The pandemic left countless Americans struggling and in need of financial assistance. To provide immediate assistance, the American Rescue Plan Act put nearly $43 billion into the hands of state and local governments nationwide to provide relief for Americans through unemployment insurance, housing, health care and much more. However, the speed which funds were dispersed left little room to prevent fraud, making the system highly vulnerable to threat actors.
So, how can agencies better prepare themselves to combat and prevent fraud?
Over the course of the pandemic, threat actors across the globe — including organized crime networks, nation-state-funded organizations and opportunists simply looking for an easy way to steal some extra money — quickly found, and shared, loopholes in the rollout of pandemic aid programs. Fraudsters leveraged the dark web to share information, sharpen skills, and adjust tactics.
In this ever-evolving threatscape, agencies should strengthen three core areas to run successful interference against fraud: risk assessment, data and technology.
Assess Risk Holistically:
With fraud, protection and prevention is not “one size fits all.” Although most agencies have traditionally focused fraud evaluations solely on improper payments, the truth is each agency has varying levels of fraud risk in a variety of categories — some they may not have even identified yet.
Agencies should undergo risk assessment, they take a holistic approach and examine each part of their organization to ensure evaluations encompass all possible risks. From there, they can then prioritize and focus on the biggest gaps to guide decisions about improving their fraud controls.
Most pandemic loan programs sacrificed identity verification for speed, a vulnerability that served as a main entry point for fraudulent actors. One way agencies can verify data is through a third party source, who can look at application data as soon as it's submitted and instantly verify.
While data sharing might be a challenge for government in most cases, privacy regulations often contain provisions that permit information sharing for the purpose of preventing fraudulent activity, making it a critical step for fraud control.
Invest in Technology:
Finally, for agencies to successfully implement and maintain fraud controls, it is critical for agencies to invest in updated technology.
For agencies to truly optimize their approach to fraud, it must be a priority focus from the start. Agencies should abandon the traditional “pay and chase” mentality that waits for action only after the fraud occurs. Instead, they should take a more proactive approach by building in fraud prevention up front when they are designing program workflows and applications.
Ultimately, when agencies take a holistic and proactive approach to fraud prevention, it becomes fully integrated into an agency’s culture, which leaves room for the growth and innovation necessary to stop it.
“What the government can learn from pandemic fraudsters” was originally published in Government Executive on June 15, 2022.
Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.