Q&A: Mitigating fraud in COVID-19 assistance programs and other government relief efforts
The many programs set up by the federal government and state and local entities to provide relief to people and businesses amid the COVID-19 pandemic have been the targets of an overwhelming amount of fraud attempts. In this Q&A, members of CohnReznick’s Government team talk about this fraud and what steps recipients can take to protect their funding, both from current and potential future rounds of COVID-19 relief and any other instances of government aid.
This made me wonder, what can be done to mitigate the risk of fraud in future COVID-19 assistance programs, and other relief efforts? Joining me today to help answer this question are my colleagues Nick Atiee, Rochell Cottingham, Ron Frazier, and Shih-Hsien Yang.
My first question is for Rochell Cottingham. Rochell has over 25 years of experience in the areas of audit, compliance, performance monitoring, quality assurance, fraud prevention and detection, risk management, system development, and project management. This year, Rochell led several teams performing integrity oversight and compliance monitoring services for COVID-19 economic relief programs funded by the Coronavirus Aid, Relief, and Economic Security (CARES) Act, the Consolidated Appropriations Act, and the American Rescue Plan Act (ARPA) of 2021.
Rochell, I recently read an article in the Washington Post that discussed the overwhelming amount of fraud occurring in various federal and state programs that were created by Congress’ $6 trillion in emergency coronavirus spending. We know our nation’s policymakers intended the funding to be disbursed quickly to rescue the U.S. economy from a potential depression. However, now there is evidence that fraud is rampant.
Based on what you and your team have seen, what advice would you have for a state agency that is developing its programmatic policies and procedures? What can they do to curb fraud, waste, and abuse of funds before a program is well underway?
Rochell Cottingham: The challenge with many federal and state programs is finding the proper balance between the timely distribution of funds and the implementation of effective controls to ensure quality and limit the potential for fraud, waste, and abuse. The additional burden for states receiving coronavirus funding was how to design and implement new, and often untested, programs quickly in order to service an immediate need while also meeting funding rules that required funds to be expended within a certain time period.
Given these challenges and the desire to develop effective programmatic policies and procedures, the recommendation is always to take the necessary time on the front end to understand the needs of the program, evaluate program design options, and incorporate necessary controls. Dedicating time early on to implementing effective, efficient design elements and controls will pay off in the long run. Designing effective controls should also include evaluating the fraud risks associated with program design decisions, such as the use of attestations, the types of documents accepted, and use of third-party verification. How much risk is management willing to accept? If some design decisions increase program exposure, compensating controls should be considered.
A final piece is to incorporate anti-fraud measures and a process for continually assessing risks and performance over the program lifecycle. Policy and operational components often change over time, so as programs change, risks may also change, and they should be evaluated and responded to. Additionally, fraud schemes may change as parties become more familiar with program operations, so anti-fraud measures should also be reassessed regularly, and should be flexible enough to respond to new schemes as they materialize.
Ray: My next question is for Nick Atiee. Nick has over eight years of experience working with government clients, providing federal grants management, project management, and compliance monitoring services. Most recently, Nick helped the State of Texas administer its Emergency Rental Assistance Program, where well over $50 million in potentially fraudulent claims were identified and prevented.
Nick, what should implementers of economic relief programs do to make sure they are mitigating their exposure to fraud, waste, and abuse of funds once program implementation has commenced? In other words, what should program administrators be doing once the program is up and running and funds are being disbursed to participants?
Nick Atiee: Thank you for the introduction, Ray. To date, programs funded through CARES, ARPA, and other funding sources have been focused heavily on disbursing funds as quickly as possible. While this speed is important to families and businesses so greatly affected by COVID-19, it does not have to remain mutually exclusive from a pragmatic approach that reduces the risk of fraud, waste, and abuse.
During the program design phase, program administrators must assess the risks specific to their program, identify which processes and stakeholders contribute to each, and then determine unique indicators of each identified risk. It is so important to categorize the severity of each indicator and fraud risk. We help our clients review risks to determine if the program can mitigate the risk entirely through policy or process modifications. Bottom line, program administrators need to ask several questions: If a process change is necessary, does it need to take place in the application stage or the review stage? If in the application phase, does it require a business process control or software component? If in the review stage, how will reviewers verify it? Will it require certain information and/or permissions to be provided to the reviewers?
Ray: The next question is for Ron Frazier. Ron has more than 15 years of experience in project management, focusing on program compliance and integrity monitoring. Ron is also a licensed attorney and a certified project management professional. For the past two years, he has been providing integrity and compliance monitoring services to several state agencies charged with implementing CARES Act-funded programming.
Ron, in these COVID-19 assistance programs you are working on, are you seeing that states are choosing to apply very lenient eligibility and documentation requirements? If so, does that inherently increase the likelihood of improper payments, due to fraud or even human error?
Ron Frazier: Hi Ray, the substantial amounts of money from the federal government and the allowance to states, and in turn to state agencies, to manage and distribute that funding in a very short time have led to programs being stood up on the fly. At the speed at which they’re moving, program administrators are revising program requirements with much greater frequency than you would expect in an established or reoccurring program.
In particular, the allowance for self-certification for some of the COVID-19 assistance programs has raised real concerns about consistency in documentation requirements and program oversight for internal controls.
As a result, there is an inherently higher risk, and we are suggesting that states and state agencies make use of independent monitors to provide quality assurance and quality control as a supplement to their existing internal audit planning.
Ray: My next question is for data scientist Shih-Hsien Yang. Shih-Hsien, during this past year, you developed machine learning algorithms that were deployed in multiple states that detected thousands of fraudulent applications so that program administrators could intervene before funding was disbursed to fraudsters.
The Association of Certified Fraud Examiners (ACFE) recently published their 2022 Anti-Fraud Technology Benchmarking Report, in which they said they expect the use of artificial intelligence and machine learning to more than double over the next two years. Why should program administrators trust artificial intelligence and machine learning models to detect fraud in their programs? What is so special about this technology?
Shih-Hsien Yang: Machine learning (ML) is a type of artificial intelligence (AI) that uses historical data and algorithms to make predictions on unseen data, and “learns” from those predictions and data to become more accurate over time. ML algorithms enable machines to detect abnormalities and patterns that may be too complicated for humans to discover. While ML can’t completely replace human interventions, it can help prioritize our work and make our operations more efficient.
ML for fraud detection has been used in federal agencies and the private sector on a widespread scale for several years. In 2021, in view of the increasing trend of using AI technology in federal agencies and other entities, the U.S. Government Accountability Office (GAO) published its Artificial Intelligence Accountability Framework to ensure proper use of AI technology.
When it comes to combating fraud with increasingly sophisticated fraudsters, it’s crucial to be able to react in a timely and accurate manner. After all, taxpayers’ money is at stake. This is when ML can come into play. Once an ML model is developed, it enables near-real-time fraud detection that gives program administrators the ability to capture fraud before money goes out the door. Transactions are scored by the ML model, and program administrators can then allocate their limited time and resources to the riskiest cases.
Ray: As we’ve discussed, mitigating fraud requires proper programmatic design, continual monitoring and assessment, and the flexibility to address new risks as they arise. Contact our team for more information on how to identify and reduce fraud in new or existing programs.
Coronavirus Resource Center
InsightFraud prevention techniques for infrastructure programsAn increase in infrastructure spending introduces a higher likelihood of fraud. In this article, CohnReznick’s infrastructure professionals provide advice on how to mitigate fraud in infrastructure projects. Learn more.
InsightTips for administering a successful small business grant programTavares Williams, Logan Hurley, Maria Ramirez, Joey GalloExplore our team’s top advice for executing successful grant programs, on KPIs, record-keeping, customer service, and more.
InsightMonitoring programs: A first defense against infrastructure grant fraudRoman CastilloState and local agencies must develop thorough assessments, processes, and policies to protect their IIJA, ARPA, and IRA funding. Read more.
InsightGovernment Impact: Q1 2023An update on CohnReznick's collaboration with federal, state, and local governments.
InsightFederal grant compliance: A discussion checklist for avoiding clawbacksCarson Phillips, Kevin EpleyFederal funding comes with rules for recipients. Discuss these questions to drive compliance around financial controls, programmatic requirements, and more.