Federal agencies spend billions of dollars annually to aid victims of natural and other disasters and acts of terrorism. Managers of federal disaster assistance programs face a dual challenge--delivering aid as quickly as possible while at the same time ensuring that relief payments go only to those who are truly in need. Due to the very nature of the government's need to quickly provide assistance to disaster victims, federal disaster relief programs are vulnerable to significant risk of improper payments and fraudulent activities. On February 13, 2006, and on June 14, 2006, GAO testified concerning extensive fraud, waste, and abuse in the Individuals and Household Program (IHP), a component of the Federal Emergency Management Agency's (FEMA) disaster assistance programs. GAO identified significant internal control weaknesses that resulted in FEMA making tens of thousands of Expedited Assistance payments that were based on bogus registration data. GAO also found numerous other internal control failures in FEMA's IHP disaster assistance program, resulting in an estimate that FEMA made $600 million to $1.4 billion in improper and potentially fraudulent payments to registrants. The purpose of this testimony is to establish a framework for preventing, detecting, and prosecuting disaster assistance fraud.

Recent GAO audits have illustrated the importance of an effective fraud, waste, and abuse prevention system in federal disaster assistance programs. GAO's Standards for Internal Control in the Federal Government provide a framework for internal control that can be used to minimize fraudulent, wasteful, and abusive activity regardless of whether dealing with the effects of natural disasters like hurricanes Katrina and Rita, or coping with the destruction left by the terrorist attacks of September 11, 2001. A well-designed fraud prevention system should consist of three crucial elements: (1) upfront preventive controls, (2) detection and monitoring, and (3) investigations and prosecutions. Upfront preventive controls can help screen out the majority of fraud, and are the most effective and efficient means to minimize fraud, waste, and abuse. Detection and monitoring, and aggressive prosecution of individuals committing fraud, while also crucial elements of an effective system, are less effective and generally cost more. Audit work has long confirmed that upfront preventive controls are most effective when they require validation of data provided by disaster registrants against other government or third-party sources, and physical inspections when possible. Preventive controls should also include procedures designed to identify problem registrants prior to payments. Training personnel on fraud awareness and potential fraud schemes is also an integral component in preventive controls. Collectively, these preventive controls can help improve program integrity and safeguard tax dollars. An effective fraud deterrence program must also include resources to continually monitor and detect potential fraud, and aggressively investigate and prosecute individuals who received assistance fraudulently. Monitoring and detection include data-mining for suspicious registrations and payment usage, and setting up fraud hotlines. Finally, program integrity is enhanced by investigating and prosecuting individuals who take advantage of program weaknesses. However, the high costs of prosecutions highlight our conclusion that upfront preventive controls are most effective in preventing fraud, and that lessons learned from detection and prosecutions should be used to improve preventive controls.

• View Report (PDF)