DiNapoli: Problems Caused by Outdated System Left State's Unemployment Insurance Program Vulnerable to Fraud
DOL officials did not heed warnings as far back as 2010 that its UI system was out of date, nor did it address issues identified in a 2015 State Comptroller's audit. The system lacked the resources necessary to adjust to new laws or handle workload surges -- a dire forecast with disastrous consequences during the pandemic. Not only did DOL have to manage an unprecedented volume of traditional UI benefit claims, but it also administered UI benefits for the temporary programs created by the federal Coronavirus Aid, Relief, and Economic Security Act (CARES Act). These temporary federal benefits, with less stringent eligibility requirements, contributed to a dramatic increase in UI claims.
Even before the pandemic, the
Auditors found that during the pandemic DOL had to compensate for its outdated system by overriding existing controls designed to prevent improper payments. DOL's "pay and chase" approach increased the risk of overpayments, payments charged to the wrong funding source, and fraud. For instance:
* Auditors tested a sample of 53 claimants, selected for various risk factors, and found that 18, or one-third, potentially received UI payments that exceeded the maximum allowed amount.
* Auditors sampled an additional 100 claimants and found 96 of the combined total of 118 claimants were improperly paid nearly
* Auditors identified another
The outdated system also created obstacles to monitoring and analyzing fraudulent claims and for making operational decisions. Auditors found that DOL could not identify the root cause of overpayments and fraud and did not implement controls to address weaknesses in the system. During the audit, DOL was unable to provide auditors with information to support their management and response to fraudulent claims and could not account for:
* The number of claims that were paid to fraudulent claimants before being detected;
* The length of time from when claims were filed to when they were identified as fraudulent (to determine the number of weeks that payments were made); and
* How the claims were identified as fraudulent (e.g., whether through departmental procedures or based on complaints from individuals whose identities were used by imposters to file false claims).
DOL's failure to provide auditors with information and its slow response to requests delayed the audit's completion. DOL was unable to provide supporting documentation on the over
This information is critical for New Yorkers because during the pandemic the state had to borrow from the federal government to support UI claims. It had a loan balance from the federal UI trust fund that averaged
Auditors also found that while DOL repeatedly pointed to identity theft as the major cause of fraud within the program, specifically for the temporary benefit programs, it did not implement a critical system to stop identity theft, a program called
DiNapoli's auditors also found DOL did not take some critical steps to secure its UI system and data. As a result, DOL has minimal assurance that its substantial personal information assets are protected against loss or theft. For example, auditors determined DOL did not classify data on its UI system, failed to encrypt certain information, did not enforce strong access controls or authentication rules, and did not have a policy in place to ensure systems logs were monitored. Some of its changes to the UI system made in response to the pandemic did not meet all the necessary requirements of the
The audit recommended DOL:
* Continue the development of the replacement UI system and ensure its timely implementation.
* Take steps, including collecting and analyzing data related to the identity verification process, to ensure the correct balance between fraudulent identity detection and a streamlined process for those in need of UI benefits.
* Follow up on the questionable claims identified by this audit to ensure adjustments have been made so they are paid from the proper funding source and overpayments are recovered, as warranted.
* Ensure the current and new UI system and data comply with provisions of the NYS Information Security Policy, the Classification, Authentication, Encryption, and Logging Standards, as well as the ITS Operations Change Management Process and Policy.
* Improve the timeliness of cooperation with state oversight inquiries to ensure transparent and accountable agency operations.
Department officials generally agreed with the audit's findings and recommendations.
* * *
* * *
Original text here: https://www.osc.state.ny.us/press/releases/2022/11/dinapoli-problems-caused-outdated-system-left-states-unemployment-insurance-program-vulnerable-fraud
Coordinated Care Expands Access to Healthy Food across Washington
Employee burnout is on par with pandemic highs, Aflac reports
Health/Employee Benefits News
Life Insurance News