Presentation on theme: "National State Auditors Association Gregory D. Kutz, Director"— Presentation transcript:
1National State Auditors Association Gregory D. Kutz, Director GAO's Forensic Audits and Investigative Service Team: Tools and Methods to Identify Fraud, Waste and AbuseNational State Auditors AssociationAnnual ConferenceJune 15, 2011Gregory D. Kutz, DirectorB
2Discussion Agenda FAIS Background FAIS Methodology Case Study DiscussionQuestions
3FAIS Background Who We Are The Government Accountability Office (GAO) is a federal agency that reports to Congress and the American people.Over time, GAO found that its ability to investigate fraud was enhanced when auditors/analysts worked closely with criminal investigators:Auditors/analysts benefit from law enforcement background of criminal investigatorsCriminal investigators benefit from analytical and database experience of auditors/analystsCombining disciplines improved GAO’s ability to deliver high-impact reports and testimonies to Congress.
4FAIS Background Who We Are The Forensic Audits and Investigative Service (FAIS) team brings GAO’s related anti-fraud and other investigative activities together in one organization.In addition to analysts, forensic auditors, and criminal investigators, FAIS staffing includes:data mining and systems integration experts,fraud hotline analysts, andquality control staff such as communications analysts.All permanent FAIS staff are Certified Fraud Examiners (CFE).
5FAIS Background What We Do FAIS work addressesfiscal challenges facing our nation,organizational and individual ethics,stewardship over government resources, andcontrol environment at federal agencies.FAIS work comes from a variety of sourcescongressional requests,Comptroller General Authority (self-initiated), andhotline tips.
6FAIS Background What We Do FAIS has governmentwide jurisdiction and has access to most government data including tax records, SSA data, and grants and disbursement data, including Medicare/Medicaid data.FAIS has access to law enforcement tools such as the National Criminal Information Center (NCIC), Financial Crimes Enforcement Network (FINCEN), and Lexis-Nexis law enforcement.FAIS also manages FraudNet, the governmentwide hotline to report fraud, waste, and abuse.FAIS has offices in Washington, D.C., and Dallas, Texas.
7FAIS Methodology Overview FAIS’s forensic audits attempt to identify the reason why fraud or abuse has occurred. Where possible, we estimate the magnitude of the problem.Investigations are more limited in scope and provide the facts and details that substantiate fraud or demonstrate a vulnerability.FAIS’s best antifraud work leverages both forensic audit and investigative approaches to deliver a powerful message about broken controls.
8FAIS Methodology Techniques and Tools Audit stepsData matchingData miningStatistical samplingInternal controls evaluationIntegrationInvestigative stepsProactive testingSocial engineeringCoordination with IGs or other law enforcement agenciesNCIC, FINCEN, Lexis Nexis law enforcementCombined forensic audit and investigationConcludes on broken controlsSubstantiates specific fraud cases and/or provides first-hand evidence of fraudWhere possible identifies magnitude
9FAIS Methodology Data Matching Data matching involves comparing two discreet data sets to identify questionable overlaps.Governmentwide access to federal databases allows FAIS to perform matching on data sets that other federal agencies do not have the authority to perform.This is an audit step that reveals fraud indicators that require further investigation, for example:Commercial drivers also on 100 percent disabilityPrisoners who also received disaster assistanceARRA Recipients with unpaid federal taxes
10FAIS Methodology Data Mining Data mining is an effective way to develop fraud targets for further investigation.FAIS mines databases forSpecific types of transactionsPatterns within the dataOutliers (e.g., doctor shopping for controlled substances)Based on interviews of targets, gather additional intelligence to refine data mining (“James Fine Dining” example).
11FAIS Methodology Proactive Testing FAIS also has the authority to perform proactive testing of programs or processes to identify vulnerabilities.Proactive tests performed by criminal investigators as “red team” exercises (e.g. no agency notification).Tests allow FAIS to gather first-hand knowledge of control breakdowns and vulnerabilities in a realistic setting, rather than rely on the representations of the tested entity.Analyst/auditors help interpret the results of the tests in a broader context and provide planning input.
12FAIS Methodology Case Studies Case studies help illustrate the details and impact of fraud in concrete terms to Congress and taxpayers.Criminal investigators are critical to developing cases:Access to law enforcement databases and resourcesProfessional interviewing skillsContacts in other federal agencies and IGs.FAIS frequently refers case studies to the appropriate law enforcement agency or other entity for further investigation.
13FAIS Methodology Standards Forensic audits are performance audits conducted in accordance with generally accepted governmental auditing standardsCertain elements of work in FAIS are done under the Council of Inspectors General for Integrity and Efficiency (CIGIE) Investigative standardsE.g., field investigations of cases of procurement fraud
14Questions?Any questions prior to moving on to case study discussion?
15FAIS Case Study #1 Passport Fraud Undercover tests to obtain genuine U.S. passports using counterfeit or fraudulently obtained documentsUsed commercial, off-the-shelf hardware and software to create counterfeit birth certificates and driver’s licensesApplied in person at U.S. Postal Service facilities and, in one case, a Department of State officeUsed identities (names and SSNs) that would simulate identity theft
16FAIS Case Study #1 Passport Fraud Findings:Neither the U.S. Postal Service nor the Department of State detected counterfeit documentsAll four applications were successful, including:Passport issued to a man who died in 1965Passport issued to a 53-year-old applicant using the name and SSN of a 5-year-old childAll passports issued to the same criminal investigatorState and the FBI have identified fugitives, sex offenders, and delinquent taxpayers who used identity theft to obtain genuine U.S. passports
17FAIS Case Study #1 Passport Fraud – Counterfeit Driver’s License
18FAIS Case Study #1 Passport Fraud – Genuine U.S. Passports
19FAIS Case Study #2 Medicaid Controlled Substance Fraud and Abuse GAO found tens of thousands of Medicaid beneficiaries and providers involved in potentially fraudulent and abusive purchases of controlled substances in FY 2006 and 2007Doctor Shopping - about 65,000 Medicaid beneficiaries in five states acquired the same type of controlled substance from six or more doctors at a cost of $63 million.Although some beneficiaries justifiably received this medication, others obtained these drugs to support their addictions or sell on the street.
20FAIS Case Study #2 Medicaid Controlled Substance Fraud and Abuse Other Findings:$2 million in controlled substance prescriptions were written or filled by medical practitioners and pharmacies barred or excluded from federal healthcare programs for such offenses as illegally selling controlled substances.Our analysis also found that controlled substance prescription claims to over 1,800 beneficiaries were filled after they died at a cost of $200,000.In addition, our analysis also found that Medicaid paid about $500,000 in Medicaid claims based on controlled substance prescriptions “written” by over 1,200 doctors after they died.
21FAIS Case Study #2 Medicaid Controlled Substance Fraud and Abuse States are primarily responsible for the fight against Medicaid fraud. The five selected states we examined, however, did not have a comprehensive framework to prevent fraud and abuse of controlled substances.The Centers for Medicare and Medicaid Services is responsible for overseeing state fraud and abuse control activities but has provided limited guidance related to controlled substances.
25FAIS Case Study #3: Head Start Fraud and Abuse at Selected Centers Received hotline allegations involving two nonprofit granteesManipulating recorded income to qualify higher income applicantsEncouraging families to report that they were homeless when they were notEnrolling more than 10 percent of over-income childrenCounting children as enrolled in more than one center at a time
26FAIS Case Study #3: Head Start Fraud and Abuse at Selected Centers Realizing such schemes could be widespread, weDeveloped 15 undercover test scenarios at centers in 6 states and the District of ColumbiaAttempted to register fictitious children using bogus documentsInterviewed families on wait lists to document cases of potentially eligible children not receiving services due to others’ fraudulent activity
27FAIS Case Study #3: Head Start Fraud and Abuse at Selected Centers For 8 of 15 proactive tests, staff at Centers fraudulently misrepresented information to register over-income children into under-income slotsThese tests were done in 6 states and D.C.None of information provided was verified leaving program vulnerable to falsified earnings statements and other documents
30FAIS Case Study #3: Head Start Fraud and Abuse at Selected Centers 506 of the 550 Head Start centers contacted had wait lists2 centers where we enrolled fictitious children later became full and developed wait lists after the fictitious children had been withdrawnMany families stated that their incomes were at or below the federal poverty levelSome families stated they had experienced domestic violence, or were receiving some type of public assistance, a group automatically eligible for Head Start
31FAIS Case Study #4: ARRA Recipients With Unpaid Federal Taxes To determine the magnitude of known federal tax debt owed by Recovery Act contract and grant recipientsMatched contract and grant recipients from to IRS Unpaid tax September 30, 2009Developed examples of entities with unpaid federal taxes that benefited from Recovery Act contracts and grants through July 2010 reportingFocused on 15 cases of entities with substantial unpaid payroll taxes
32FAIS Case Study #4: ARRA Recipients With Unpaid Federal Taxes At least 3,700 Recovery Act contract and grant recipients (including prime recipients, subrecipients, and vendors) with $750 million of unpaid federal taxesThese entities received $24 billion of Recovery Act funds through July of 2010Represents about 6% of the 63,000 Recipients with taxpayer identification numbers that we could deriveUnderstated for17,000 Recipients with no TINUnderreporting of incomeNon-filing of required tax returns
33FAIS Case Study #4: ARRA Recipients With Unpaid Federal Taxes 15 cases includedConstructionEngineeringSecurityHealth CareIRS had taken collection or enforcement action for all 15 casesFor 13 IRS had filed federal tax liensFor 12 IRS had assessed Trust Fund Recovery Penalties against owners and officers
34FAIS Case Study #4: ARRA Recipients With Unpaid Federal Taxes For 15 CasesOver half had reported state and local tax liensSeveral defaulted on installment agreementsSeveral failed to file required tax returnsSeveral cited for Federal Labor Law ViolationsSeveral owners and officers received substantial salaries and company loansSeveral owners had hundreds of thousands of dollars each in gambling transactionsSeveral entities received millions of additional federal dollars of non-Recovery Act contracts
35FAIS Case Study #4: ARRA Recipients With Unpaid Federal Taxes Potential SolutionsFurther controls to prevent entities with significant unpaid federal taxes from receiving new awardsAdditional sharing of IRS information for limited purposesSteps to address sub-recipients with unpaid federal taxesEnhancements in Federal Payment Levy Program
36Summary of Key PointsThere are significant benefits to establishing and maintaining an integrated team of auditors, analysts, and investigators.Data mining and matching are effective tools to help identify fraud and abuse.Developing actual cases of fraud and abuse helps show the actual effect of ineffective controls.It is important to perform internal controls work and develop practical solutions to minimize fraud, waste and abuse.