To fight fraud, understand your risks, analyze your data

The improper payment rate across the government has been on a downward trend over the last decade. In 2017, agencies made an estimated $141 billion in improper payments out of more than $2.5 trillion dollars in outlays. That’s about a 4.5 percent rate.

Part of the push to lower the improper payment rate has come from Congress with several bills over the last 15 years, including the he Improper Payments Information Act of 2002, the Improper Payments Elimination and Recovery Act of 2010 and the Fraud Reduction and Data Analytics Act of 2015, which would require the OMB to establish financial and administrative controls related to fraud and improper payments. Agencies would be required to include in their annual financial reports a discussion of their progress in implementing fraud risk guidance.

The issue of fraud, however, is a growing concern across the government. And agencies haven’t been as focused on it as the challenges cross a lot more than just payments, but goes into areas like acquisition and technology.

Linda Miller, the fraud risk management practice lead for Grant Thornton, said agencies continue to struggle to identify how big of a problem fraud is for their programs, partly because program managers don’t think it’s their responsibility.

“You don’t know how much fraud you have if you aren’t looking for it,” Miller said on the Using Data to Fight Fraud in Government Programs show. “If you ask almost anyone in government about fraud, they will tell you to talk to the inspector general. So how big a problem, it’s a big problem. However, nobody really knows how big of a problem fraud is because it’s deceptive in nature.”

Miller, who worked for 10 years  at the Government Accountability Office  as the assistant director of forensic audits and investigative service, said fraud includes more than just improper payments, but everything from people paying off border agents to get into the country to an employee buying gas for their personal car with a government credit card.

One way to change the thinking about fraud is for agencies to do a fraud risk assessment. Miller said agencies can start by looking at the GAO Fraud Risk Management Framework, which came out in 2015 and “encompasses control activities to prevent, detect and respond to fraud, with an emphasis on prevention, as well as structures and environmental factors that influence or help managers achieve their objective to mitigate fraud risks.”

Miller said if agencies identify vulnerabilities and risks of fraud that would go a long way to stopping it.

“Fraud risk is understanding whether you’ve got controls that are weak or non-existent that could enable somebody to circumvent or otherwise get something they were not entitled to,” she said. “The whole notion of an internal control framework is not everyone’s most exciting topic. But the fact is the idea is you build out a framework that makes sure somebody can’t get something they are not entitled to.”

She said the goal is to get agencies to do brainstorming sessions asking simple questions like “what if?” or “what happens when…?” to better view where potential and real vulnerabilities exist.

“Agencies need to engage in some sort of dynamic, conversational workshop generated risk assessment where you sit around the room and do it by scenario,” she said. “Those kinds of risk assessment discussions are a lot more fruitful than asking people to fill out likelihood and impact questionnaires.”

The next step to fight fraud is to take more advantage of data to spot trends and do analyses.

One big challenge agencies have to address is data sharing between the rules governing the Computer Matching Act or the Privacy Act, which have limited the information that can move between agencies.

“One of the things we do a lot when we work with clients is spend a lot of time improving the reliability of the data, which can take a lot of time,” Miller said. “Assuming you have a set of data that is relatively reliable and you can access it, the key is developing some use cases around fraud. For example, travel and purchase card is a low-hanging fruit. You get data from the bank so it’s pretty reliable. How hard is it to build some visualization that tells you how many people use their purchase card on Christmas Day?”

She said agencies shouldn’t be scared of data analytics or think it will be expensive. All they need is a little bit of expertise or a desire to learn how to use pivot tables in Microsoft Excel and can look for trends.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.