IRS and SEC detect fraud patterns in heaps of data

Bruce Rolff/

Advanced analytics is transforming the ability of at least two agencies that handle confidential financial information to ferret out fraud and save the government money, according to a panel of federal and private-sector specialists.

The Securities and Exchange Commission and the Internal Revenue Service are embracing new data mining tools and social media to prevent or recover improper payments while also streamlining internal management, speakers on Tuesday told a Washington “FedInsider Leadership Forum” sponsored by Northrop Grumman and moderated by Jason Miller of Federal News Radio.

In the aftermath of the financial crisis and after passage of the 2010 Dodd-Frank financial reform law, “the SEC had too few people and was chasing too large a global mission,” said Thomas Bayer, the SES’s chief information officer. And though its workforce has since expanded from 3,300 to 4,000 employees, the commission led by Mary Schapiro did more to “transform the way we do business” by reorganizing and training employees in digital analytical tools to go after insider traders or operators of Ponzi schemes, he said.

These tools include a centralized data warehouse for 21.5 million company filings, a new electronic whistleblower tip line, and an “e-discovery” digital system for automated enforcement and document exchange during exams of companies. “A case that once produced 8 million pages of documents, or the equivalent of filling the Capitol Rotunda, is now electronic,” Bayer said.

Now receiving twice as much data as it did before Dodd-Frank, the SEC uses “quantitative algorithms and statistical modes that identify the risks, the outliers and the inliers, and we then turn them over to humans to investigate and prosecute,” he said. Using digital forensic analysis and data visualization, a fraud or insider trading case that once took 14-17 months to analyze can now be done in minutes and placed on a CD to give to a prosecutor or a jury, he said.

Success depends on “leveraging expertise, reusing knowledge and data, not recreating it,” Bayer added, pointing to increased standardization of legal letters, templates for investigation and plans for managing the workforce. “We have leapfrogged over where we once were to where we want to be.”

Dean Silverman, a senior adviser to the commissioner of revenue who heads the agency’s new Office of Compliance Analytics said the processes go back a while. “We’ve been doing it at IRS long before there was talk of data mining,” he said. “Private industry would be envious if they knew what our models are.”

Under Commissioner Doug Shulman, the IRS created Silverman’s office to pursue pilot projects in data analytics that can be linked to all stages of the tax process, he said. As an example, the agency’s newly created database of return preparers allowed his office to isolate 1,500 tax preparers who had suspicious refundable tax credits on their clients’ returns. Analytics allowed the IRS to “stay the flow of improper payments worth $200 million.”

His colleague Jodi Patterson, the IRS’ first director of return integrity and correspondence services, said the combination of fraud detection through data filters, business rules and follow-up inquiries by people has saved $19 billion in unmerited refunds.

Nowadays, she said, the fastest -growing problem is identity theft, which comes in two basic forms. Criminals can obtain another taxpayer’s Social Security number and file a false return before the legitimate return reaches the IRS, and criminals can file a fraudulent return for a taxpayer who is not required to file, such as someone who is elderly, deceased or residing overseas.

“We have to balance the promise of fast, daily refunds with the need for anti-fraud checks,” she said.

Kevin Hanff, who spent years as a special agent in the IRS’ Criminal Division before becoming an information systems manager at Northrop Grumman, said “a lot of financial fraud can be exposed through pattern recognition.” Analytics might also help investigators connect the dots by noting that a suspect is spending proceeds with a credit card acquired under false name, he said. “We also can recognize when patterns should be there but aren’t,” as when a suspect has a fancy sports car parked in the driveway but no car payments.

“Fraud is corrosive to agencies and undermines their missions,” Hanff said. “Word gets out among the bad guys [about vulnerabilities], so the problem spikes and overwhelms the agencies.”

All agreed that big data grabs from social media such as Twitter and Facebook are revolutionizing the agency’s information intake, gains tempered by privacy concerns and limits to their use as evidence in court. “Big data means we generate more data in a circular loop,” said John Russack, Northrop Grumman’s director of intelligence community strategies. “The technology improves every day, and so does our ability to handle it. We get more data and it’s more accurate, but the analyst can be overwhelmed,” which is why analytics are needed to “balance the effort to get the predictive analysis we need.”

The private sector partners with the government, Russack added, by focusing on long-term tools so that agencies can focus on executing their own mission. “It’s all interrelated, which is why it’s important for there to be transparency between government and the private sector.”

Bayer was asked whether the SEC now has sufficient staff and resources. “We would like more people, as well as more investment in technology,” he said. The average large company the agency regulates spends as much as 27 percent of their budget on information technology, he said -- more than the entire SEC budget.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.