10 March The Problem With Knowing What You Know March 10, 2016By Jon Coss - Blog Manager General, innovative detection solutions, program integrity 80-20 rule, bad actors, fraud, fraud detection, fraud schemes 0 I bet you cna’t bvleiee taht you can uesdtannrd waht you are rdnaieg. Unisg the icndeblire pweor of the hmuan mnid, aocdcrnig to rseecrah at Cmabrigde Uinervtisy, it dseno't mttaer in waht oderr the lterets in a wrod are, the olny irpoamtnt tihng is taht the frsit and lsat ltteer be in the rhgit pclae. The rset can be a taotl mses and you can sitll raed it whoutit a pboerlm. Tihs is bucseae the huamn mnid deos not raed ervey ltteer by istlef, but the wrod as a wlohe.The preceding paragraph, which has made its way around the Internet for years, can be really fun to share with friends. However, it also serves as a caution to anyone involved in fraud detection. In many ways, bad actors, knowingly or unknowingly, have depended on how the human mind works to perpetrate fraud schemes. Like the old expression goes, sometimes the best place for fraud to hide is in plain sight.This is especially true in government programs that process massive amounts of transactions and must adhere to a staggering number of program regulations. Traditional “top down” systems can analyze large data sets and find nothing wrong (after all, the first and last letters are in the right place). “Bottom Up” systems, on the other hand, will identify individual problems (the word is scrambled) but may miss the patterns in the data (this entire paragraph is scrambled). A common example of this is the medical provider that always “flies just below the radar” by maximizing claim amounts and frequencies.The best detection processes take both a “top down” and “bottom up” approach. They can identify individual transaction problems as well as identify patterns of bad behavior over time. In this way, you can make the old “80-20” rule work in your favor. 80% of improper payments are likely caused by 20% of program participants. If you only address each individual transaction, you’ll never run out of work but you also never really improve your program integrity efforts.Click here for an infographic on the "80-20 rule". Related Posts What do Competitive Running and Fraud Detection Have in Common? I read with great interest the story this month about a woman who cheated her way to a second-place finish in the Fort Lauderdale half marathon. After posting a time of 1 hour and 21 minutes, the website www.marathoninvestigation.com revealed several problems with the woman’s results including: the race statistics she posted to a website were manually entered (versus those calculated by her GPS), a second set of results she posted seemed more consistent with a bike ride, and a zoomed photo of her post race wristwatch revealed that she ran only 11.65 miles of the 13.1 mile race. This evidence led to an admission and apology by the runner.What I find interesting about this incident is how indicative it is of the ever-increasing power of data. While runners collect data to help them train and perform better, it can also be used to uncover cheating and fraud. This is no different in government subsidy programs, like Medicaid and welfare systems. Governments collect data to help them improve service delivery to their constituents, and with modern technologies, the data can also reveal fraudulent anomalies and patterns.Of course, bad actors who want to defraud programs are aware of the increased use of data to catch them. Gone are the days when they can blatantly abuse government systems knowing that the size and complexity of the programs would make it nearly impossible to catch the cheats. In running, who would dare to repeat Rosie Ruiz’s 1980 Boston Marathon “victory” where she was spotted riding the subway with her runner’s bib? Instead, bad actors often “fly under the radar” – stealing smaller amounts over longer periods of time to avoid being noticed. Second place in the Fort Lauderdale Marathon is certainly “under the radar” compared to a victory in the Boston Marathon.So, now that our fraud detection capabilities can catch bad actors who boldly fly above the radar and those who strategically fly below the radar, one would hope that it would lead to decreases in fraud attempts. But I also know that making fraud harder to commit rarely turns fraudsters into honest and contributing members of society. It just makes them work harder. This simple fact provides us with the incentive to continually improve on our technologies and approaches. This is one war we fully intend to win. What Social Media Tells the World About You A recent Cambridge University study revealed what many of us already know: each time we “like” a Facebook post, we are revealing something about ourselves. The results of the study were pretty jarring though as researchers found that Facebook “knows” their customers quite well with a just a small number of likes:10 likes: as well as a colleague70 likes: as well as a close friend150 likes: as well as your parents300 likes: as well as your spouseThis data can be used to predict gender, sexual orientation, political affiliations, and other important personal details. In fact, Facebook recently came under considerable criticism for research designed to identify psychological states of teenagers that could potentially be used for targeted advertising.Analyzing social media data certainly presents opportunities for good, such as predicting and tracking influenza outbreaks. In many ways, it offers the digital version of predicting future behaviors, replacing anecdotal methods such as that of a friend of mine who claimed he could predict future prison riots by analyzing canteen purchases (inmates would stock up on supplies anticipating a future lockdown).Regardless of how you feel about social media, it’s important to know that each time you press the enter key, you are revealing a little bit more about yourself – even to people you will never meet. This may not be a bad thing… but it is a thing. Flying Pigs with Unicorn Horns Earlier this week, I was surfing one of Pondera’s internal messaging boards when I came across a photo of some painted rocks depicting flying pigs with multi-colored unicorn horns. It seems that one of our investigators is also a part-time artist. I must admit that I was confused by the subject matter. This is the response that I received to my question about the rocks:Within Pondera’s Special Investigations Unit, you have to earn the flying pig rock by accomplishing something that others might consider implausible, so that they’d say “that’ll happen when pigs fly”… but more than that, you also have to do it like only a beautiful, magical unicorn could do it.This is absolutely one of the most unexpected and satisfying things I’ve discovered in all my years in business. This tradition explains so much about Pondera’s success. We have a team of incredibly successful and dedicated people that continue to work on doing what many previously thought impossible. They do it themselves with only broad guidelines from the management team (hence my not knowing about the “pigacorn”). And they have fun while doing their work, taking pride in knowing how truly important it is.While I continue to take pride in the success that Pondera is having fighting fraud alongside our clients, my recent discovery serves as yet another reminder of what makes this company go (dare I say fly?). I often say that everyone at Pondera left something great to join our team and align behind our mission. With people like that, I expect a lot more flying pigs and a lot less fraud. What the Election Means to Fraud Detection It’s only been a few hours since the election of Donald Trump, and we are already fielding questions about what this all means to Pondera. And while I must confess, like most Americans the election result was a bit of a surprise to me, we have been preparing for change no matter who won the election. This is because any change in administration leads to changes in priorities.If I think back only a decade or so, active government program initiatives included Real ID laws for driver licenses, modernizing voter systems, and prison offender management systems. The Obama administration shifted a lot of focus and funding to Medicaid systems, insurance exchanges, and other health and human services programs.What will the Trump administration mean to a fraud detection company like Pondera? While it’s still too early to tell, President-elect Trump has certainly provided some clues. For example, in one campaign speech he proposed funding his childcare initiatives by targeting fraud in state Unemployment Insurance Programs. And anyone who has been paying attention to the news recently could reasonably expect that voter fraud and the Affordable Care Act will receive some attention over the coming months.Here is one thing that I know for certain. Come January, fraud will continue to be perpetrated against government programs no matter what party or which candidate is in charge. To fraudsters, large government programs are considered a target-rich environment too large to ignore. New Age of Identity Theft Problems Remember back to last year when the IRS announced that cyber thieves stole personal data from 100,000 taxpayers? This sophisticated scheme accumulated personal data from other sites and used it to answer identity validation questions on the IRS web site to gain access to taxpayer accounts.The 100,000 taxpayers affected? The IRS revised that number later in the year to 334,000 Last week they raised the number again to more than 700,000! Combine this with the high-profile hacks at Sony, Target, Anthem, and other organizations and one thing becomes very clear: bad actors are rapidly improving their identity theft methods.In response, government agencies need to prepare for an onslaught of fraudulent tax returns, unemployment claims, Medicaid treatments, and other services. In 2015, the IRS paid out $5.8 billion in fraudulent returns. Several of Pondera’s clients also saw dramatic increases in “ghost” beneficiaries, often paired with fictitious businesses, set up solely to defraud government programs. 2016 promises to be even more problematic.As program integrity experts, we have to recognize that we are moving into a new age of identity theft problems. We can log on to YouTube and watch a music video about Unemployment Insurance Fraud. CNN has run stories on street gangs trading liquor store holdups for benefits fraud. The barbarians are at the gate and it’s our responsibility to strengthen the defenses. The False Positive Problem Last year, 60 Minutes did a segment on the impact of errors in the Social Security Administration’s Master Death File—a database that stores dates of death for Americans. The system stores 86 million records, and despite all best efforts, it still has some issues.60 Minutes pointed out that errors in the system contribute to millions of dollars in improper payments each year. After all, the system would seem to indicate over 6.5 million Americans over the age of 111 when, in fact, there are probably fewer than 100. On the other hand, false positives where people find themselves mistakenly placed on the list, lead to nightmarish scenarios for obtaining loans, opening bank accounts, and other everyday tasks.This story demonstrates one of the largest challenges for government agencies: how to use imperfect data sources to minimize fraud, waste, and abuse while also not “harassing” legitimate people and businesses. And unlike a private business that may view a false positive as an inconvenience (who hasn’t had to call their credit card company to say that “yes, that large ice cream purchase was legitimate”), government officials are severely criticized when they act on false positives. In effect, they are criticized for not acting and they are criticized for acting.Pondera suggests that governments mitigate the effects of false positives by using composite indicators that draw information from multiple sources—both simple data matches like the Master Death File and more complex behavioral sources. For example, a Medicaid investigator would feel much more confident looking into a person who not only shows up on the Master Death File, but also appears to be traveling 100 miles for 20-minute doctor appointments, receives highly unusual (and expensive) procedures for their apparent diagnosis, and often sees two doctors in distant cities on the same day.Anyone who has worked for or with government program integrity units understands the unique pressures they face. Combining available data sources with intelligent analytics can go a long way toward helping them investigate the right cases while not interfering with program delivery. Comment (0) Comments are closed.