known viruses and a system that is able to collect the virus data, design a fix, and disseminate the fix to other users prior to them being infected. The second function depends on heuristic programmers that can design systems to learn and even anticipate potential problems. Working together, this is one of the most effective ways to address the constantly changing nature of Internet malware.

Government fraud prevention, when done properly, works in a very similar manner. By examining known bad actors, bad transactions, and bad behaviors, systems can quickly compare ongoing program data to identify suspect transactions. Modern fraud detection systems also include predictive algorithms that can detect anomalies, trends, patterns, and clusters that may indicate fraud.

Unfortunately, many governments are unable, or unwilling, to share data. This limits the “network” effect that antivirus software uses so effectively. If more states and programs shared fraud schemes and findings, the library of known bad actors and methods could detect fraud and prevent it from moving from state to state and program to program.

The good news is a number of states are moving toward state-wide fraud prevention efforts and a number of government subsidy programs are moving toward cross-state fraud prevention efforts. I am confident that the future success of these efforts will promote additional sharing, leading to a larger network, and more efficient governments.
Money Obtained Fraudulently is Rarely Used for Good Purposes

Money Obtained Fraudulently is Rarely Used for Good Purposes

People often ask me if I think we can make a difference fighting fraud by stopping down-on-their-luck Americans from grabbing a few extra bucks that they are not entitled to from government programs. In fact, many people ask if it’s even the right thing to do. After all, they explain, wouldn’t anyone do the same given the circumstances?

This illustrates the common misperception that fraud is only perpetrated in small amounts by desperate people who are temporarily bending the rules. In fact, much of what we see takes place on a larger scale. And more importantly, the truth is that money obtained fraudulently is rarely used for good purposes. Examples include:

  • During a “National Counter Terrorism-Awareness Week” in 2014, government officials explained that taxpayer money was being defrauded out of government programs (including student loans) to fund terrorism. In effect, we are helping to fund groups that want to do us harm.
  • The Wall Street Journal reported on, in March 2016, the growing trend of street gangs funding activities through fraud. Fraud offers attractive forms of theft because “they are more lucrative, harder to detect and carry lighter prison sentences”.

Considering that the government distributes over two trillion dollars per year in subsidies, and considering how fraudulently obtained money can be used, it is critical that we address the issue of fraud, waste, and abuse. So to answer the questions posed earlier: Yes, I do believe we are doing the right thing, and Yes, I do believe we can make a difference.

The Internet Changes Everything

The Internet Changes Everything

Way back in 2006, I read an article in the Harvard Business Review that described how the Internet had changed the sales profession. One key observation dealt with the “de-coupling” of the sales cycle from the buying cycle. Prior to the Internet, buyers had to contact vendors for information on their products. Today, buyers do their own research and successful salespeople need to unhinge preexisting customer assumptions prior to starting their sales process.

I believe that the Internet has had an even greater impact on fraud in government benefit programs. Government agencies are under constant pressure to move applications, certifications, and other processes on line to make them more convenient for citizens and businesses. This makes perfect sense because, after all, government exists to serve the needs of the citizens. Unfortunately, moving these processes to the Internet dramatically increases the incidence of fraud.

The Internet provides a degree of anonymity that makes it extremely attractive to fraudsters. The number of fictitious businesses and “ghost beneficiaries” in government programs has exploded in recent years. Many of our customers deal with applications associated with out-of-state or out-of-country IP addresses. Others come from deceased or incarcerated individuals. Still others show indicators of originating in “sweat shops” that create bulk applications and claims.

Just like the salesman that had to adjust to the new sales cycle, it’s important that government program integrity staff adjust to the changing fraud landscape. IP spoofing, anonymous email services, and the wide availability of stolen identities are realities in the post-Internet fraud market. Relying solely on the traditional detection and investigation techniques is no different than the sales person who thinks their prospect hasn’t done any of their own research.
SaaS Procurement Recommendations

SaaS Procurement Recommendations

This week, my company is responding to an RFP for SaaS fraud detection services. While we are thankful for the opportunity to respond, the RFP and its process also illustrates the need for governments to adjust their procurement processes with the advent of cloud computing. After all, we responded to the RFI for this procurement over two years ago!

This means that the current solicitation is at least partly based on product capabilities from early 2014. While this might not be a big problem for traditional IT projects, this is a lifetime in SaaS. In fact, if a SaaS solution offered mostly similar functionality over a two-year period, I’d recommend not selecting that solution. Effective SaaS solutions push new features in days and weeks, not months or years.

With this background in mind, I’d like to propose that governments consider the following three modifications to their procurement policies. Some of these changes may require assistance from legislative bodies and funding organizations in addition to procurement professionals.

1. Reduce the time between RFI and RFP: This will help governments avoid building their requirements on functionality that has long since been replaced. SaaS functionality is a moving target – it’s supposed to be.

2. Smooth out funding over multiple years: Traditional IT projects required large upfront implementation costs followed by lower ongoing support, maintenance, and operations costs (assuming the initial implementation was successful). SaaS solutions spread the cost more evenly over time as the solution continues to improve.

3. Make sure your staff is ready when you award: True SaaS solutions can be implemented quickly, often in as few as 120 days. By the time you award a project, you should be ready to discuss security plans, access the required program data, assign staff (not just project staff but system users), and address many other details that could often be delayed in lengthy IT projects.
The Problem With Knowing What You Know

The Problem With Knowing What You Know

I bet you cna’t bvleiee taht you can uesdtannrd waht you are rdnaieg. Unisg the icndeblire pweor of the hmuan mnid, aocdcrnig to rseecrah at Cmabrigde Uinervtisy, it dseno't mttaer in waht oderr the lterets in a wrod are, the olny irpoamtnt tihng is taht the frsit and lsat ltteer be in the rhgit pclae. The rset can be a taotl mses and you can sitll raed it whoutit a pboerlm. Tihs is bucseae the huamn mnid deos not raed ervey ltteer by istlef, but the wrod as a wlohe.

The preceding paragraph, which has made its way around the Internet for years, can be really fun to share with friends. However, it also serves as a caution to anyone involved in fraud detection. In many ways, bad actors, knowingly or unknowingly, have depended on how the human mind works to perpetrate fraud schemes. Like the old expression goes, sometimes the best place for fraud to hide is in plain sight.

This is especially true in government programs that process massive amounts of transactions and must adhere to a staggering number of program regulations. Traditional “top down” systems can analyze large data sets and find nothing wrong (after all, the first and last letters are in the right place). “Bottom Up” systems, on the other hand, will identify individual problems (the word is scrambled) but may miss the patterns in the data (this entire paragraph is scrambled). A common example of this is the medical provider that always “flies just below the radar” by maximizing claim amounts and frequencies.

The best detection processes take both a “top down” and “bottom up” approach. They can identify individual transaction problems as well as identify patterns of bad behavior over time. In this way, you can make the old “80-20” rule work in your favor. 80% of improper payments are likely caused by 20% of program participants. If you only address each individual transaction, you’ll never run out of work but you also never really improve your program integrity efforts.

Click here for an infographic on the "80-20 rule".
New Age of Identity Theft Problems

New Age of Identity Theft Problems

Remember back to last year when the IRS announced that cyber thieves stole personal data from 100,000 taxpayers? This sophisticated scheme accumulated personal data from other sites and used it to answer identity validation questions on the IRS web site to gain access to taxpayer accounts.

The 100,000 taxpayers affected? The IRS revised that number later in the year to 334,000 Last week they raised the number again to more than 700,000! Combine this with the high-profile hacks at Sony, Target, Anthem, and other organizations and one thing becomes very clear: bad actors are rapidly improving their identity theft methods.

In response, government agencies need to prepare for an onslaught of fraudulent tax returns, unemployment claims, Medicaid treatments, and other services. In 2015, the IRS paid out $5.8 billion in fraudulent returns. Several of Pondera’s clients also saw dramatic increases in “ghost” beneficiaries, often paired with fictitious businesses, set up solely to defraud government programs. 2016 promises to be even more problematic.

As program integrity experts, we have to recognize that we are moving into a new age of identity theft problems. We can log on to YouTube and watch a music video about Unemployment Insurance Fraud. CNN has run stories on street gangs trading liquor store holdups for benefits fraud. The barbarians are at the gate and it’s our responsibility to strengthen the defenses.
Implementing a permanent economic stimulus package

Implementing a permanent economic stimulus package

In 2009, congress enacted the American Recovery and Reinvestment Act (ARRA), also known as the Stimulus, to bolster the economy and help America recover from the Great Recession. The idea was that various tax credits, business incentives, and public works projects would stimulate the economy while also improving the nation’s infrastructure. While arguments continue over the effectiveness of the program, it is estimated to cost nearly $100 million annually for 10 years.

Today, seven years after ARRA was enacted, I think about the economic impact we could achieve through the eradication of overpayments in government programs. The government estimates that over $125 billion in FY 2015 were paid improperly. This number, even after subtracting the underpayments that are also counted in improper payments, is larger than the highly controversial ARRA spending totals. In effect, by eliminating FWA from government programs, we could implement a permanent economic stimulus!

I know that it is unrealistic to think that we could completely eliminate improper payments. But I also know that we can make drastic improvements by increasing our support for program integrity efforts and by continuing to develop and implement innovative detection solutions. It would also help if legislative bodies approved processes to support agency collection and enforcement efforts. I realize this sounds like a lot of work. But it seems to me that a permanent economic stimulus is worth every bit of effort.

Newsletter

Keep up on our always evolving product features and technology. Enter your e-mail and subscribe to our newsletter.

Email:

About Our Company

Pondera leverages advanced prediction algorithms and the power of cloud computing to combat fraud, waste, and abuse in government programs.



Get in touch

  • Sacramento Address: 11290 Pyrites Way, Suite 100, Gold River, CA 95670

  • Phone: (916) 389-7800

  • Email: info@ponderasolutions.com

Follow Us