What GAO Found
The Social Security Administration (SSA) has taken steps to establish an organizational culture and structure conducive to fraud risk management in its disability programs, but its new antifraud office is still evolving. In recent years, SSA instituted mandatory antifraud training, established a centralized antifraud office to coordinate and oversee the agency's fraud risk management activities, and communicated the importance of antifraud efforts. These actions are generally consistent with GAO's Fraud Risk Framework, a set of leading practices that can serve as a guide for program managers to use when developing antifraud efforts in a strategic way. However, SSA's new antifraud office, the Office of Anti-Fraud Programs (OAFP), faced challenges establishing itself as the coordinating body for the agency's antifraud initiatives. For example, the OAFP has had multiple acting leaders, but SSA recently appointed a permanent leader of OAFP to provide accountability for the agency's antifraud activities.
SSA has taken steps to identify and address fraud risks in its disability programs, but it has not yet comprehensively assessed these fraud risks or developed a strategic approach to help ensure its antifraud activities effectively mitigate those risks. Over the last year, SSA gathered information about fraud risks, but these efforts generally have not been systematic and did not assess the likelihood, impact, or significance of all risks that were identified. SSA also has several prevention and detection activities in place to address known fraud risks in its disability programs such as fraud examination units, which review disability claims to help detect fraud perpetrated by third parties. However, SSA has not developed and documented an overall antifraud strategy that aligns its antifraud activities to its fraud risks. Leading practices call for federal program managers to conduct a fraud risk assessment and develop a strategy to address identified fraud risks. Without conducting a fraud risk assessment that aligns with leading practices and developing an antifraud strategy, SSA's disability programs may remain vulnerable to new fraud schemes, and SSA will not be able to effectively prioritize its antifraud activities.
SSA monitors its antifraud activities through the OAFP and its National Anti-Fraud Committee (NAFC), which serves as an advisory board to the OAFP, but the agency does not have effective performance metrics to evaluate the effect of such activities. The OAFP has responsibility for monitoring SSA's antifraud activities and establishing performance and outcome-oriented goals for them. It collects metrics to inform reports about its antifraud initiatives, and the NAFC receives regular updates about antifraud initiatives. However, the quality of the metrics varies across initiatives and some initiatives do not have metrics. Of the 17 initiatives listed in SSA's 2015 report on antifraud initiatives, 10 had metrics that did not focus on outcomes, and 4 did not have any metrics. For example, SSA lacks a metric to help monitor the effectiveness of its fraud examination units. Leading practices in fraud risk management call for managers to monitor and evaluate antifraud initiatives with a focus on measuring outcomes. Without outcome-oriented performance metrics, SSA may not be able to evaluate its antifraud activities, review progress, and determine whether changes are necessary.
Why GAO Did This Study
SSA's Disability Insurance (DI) and Supplemental Security Income (SSI) programs provide cash benefits to millions of Americans with disabilities who are unable to work. Collectively, payments from DI and SSI were about $200 billion in fiscal year 2015. Although the extent of fraud in these programs is unknown, recent high-profile cases have highlighted instances in which individuals fraudulently obtained millions of dollars in benefits. GAO was asked to review SSA's fraud risk management.
This report examines SSA's actions to manage fraud risks and the extent to which these actions align with leading practices for (1) establishing an organizational culture and structure conducive to fraud risk management, (2) identifying, assessing, and addressing fraud risks, and (3) monitoring and evaluating its antifraud activities. GAO reviewed SSA documents, such as training materials and operational guidance; and interviewed SSA officials at the agency's headquarters, its three fraud examination units, and selected state disability determination offices chosen for their proximity to antifraud initiatives. GAO assessed those actions against leading practices identified in its Fraud Risk Framework.
GAO recommends SSA (1) conduct a comprehensive fraud risk assessment for its disability programs, (2) develop a corresponding antifraud strategy, (3) develop outcome-oriented metrics for antifraud activities, and (4) review progress and change activities as necessary. SSA agreed with GAO's recommendations.
Recommendations for Executive Action
|Social Security Administration||The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to lead a comprehensive fraud risk assessment that is consistent with leading practices, and develop a plan for regularly updating the assessment.|
|Social Security Administration||The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to develop, document, and implement an antifraud strategy that is aligned to its assessed fraud risks.|
|Social Security Administration||The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to work with components responsible for implementing antifraud initiatives to develop outcome-oriented metrics, including baselines and goals, where appropriate for antifraud activities.|
|Social Security Administration||The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to review progress toward meeting goals on a regular basis, and recommend that the NAFC make changes to control activities or take other corrective actions on any initiatives that are not meeting goals.|