Strengthening Fraud Prevention and Detection in Unemployment Insurance

Understand the fraud challenges facing Unemployment Insurance benefit programs across the United States.

By Kevin Caulfield, Irene Pasternak

This article examines the fraud challenges facing Unemployment Insurance (UI) benefit programs across the United States. It provides insights from Guidehouse’s UI experts, who worked with states both during and after the recent COVID-19 public health emergency. It reviews some of the systemic causes of the unprecedented volume of fraud that emerged during the pandemic. Next, it summarizes the common types of fraud threatening UI agencies. Lastly, it presents the most impactful antifraud solutions that UI agencies should consider to strengthen their fraud prevention and detection efforts.


Pandemic Pressure

In response to the pandemic, the U.S. government instituted country-wide shutdowns that led to massive business closures and unprecedented layoffs. Millions of laid-off Americans filed UI claims as a result, and the U.S. government paid out nearly $655 billion.1 While UI benefits became the primary, if not the only, source of income for many families, they also became a popular target for fraudsters, leading to a never-seen-before level of fraud that has been estimated to account for $100 billion-135 billion, or 11%-15%  of all paid-out UI claims.2 UI agencies nationwide found their Integrity and Benefit Payment Control operations strained by record-breaking claim volumes, and a mix of emerging and traditional fraud threats. As UI agencies move forward, they should reflect on the pandemic’s lessons and ensure that their fraud prevention and detection systems are reliable and effective so that they can  maintain day-to-day operations and stay resilient during any future emergency.



The extraordinary challenges of the pandemic exposed shortcomings in UI agencies’ anti-fraud programs. The initial challenge was simply dealing with the explosion in claims volume. The U.S. Department of Labor (USDOL) records that initial claims increased nearly 1,400% across the country between February and March 2020.3 As claims skyrocketed, so did the backlogs of suspicious claims that were flagged by fraud-detection systems. States’ Integrity units promptly realized they lacked the necessary resources to address these backlogs due to insufficient staffing, inadequate scalability of their processes, and lack of updated technologies.

Compounding the backlog challenge were mandates that expanded access to benefits but did not allow time to design and implement adequate fraud controls. For example, Pandemic Unemployment Assistance (PUA) was a new federal program rapidly rolled out by states that made benefits available to self-employed workers, who were allowed to self-certify their eligibility. States found it difficult to verify the accuracy of self-certifications for this class of worker, which tended to have a minimal business footprint. In addition, to expedite the disbursement of the assistance, many states had to relax fraud controls, such as the temporary suspension of a waiting period and identity verification protocols before receiving benefit payments. These changes were soon identified and exploited by opportunistic fraudsters who were eager to employ both old and new attack schemes.


Fraud Threats

Dealing with the administrative challenges brought on by the pandemic, UI agencies tried to remain alert to “traditional” types of fraud schemes, such as Wage & Earning issues, Fictitious Employers, and other types of misrepresentation, but were unable to sufficiently manage the rapid emergence and volume of “new” schemes, for example:

Identity Fraud & Account Takeover
The biggest fraud threat that emerged during the pandemic was Identity Fraud & Account Takeover. The convergence of new UI benefits with weaker fraud controls, such as PUA, as well as the availability of compromised identity information on the dark web, made identity fraud an enticing method to bad actors. Additionally, dark web automation tools enabled fraudsters to conduct account takeover attacks and file claims on a mass scale.4

Case Example: Between March 2020 and October 2021, members of the Brooklyn-based Woo gang used the personally identifiable information of more than 800 victims to submit nearly 1,000 claims for UI benefits. They obtained approximately $4.3 million.5


Insider Threats
Another scheme that emerged during the pandemic was Insider Threat. As the opportunity for identity fraud & account takeover surged, criminal groups were able to recruit UI employees and contractors to assist in their schemes by providing confidential information or hiding fraudulent activity in the system. In response to these new and old threats, UI agencies have been forced to rethink their approaches to fraud prevention and detection.

Case Example: Between April and June 2020, Brandi Hawkins—a contract employee for a state UI agency—used her insider access to release payments on more than 700 fraudulent claims to co-conspirators. Her actions resulted in the fraudulent disbursement of approximately $3.8 million.6


Anti-Fraud Solutions

Since the pandemic, Guidehouse has consulted with dozens of state UI agencies to understand their challenges and identify ways to strengthen their anti-fraud programs. It found that many states struggle with the same types of issues, and thus there is great demand for similar solutions. A helpful framework to better understand these solutions is to categorize them into the business impact areas of People, Process, and Technology. By considering all three business areas, state UI agencies will ensure their anti-fraud strategy is holistic and layered.

People — At the heart of an effective anti-fraud program are people. Agencies must ensure that their Integrity units are adequately staffed with highly qualified personnel. They also must be able to rapidly augment their teams with properly vetted contractors during emergency periods. The agencies should also ensure anti-fraud training is provided not just for Integrity personnel and contractors vetted for staff augmentation, but also for all front-line staff involved in processing unemployment claims. An often-overlooked business area is the Contact Center. Customer service agents must be equipped to authenticate callers, safeguard PII, and detect social engineering attempts.

Process — A common gap across states is the lack of a formalized Fraud Risk Management (FRM) program. The development of a robust FRM program is an ongoing process that evolves over time. At its core, it requires a steadfast commitment from agency leadership to prioritize fraud prevention and detection efforts. Additionally, it should include the establishment of a documented fraud risk tolerance statement, outlining the organization’s stance on acceptable levels of risk. Regular fraud risk assessments are essential components, providing insights into emerging threats and vulnerabilities. Finally, the program should incorporate change management mechanisms to allow for iterative improvements, ensuring program adaptability to evolving fraud landscapes and organizational needs. Without an FRM program, agencies rely on ad hoc and often reactive processes, an approach that left many states ill-prepared and vulnerable at the time of the pandemic.

Technology — The most pressing need across state UI agencies revealed by the pandemic is the need for more advanced automated tools and technology. There are a few that are particularly useful for fighting fraud schemes targeting UI benefits. 

Identity Proofing — USDOL requires UI agencies to conduct identity proofing as a part of the application review and approval processes. It is no longer feasible to manually review identity documents, especially in a crisis situation. States need automated Identity Proofing solutions that are efficient, scalable, easily accessible, and that follow the claimant journey throughout the UI experience. 

Fraud Analytics and Risk Scoring — With high claims volume and more sophisticated fraud schemes, UI agencies need to have a robust Fraud Analytics capability that can aggregate and analyze data from multiple sources. This risk-scoring technology can be used to detect claimant, employer, and internal fraud schemes. To ensure that Fraud Analytics do not create barriers that limit claimant access to benefits, UI agencies should also include equity of access oversight during both implementation and on an ongoing basis.

Case Management Systems — UI agencies should also consider integrating analytics platforms into an Investigative Case Management system to facilitate Investigator review of high-risk issues and claims. Investigative Case Management systems will increase the efficiency of investigations, improve inter-departmental communication, and mitigate the loss of time around workstream inefficiencies.

Cybersecurity — Enhancing various elements of UI agencies’ cybersecurity posture is key in fighting vulnerabilities that impact UI agencies. Agencies should have enterprise-level cybersecurity defenses, bot detection software, identity and access management, and general awareness training. Cybersecurity is essential for UI programs to safeguard sensitive data, maintain security, ensure service continuity, and build public trust.


Guidehouse Experience with Unemployment Insurance Agencies

Guidehouse brings experience working with dozens of UI agencies, and it has an extensive team of UI and fraud specialists. Its cadre of UI professionals has a deep understanding of the challenges and opportunities facing state UI programs. Our teams have led UI programs through the recessions, government shutdowns, technology transformations, and COVID-19. Additionally, Guidehouse has extensive experience in fraud prevention and detection. Our fraud specialists have helped organizations develop and implement strategic fraud risk management programs, complete fraud and improper payment risk assessments, conduct investigations, and deploy remediation measures if potential fraud is identified or suspected.7

No state is alone in its UI challenges or aspirations. Guidehouse can assist UI agencies through the following services:

Fraud and Cybersecurity Risk Management

  • Risk assessment
  • Controls design, enhancement, and implementation
  • Fraud threat intelligence
  • Fraud risk training

Data Analytics

  • Benchmarking, development, and implementation
  • Risk scoring optimization
  • VitalAudit
  • Lookback analysis
  • Automated case summaries using Large Language Model (LLM) tool

Staff Augmentation

  • Integrity operations, including case management, analysis, and investigation
  • Contact Center operations 

Kevin Caulfield, Partner

Irene Pasternak, Director

Michael Frenkel, Associate Director

Darian Cole, Managing Consultant

James Suber, Senior Consultant

1. Pandemic Response Accountability Committee (PRAC),
2. US Government Accountability Office, GAO-23-106696 (September 12, 2023).
3. USDOL, ETA 5159 report data, Initial claims in February 2020, were 843,098, which grew in March 2020 to 11,763,805, an increase of 1,395%.
4. The “dark web” refers to the online black market where bad actors can procure illicit goods and services, including personal identifiable information (PII) and tools that enable hacking, phishing, and SIM swapping.
5.  For more information, see the Guidehouse article, “Safeguarding the Integrity of Public Assistance Programs,”
6. “11 Members and Associates of the Brooklyn-Based Woo Gang Charged with Multi-Million Dollar COVID-19 Unemployment Insurance Fraud.” 2022. February 17, 2022.
7. “Eastern District of Michigan | State Contractor Sentenced in $3 Million Unemployment Fraud Scheme | United States Department of Justice.” 2021. October 28, 2021.

Let Us Help Guide You

Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.

Stay ahead of the curve with news, insights and updates from Guidehouse about issues relevant to your organization and its work.