How Government Agencies Can Improve Pandemic Relief Fraud Prevention Using Data Analytics

There are still opportunities to mitigate risks and hold wrongdoers accountable if officials act quickly with better fraud prevention tools 

In the last few months, federal and state officials have been swamped with reports of potential fraud in many of the coronavirus relief programs. Given the unprecedented size of pandemic relief spending, more than $2.6 trillion, and the mandate to get funds into the hands of those who needed it quickly, it is perhaps no surprise that relief programs have become the target of choice for fraudsters.

Of the $2.6 trillion dollars allocated for pandemic relief, the Paycheck Protection Program (PPP) accounted for approximately 25%, with $525 billion distributed to small businesses between April and August. The Small Business Administration’s inspector general said in October there were “strong indicators of widespread potential abuse and fraud in the PPP.”

Tens of thousands of companies received PPP loans for which they appear to have been ineligible, the inspector general reported.  These factors should have disqualified many of those payments:

• Corporations that were created after the pandemic began
• Businesses that exceeded the law’s workforce size limits (generally 500 employees or fewer)
• Companies that were on the federal “Do Not Pay” database because they already owed money to the government
• Companies that applied for multiple loans

After the SBA and financial institutions had distributed billions in PPP loans, the National Credit Union Administration issued a warning letter to its members in August listing these additional red flags as indicators of fraud in PPP applications:

• Applications with manipulated or fraudulent supporting documentation
• Applications in different names that contain nearly identical information and supporting documentation, and originate from the same Internet Protocol (IP) address
• Fake businesses that do not have an internet presence, and have minor differences between names on the application documents and public business registration documents
• Existing bank or credit union accounts with low balance history and with no history of business payroll expenses

As of late October, several hundred PPP-related investigations have been opened, involving hundreds of millions of dollars in loans, and 73 defendants have been charged, the Department of Justice reported.

One of those charged was Martin Kao of Honolulu, Hawaii, CEO of Martin Defense Group LLC, who received $12.8 million.  According to the charges, he inflated the number of employees in his firm and falsely certified that the company and/or affiliates had not received and would not receive another PPP loan.  Kao allegedly transferred $2 million to his personal bank account.

Using data analytics to prevent fraud

Many of these improper payments could have been prevented with better use of data analytics and access to available data.  Looking to the future, agencies should strongly consider implementing more sophisticated transaction monitoring and analytical systems.

In the near term, much can be done to prevent further improper payments, improve the internal controls of relief programs, and hold those accountable who have committed fraud. Some former federal government officials with fraud prevention experience have said that. They cited the success of the government’s fraud prevention efforts during the 2009 economic crisis, including the Recovery Board and Recovery.gov.

“Recovery.gov became a model for accountability in government spending. Through innovative analytics software that structures data in search of patterns, the data analytics techniques used in Recovery.gov were refined to yield real results. For example, patterns in the data identified fraudulent Medicare providers operating out of empty buildings…, business owners falsely claiming to be service-disabled veterans, and grant money recorded as being sent to an address that … was an empty shed. These are just a few among myriad examples,” according to the article in Government Executive by two former senior officials at the General Accounting Office and the Office of Management and Budget.

Adopting rigorous anti-fraud measures is more than a recommended best practice for federal agencies. It’s a mandate — The Fraud Reduction and Data Analytics Act of 2015 (FRDAA) requires all agencies to design and implement a strategy with specific control activities to mitigate assessed fraud risks.

Two factors created special challenges for fraud prevention and waste in the pandemic-related federal programs:

1.  The huge scale of the funds allocated to the relief effort – more than $2 trillion, and
2.  The extreme pressure on officials to distribute funds quickly

Yet both those factors underscore the critical role of technology, with its capacity to process data and inform decisions at scale and with speed.

A data-driven approach to fraud prevention

Using available data, analytics software tools can use techniques like entity resolution to determine if different entities are in fact the same person or company.  Relationships between all types of entities, including financial accounts, IP addresses, people, and companies can be quickly revealed, and scoring models can rank the highest risks and threats.

Government agencies using data-driven, analytical approaches to fraud prevention can discover risks and threats faster compared to traditional methods – a critical advantage that helps reduce fraud losses and increase the likelihood of recovering funds.  The federal Pandemic Response Accountability Committee (PRAC) highlighted the value of fast action by recently releasing an “Agile Products Toolkit” report with recommendations to inspectors general and other officials in watchdog roles, which strongly emphasized the importance of agile tools, fast action, information sharing, flash reports and publishing “lessons learned” to reduce fraud, waste, and abuse.

Federal agencies are not the only ones under pressure. States have been under attack as well.  Washington state’s Employment Security Department (ESD) normally processed five to seven thousand applications per week for benefits, but the surge of layoffs due to the pandemic drove applications up by 3000% — to over 180,000 per week. In that crush of applications, fraudsters launched a sophisticated effort that collected approximately $600 million in improper payments, from 86,449 claims using individual names, addresses, employer names, and social security numbers, many acquired from the 2017 Equifax data breach.  Much of the activity occurred in just one week in May 2020.

If more rigorous automated controls had been in place, several red flags could have been spotted and used to block payments, based on payments going to out-of-state back accounts, filings that claimed companies had gone out of business (when in fact they were still operating), and a high volume of email addresses from known high risk email service providers.

Equally critical to any automated fraud prevention system is the quality and volume of data.  A common challenge is siloed data — which could be highly valuable if it were available.  That was apparently a key factor in the 1.4 billion dollars in COVID-19 stimulus payments made to deceased persons by the Treasury Department.  The IRS, which is part of the Treasury Department, maintains accurate death records, but those records were not available to the Treasury’s Bureau of Fiscal Service, which distributed the stimulus payments.

The coronavirus pandemic highlights the need for rapid, real-time information to support decision making in government. Traditional government data systems and reporting processes were designed for semi-annual or annual reports and analytics, yet in a global health crisis, decision-makers need information much faster – on a daily or even hourly basis…The global pandemic highlights an ongoing need for government to have data collection, management, and analytic capabilities at the ready to support decision-making needs.

Effective Data Governance, a survey of federal Chief Data Officers – September 2020.

 

”