Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
It has been an interesting few weeks for the Supplemental Nutrition Assistance Program (SNAP), formerly known as the Food Stamp program, with two high profile busts. Both cases illustrate common schemes used to defraud the SNAP program, which distributed over $70 billion in food-purchasing assistance last year to 44 million Americans.
In Georgia, two convenience store owners used stolen identities to apply for SNAP benefits which were then loaded onto EBT cards (similar to credit cards) and mailed to addresses they controlled. Once received, they swiped the cards at their own convenience stores and pocketed over $800,000 before being caught. The U.S. Attorney assigned to the case said, “They used the SNAP system as an ATM for their personal gain, diverting critical benefits that help those who need assistance in our communities.”
Then, in Delaware, seven case workers at the Department of Health and Social Services were indicted for creating 100 fake accounts and cashing $959,000 in benefits. After creating the accounts, the case workers had the EBT cards mailed to state service centers where they simply intercepted them and used the cards themselves. Their scheme was detected when a supervisor noticed incomplete application data for one of the cards.
The Georgia case illustrates just how easy it can be (at least for a time) to use stolen identities to defraud government programs. Even if the suspects hadn't owned the convenience stores, it would not have been difficult for them to find one that would pay them a discounted price in cash for their cards.
The Delaware case is one we commonly see across states and programs where unscrupulous employees use their knowledge of the system to defraud their own government agency. Large amounts of money, combined with loose supervision, often prove too tempting for those with questionable morals.
A quick check of the government’s fraud reporting website, paymentaccuracy.gov, reveals that improper payment rates for SNAP are still not posted because of reporting problems. I look forward to updated numbers when they are available because even a small number like the 3.2% reported rate for 2014 translates to over $2.2 billion per year in improper payments.
After one of the nuttier fraud busts in recent memory, the FBI is searching for former Kentucky attorney Eric Conn, who recently pled guilty to committing over $600 million in Disability Insurance fraud. For 10 years, Conn perpetrated his scheme by bribing a doctor and several judges to approve his clients’ disability claims. In all, he represented 1,700 of these claimants.
After pleading guilty and securing his $1.25 million bail with the equity in his home, the appropriately named Conn simply cut off his GPS monitoring bracelet and skipped town. He unfortunately had to leave behind his mobile home law office including his replicas of the statue of Liberty and the Lincoln Memorial he kept out front.
In his time as an attorney, he hired B-list celebrities for television commercials and described himself as “Superman without a cape” ... and without a conscience apparently. He even performed rap songs in English and Spanish, claiming that he learned Spanish off a tape.
Two aspects of this case really bother me, outside of the crime itself of course. One is that Conn could commit such brazen fraud over a period of 10 years without being prosecuted. The other is that his bail was set low enough that he was easily able to take off.
Both of these facts illustrate the struggles that many of our clients face when dealing with fraud. Until we, as a country, decide to provide more funds to quickly detect fraud and decide to impose more serious penalties to those who commit fraud, we’ll continue to read about these cases. For now, I can only hope that the FBI catches up with Conn before he is able to do more damage.
I read with great interest the story this month about a woman who cheated her way to a second-place finish in the Fort Lauderdale half marathon. After posting a time of 1 hour and 21 minutes, the website www.marathoninvestigation.com revealed several problems with the woman’s results including: the race statistics she posted to a website were manually entered (versus those calculated by her GPS), a second set of results she posted seemed more consistent with a bike ride, and a zoomed photo of her post race wristwatch revealed that she ran only 11.65 miles of the 13.1 mile race. This evidence led to an admission and apology by the runner.
What I find interesting about this incident is how indicative it is of the ever-increasing power of data. While runners collect data to help them train and perform better, it can also be used to uncover cheating and fraud. This is no different in government subsidy programs, like Medicaid and welfare systems. Governments collect data to help them improve service delivery to their constituents, and with modern technologies, the data can also reveal fraudulent anomalies and patterns.
Of course, bad actors who want to defraud programs are aware of the increased use of data to catch them. Gone are the days when they can blatantly abuse government systems knowing that the size and complexity of the programs would make it nearly impossible to catch the cheats. In running, who would dare to repeat Rosie Ruiz’s 1980 Boston Marathon “victory” where she was spotted riding the subway with her runner’s bib?
Instead, bad actors often “fly under the radar” – stealing smaller amounts over longer periods of time to avoid being noticed. Second place in the Fort Lauderdale Marathon is certainly “under the radar” compared to a victory in the Boston Marathon.
So, now that our fraud detection capabilities can catch bad actors who boldly fly above the radar and those who strategically fly below the radar, one would hope that it would lead to decreases in fraud attempts. But I also know that making fraud harder to commit rarely turns fraudsters into honest and contributing members of society. It just makes them work harder. This simple fact provides us with the incentive to continually improve on our technologies and approaches. This is one war we fully intend to win.
On June 9th of this year, Mike Carroll, the Secretary of the Florida Department of Children and Families provided powerful testimony to the House Oversight and Government Reform Subcommittee on Government Operations. Secretary Carroll outlined some of the many successes Florida has achieved in fighting SNAP fraud. He also clearly articulated a point that we constantly stress here at Pondera. In his words…
“We are not talking about “mom and pop” storefront operations or cottage industries. We are talking about major criminal enterprises with ties to other serious and dangerous criminal activities including drug sales, prostitution and human trafficking.”
He went on to describe the SNAP program’s largest bust ever at a flea market in South Florida. Since 2011, the flea market had served 41,000 SNAP recipients and processed $89 million in transactions. Investigators found display stands using plastic fruit and vegetables, rotten produce, guns, and large amounts of cash at the retailers.
While 22 arrests have already been made, authorities still have a huge investigation in front of them. In addition, Florida is taking what they’ve learned and using it to identify other suspect locations.
This case, while large, is clearly not an isolated incident. Consider that even using the government’s own 3.7% improper payment rate translates to $2.6 billion per year in SNAP fraud and waste. Those numbers surely support a large number of organized schemes. So for those of you that think SNAP fraud is a “victimless crime”, it’s clearly time to reconsider your position.
Fighting fraud is an interesting challenge. When an organization shuts down a fraud scheme, bad actors don’t suddenly become good citizens. Rather, they evolve. They evolve by designing and testing new methods that, when they succeed, are exploited until they too are detected and shut down. In fact, many of the more enterprising fraudsters proactively try out new methods to avoid any “breaks in revenue”. This constant game of “whack-a-mole” is well known to program integrity staffs.
This ever-changing nature of fraud schemes demands an ever-changing detection system. If an organization’s fraud detection methods look more or less the same as they did the year before, I can almost guarantee you that their fraud rates have returned to the levels prior to the introduction of the detection systems. Bad actors will simply find another way to conduct their business.
For these reasons, it is important to be nimble in fighting fraud. Complex technologies and massive data warehouses will lose effectiveness over time. If it takes a year to negotiate a change order, to deploy new technologies, or to integrate new data sources, literally billions of dollars in improper payments can be lost. The trick is to stay even with or just a “step” behind the bad actors, not miles behind.
While all state agencies want to choose the right partner to help them with their fraud detection efforts, I would challenge them to ask themselves the following questions: How easy is the company to work with? How willing will they be to incorporate new technologies (even if not their own)? How important is fighting government fraud to their company versus everything else they do? How passionate are they about the problem? Honest answers to these questions will reveal a lot about the future success of your efforts.
One of my colleagues recently returned from a conference on government program integrity with an interesting anecdote. He recounted a vendor presentation where the speaker was touting a 52% accuracy rate in their fraud lead generation system. So… nearly half of the system’s leads generated false positives. Not so sure I’d brag about that.
High false positive rates lead to wasted investigative time and money and unwarranted intrusions into the lives of legitimate program beneficiaries and service providers. Ultimately, they lead to a lack of confidence in the system itself and investigators revert back to more manual detection methods. When one considers all the important services governments deliver and the immense political pressure they endure, this is obviously not acceptable.
Shortly after hearing this story, we were asked to respond to a question about false positive rates and any existing industry standards or even benchmarks. While every vendor, including Pondera, makes claims about our system efficacy, very few standards actually exist. Conversely, our clients (the government program administrators) generally are subject to improper payment standards placed on them by the federal government.
I think there is a great opportunity, even responsibility, for governments to create these standards. Fraud detection standards would challenge the vendor community to “put up or shut up”, leading to more innovation. They could also be adjusted as the standards are met and surpassed leading to constant improvement. And they would provide governments with a uniform method for measuring vendor performance.
It is true that fraud detection systems still rely on quality program data and can suffer from the old adage "garbage in, garbage out”. So government would still share in the responsibility of meeting any new standards. But clearly, there is more we can do. And this would benefit all parties involved… except, of course, the fraudsters.
I believe that simple things can make a big difference. This week, for example, I went through self-checkout at a local grocery store and the keypad gave me the options of “debit card” or “all other tenders” to complete my transaction. “All other tenders”—who talks like that? No doubt there was a group of people that decided that, technically, “tenders” was the best word to cover all the other options. It doesn’t really matter that it makes the system more confusing. That’s my problem.
Software systems suffer from this problem perhaps more than any other consumer product. I remember the old joke about having to go to the “start” button to stop the computer. This still happens, despite the fact that experience has shown us that the single most important feature contributing to the success of software is usability.
Put simply, even the most powerful system is completely worthless if people can’t figure out how to use it. My own brother discovered this when he recently decided to switch from the iPhone to an Android phone for the additional capabilities. Not a very technical person, he quickly switched back complaining that he was utterly confused by the “full fledged computer” he was carrying around in his pocket.
At Pondera, we make the claim that our system is “built by investigators, for investigators.” And it’s true. Our most important design principle is to “mask” the underlying complexity of the system and provide analysts and investigators with an intuitive system that works the way they do. Technical people can’t do this. Data scientists can’t do this. Only investigators can do this. That’s why we hire them and task them with our most important work.
A few weeks ago, I published a blog post titled “Money Obtained Fraudulently is Rarely Used for Good Purposes”. In it, I made the argument that government fraud is a serious, and at times very ugly problem. Now I no longer have to make that argument because the United States Justice Department is making the argument for me.
Last week, the Justice Department announced the largest health care fraud case it’s ever prosecuted; one that defrauded over $1 billion over the past 14 years. The alleged perpetrators of the fraud are said to have leased private jets and chauffeured limousines. One even bought a $600,000 watch! Remember, this is your tax money we’re talking about. The system ran on a complex network of bribes and kickbacks.
And if that’s not enough, here is one of the schemes they allegedly ran. They “treated” seemingly healthy, elderly people with medications they did not need in order to create addictions which would lead to further treatments. Pure evil. Unfortunately, fraudsters are most active where large amounts of money meet vulnerable populations. This is yet another example of that and more reason for us to do what we do.
Last year, 60 Minutes did a segment on the impact of errors in the Social Security Administration’s Master Death File—a database that stores dates of death for Americans. The system stores 86 million records, and despite all best efforts, it still has some issues.
60 Minutes pointed out that errors in the system contribute to millions of dollars in improper payments each year. After all, the system would seem to indicate over 6.5 million Americans over the age of 111 when, in fact, there are probably fewer than 100. On the other hand, false positives where people find themselves mistakenly placed on the list, lead to nightmarish scenarios for obtaining loans, opening bank accounts, and other everyday tasks.
This story demonstrates one of the largest challenges for government agencies: how to use imperfect data sources to minimize fraud, waste, and abuse while also not “harassing” legitimate people and businesses. And unlike a private business that may view a false positive as an inconvenience (who hasn’t had to call their credit card company to say that “yes, that large ice cream purchase was legitimate”), government officials are severely criticized when they act on false positives. In effect, they are criticized for not acting and they are criticized for acting.
Pondera suggests that governments mitigate the effects of false positives by using composite indicators that draw information from multiple sources—both simple data matches like the Master Death File and more complex behavioral sources. For example, a Medicaid investigator would feel much more confident looking into a person who not only shows up on the Master Death File, but also appears to be traveling 100 miles for 20-minute doctor appointments, receives highly unusual (and expensive) procedures for their apparent diagnosis, and often sees two doctors in distant cities on the same day.
Anyone who has worked for or with government program integrity units understands the unique pressures they face. Combining available data sources with intelligent analytics can go a long way toward helping them investigate the right cases while not interfering with program delivery.
Almost everyone is familiar with antivirus software. Not everyone is familiar with how it works though. Even fewer have examined how we can apply the way antivirus software works to combat fraud. I believe that there are important lessons here which can improve our approach to fraud detection and prevention.
At a high level, antivirus software performs two important functions prior to opening a file on your computer: 1) It compares the file to known viruses and other forms of malware, and 2) It checks the file for suspicious code which may indicate a new, previously unknown virus.
The first function depends on a network of users willing to share known viruses and a system that is able to collect the virus data, design a fix, and disseminate the fix to other users prior to them being infected. The second function depends on heuristic programmers that can design systems to learn and even anticipate potential problems. Working together, this is one of the most effective ways to address the constantly changing nature of Internet malware.
Government fraud prevention, when done properly, works in a very similar manner. By examining known bad actors, bad transactions, and bad behaviors, systems can quickly compare ongoing program data to identify suspect transactions. Modern fraud detection systems also include predictive algorithms that can detect anomalies, trends, patterns, and clusters that may indicate fraud.
Unfortunately, many governments are unable, or unwilling, to share data. This limits the “network” effect that antivirus software uses so effectively. If more states and programs shared fraud schemes and findings, the library of known bad actors and methods could detect fraud and prevent it from moving from state to state and program to program.
The good news is a number of states are moving toward state-wide fraud prevention efforts and a number of government subsidy programs are moving toward cross-state fraud prevention efforts. I am confident that the future success of these efforts will promote additional sharing, leading to a larger network, and more efficient governments.