$466M audit shows 13% fraud: Full report released after redaction efforts by Labor Department

"Fraudsters are always trying to stay one step ahead of everyone. So you've got to be in a position where you're capturing emerging trends and building that into the process as well."

Bob Sprague

Forvis auditing firm

A forensic audit that found Kansas paid up to $466 million in unemployment fraud is now public, revealing the contents of a report that some state officials wanted to keep at least partially secret.

The audit was provided to and discussed by members of the Unemployment Compensation Modernization and Improvement Council earlier this month, but members were required to surrender their copies at the conclusion of the meeting. The public was barred from viewing the audit.

Council chair Rep. Sean Tarwater, R-Stilwell, said KDOL had demanded redactions to the audit, which by law was supposed to be public.

The Labor Department denied an open records request for an unredacted version of the audit, calling redactions of confidential information a requirement of state law. Meanwhile, senior legislative staff released an unredacted version, declaring it "no longer considered to be confidential."

The council is scheduled to meet again Monday.

Of $3.5 billion in payments, up to $466 million was fraud

More than $3.5 billion was paid out by the state's unemployment system. The auditors estimate between $441 million and $466 million in "potentially fraudulent claims" were paid out.

That means about 13% of all unemployment benefit payments were likely fraudulent.

The period covered March 15, 2020, through March 31, 2022. More than 1.5 million claims were filed from nearly 1.1 million unique claimants.

The initial fraud estimate ranged from $486 million to $511 million, but was reduced to account for legitimate claims filed by people who were victims of an earlier fraudulent claim using stolen personal information.

The auditors factored in a presumption that $25 million in legitimate claims were paid out to claimants who self-reported fraudulent claims made in their names.

Not all of the lost money came directly from Kansas funds. Of the $511 million figure, about $310 million was in state programs with the other $201 million in federal programs.

Audit splits difference of conflicting estimates

The forensic audit was long-awaited among politicians, who had been given conflicting accounts estimating the level of fraud.

The Labor Department had estimated a lower figure, roughly $290 million.

A report from Legislature's nonpartisan auditors came up with a higher figure, potentially as much as $700 million.

A more definitive amount was necessary because lawmakers intend to put the equivalent into the unemployment trust fund in order to alleviate the tax burden on employers. The state has already transferred $250 million and has a second $250 million ready to go.

"We need to get a good number to put into the trust fund," Tarwater said.

Tarwater said he considers it a "good working number" that is both "awful" and "lower than what we anticipated."

"Ultimately, I think it was a fair audit," said Labor Secretary Amber Shultz. "I thought they did a pretty good job. They had a variety of methodologies to test themselves to make sure that there was correlations that they were seeing and expecting through the data."

Flagging fraud, but also legitimate claims

Tom Haldiman, of the auditing firm Forvis, said they used various methods to quantify potential fraud, obtaining multiple datasets they had to assess for integrity and analyze.

One of the most valuable datasets was of the nearly 330,000 people who self-reported fraudulent claims.

They also looked at potential fraud flags by KDOL, though the agency didn't consistently track the reasons why specific claimants were flagged. More than 350,000 claimants were flagged as potential fraud and weren't subsequently cleared as legitimate.

The KDOL system tracked IP addresses of claimants, a dataset of 24.6 million logins.

The agency provided death dates for nearly 9,000 claimants and a list of more than 70,000 claimants who were incarcerated at some point, as matched against Kansas Department of Corrections data.

The agency also provided recent and historical data on claims and payments, by employer.

Some of the fraud was "egregious," meaning the flagged claim had a "high probability" of being fraud. Some of those included when many claimants used the same bank account, phone number or email address. Auditors also found payments to nine claimants who had died before the claims were filed, and one payment to a claimant with an invalid Social Security number.

The Labor Department flags were "effective," auditors said, flagging $383 million in payments. But it also flagged $345 million as "potentially fraudulent" that auditors determined were "likely legitimate and should not have been flagged."

"They probably cast too wide of a net, but that net did capture a fair number of the fraudulent claims," Haldiman said.

Shultz said the agency became more conservative about flagging fraud because "we were getting raked over the coals for allowing fraud."

Most fraud happened before KDOL used multifactor authentication

Republican lawmakers have long argued the Kelly administration could have and should have done more to prevent fraud, especially in the first year of the pandemic. It wasn't until February 2021 that the agency started requiring a higher level of authentication for logins.

Auditors noted that about 85% of the fraud happened before KDOL implemented multifactor authentication.

"I find it disheartening that we had solutions within our grasp, we just chose not to make it a priority," said council member Phil Hayes, citing the drop in fraud after January 2021.

They also estimate that about $15 million worth of fraud "might have been avoided" if KDOL hadn't waived a one-week waiting period. The agency made nearly $78 million in overpayments for a variety of reasons.

The audit also indicated that KDOL did in fact stop payments once fraud was discovered.

Haldiman said there were "two distinct waves" in fraud. The first was in summer 2020, targeting federal funds. The second was in late fall and early winter 2020-21, targeting state funds.

The administration and Democratic allies have sought to shift blame onto the agency's aged IT system for its inability to keep up with the volume of claims and modern technology.

"We had a lot of problems here in Kansas with our ancient system, and that caused a lot of holes and gaps," said Sen. Jeff Pittman, D-Leavenworth.

"We're blaming all these things of what could we have done in the last 18 months," said council member Jake Miller. "I get it, there could have been reaction times better or different things, it was an ongoing issue. But my point is what would have been different in this situation had the system been revamped seven years ago?"

Kansas gave contractor Tata Consultancy Services a $41 million contract to modernize the unemployment insurance system into a cloud-based one. The company has had a rocky road with similar work elsewhere.

Auditors noted "significant leadership changes" at KDOL. Personnel changes included four different secretaries or interim secretaries in an eight-month period. Staff turnover was also cited at deputy secretary, chief of staff and chief information officer.

"That would seem to me to be a lot of turnover," said Bob Sprague, of Forvis, speculating that better opportunities or burnout likely played a role.

Auditors recommend more automation

The audit assessment of KDOL program integrity elements revealed the agency had various procedures in place but had difficulty keeping up with all fraud testing elements due to the massive amount of claims.

"That time period was completely unprecedented and caused a lot of these a lot of these issues to come to light," Sprague said.

While the pandemic may have put unpresented pressure on the unemployment system, "prior to that, the department experienced fraud," he said. "The department will continue to experience fraud going forward."

The auditors recommended implementing more automated processes, something that is already underway with fraud detection software from Pondera.

"The more you can move away from trying to keep up manually with identifying potential fraud, the better position you're going to be in," Sprague said.

Auditors also recommended tracking and analyzing the effectiveness of fraud flags, creating and documenting new procedures, retaining prison data and training.

"Fraudsters are always trying to stay one step ahead of everyone," Sprague said. "So you've got to be in a position where you're capturing emerging trends and building that into the process as well."

Jason Tidd is a statehouse reporter for the Topeka Capital-Journal. He can be reached by email at [email protected]. Follow him on Twitter @Jason_Tidd.

"Fraudsters are always trying to stay one step ahead of everyone. So you've got to be in a position where you're capturing emerging trends and building that into the process as well."

Bob Sprague

Forvis auditing firm