Promising Practices Promising PracticesPromising Practices
A forum for government's best ideas and most innovative leaders.

New Approaches for Fighting Fraud

ARCHIVES
Photo: TaxRebate.org.uk

The Fraud Reduction and Data Analytics Act, signed into law in June 2016, requires the Office of Management and Budget to set guidelines for agency identification and assessment of fraud risks and the design and implementation of controls to prevent them. These guidelines must incorporate the leading practices in the Government Accountability Office’s Framework for Managing Fraud Risks in Federal Programs. The act also requires OMB to lead interagency coordination among agencies to share and promote best practices in the law’s implementation.

Agencies are grappling with the practicalities of implementation of the new law. Given the variability in fraud risks, fraud risk management must take place at different levels within an organization. And because fraud risk assessments are relatively new, taking an incremental approach makes sense.

One way to approach the new mandate is for cabinet-level leadership to direct components to assess overall fraud risks and develop a prioritized list of programs based on the inherent risks they identify. For example, within the Veterans Affairs Department, the Veteran’s Health Administration’s fraud risks might rank higher in potential consequence than those identified by the Veterans Benefits Administration. If that turned out to be the case, the VA administrator could direct the VHA to conduct a comprehensive fraud risk assessment, develop a risk profile and come with a response plan. After the agency develops the process, tools and templates for carrying out the risk assessment and developing a response, lessons learned from implementation can benefit the approach taken in the next-highest risk program.

Another approach organizations might take is to look at high-risk processes within an agency or component. For example, an agency like the National Science Foundation may assess processes in place to oversee grantees across all of its programs and identify risks and tailor response strategies to them. As the fraud risk management process is developed, the activities can be incrementally applied to other areas of the agency. It’s important to note that the Fraud Act and GAO’s Fraud Risk Management Framework apply not only to financial fraud, but fraud that impacts operations and the organization’s reputation. While beneficiary fraud may pose the largest risk based on the level of funding, internal fraud—such as purchase card, travel card or even telework fraud—can also pose significant risk.

Congress established robust annual reporting requirements in the Fraud Act. Many agencies are unclear what to include in such reports. Below are some considerations for how to approach these requirements at different levels of government.

Ideally, at the cabinet level, the department would develop a high-level fraud risk profile that assesses risks across components, prioritizes them and designates entities to address them. This would provide a useful snapshot of the department’s fraud risk.

At the component level, agencies could develop more detailed fraud risk profiles. These profiles would identify programs with the highest risks, describe them and detail planned actions to mitigate them. This can serve as a blueprint for incoming component agency heads to understand the extent and nature of fraud risks across the programs, how mature the responses are, and where to focus fraud prevention efforts.

In some cases, it may be necessary to develop fraud risk profiles for specific programs, especially the very largest ones. These include major benefit programs, such as those administered by VBA or the Disability Insurance program managed by the Social Security Administration. It could even apply to major grant-making and large contract programs. These face significant fraud risks, so risk assessments and profiles at the program level are appropriate.

The Fraud Act requires the creation of a working group to share financial and administrative controls, best practices and techniques for detecting, preventing and responding to fraud. It gives the group specific responsibility for developing and sharing data analytics techniques. The working group provides an excellent opportunity to share and leverage expertise across the government and beyond. Similar working groups for other purposes, such as implementation of the 2014 Digital Accountability and Transparency Act, have been key tools in successful interagency coordination. One model to consider emulating is the current sharing of data analytics techniques among inspectors general.

The Fraud Act provides an excellent opportunity for the federal government to take a proactive approach to managing and mitigating fraud risk. With the right focus and implementation strategy, agencies can reduce fraud in their programs and bolster faith in the government’s ability to protect tax dollars. Likewise, the Fraud Act provides an opportunity for OMB to establish anti-fraud working groups that will help agencies leverage what is already working. With more than $140 billion in improper payments made annually, the effort would be well worth it.

Linda S. Miller, a former senior official at the Government Accountability Office, is a director with Grant Thornton Public Sector’s Fraud Risk Assessment practice.

Photo: TaxRebate.org.uk

FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.