On August 8, 2020, the President directed the Federal Emergency Management Agency (FEMA) to implement a $44 billion lost wages assistance (LWA) program to ease the economic burden for people who lost employment because of coronavirus disease 2019 (COVID-19).
An Office of Inspector General (OIG) audit has found that FEMA did not implement controls to prevent state workforce agencies (SWA) from paying more than $2.6 million in LWA for potentially fraudulent claims made by Department of Homeland Security (DHS) employees, or claimants who fraudulently used the identities of DHS employees to obtain LWA benefits.
OIG reviewed data from 35 of the 54 SWAs that participated in the LWA program, representing 80 percent of the distributed LWA grant funds. The watchdog found 2,393 claims linked to DHS employees’ identities, totaling $3.3 million in LWA payments. Based on eligibility criteria and fraud risk indicators, OIG determined that 1,809 DHS employees were ineligible or potentially ineligible for LWA benefits. The claims linked to these employees’ identities totaled more than $2.4 million in potentially fraudulent LWA payments based on eligibility criteria. OIG found that 584 DHS employees were eligible to receive LWA benefits. However, 167 of the claims linked to these employees’ identities ($242,240) showed a high or medium risk of fraudulent activity, including identity theft, based on fraud risk indicators.
OIG said this occurred because FEMA hastily implemented the LWA program in 11 days, during an unprecedented pandemic, without developing program controls to prevent fraud. Instead, FEMA overly relied on underlying unemployment insurance (UI) programs’ controls, which had weaknesses (including how DHS’ Office of the Chief Human Capital Officer processes UI claims), to determine LWA eligibility and prevent fraud. Additionally, OIG said FEMA did not ensure SWAs used consistent fraud prevention controls and did not verify the use of controls outlined in SWAs’ state administrative plans. As a result, OIG determined that the LWA program was vulnerable to fraud, including identity theft, and risked more than $2.6 million of the Disaster Relief Fund.
The watchdog is concerned that the DHS “significantly increased” employees’ risk of fraud and exposure to identity theft. Without effective fraud prevention controls, even claims purportedly filed by eligible individuals may pose a significant risk of fraud, including identity theft.
OIG has consequently made seven recommendations, including that FEMA develop and implement a standard risk assessment process before initiating new Federal grant programs. OIG says this risk assessment should focus on identifying and evaluating program risks that may affect FEMA’s ability to prevent waste, fraud, and abuse in its programs and mitigating those external risks to the extent practical. The watchdog also wants to see an after-action study of the Lost Wages Assistance program and for FEMA Individual Assistance programs to be updated based on the lessons learned from the study. OIG has also recommended that FEMA de-obligate and recover any monies determined to have been obtained fraudulently or other improper payments through the Lost Wages Assistance program from the state workforce agencies.
DHS concurred with most of the recommendations. However, senior FEMA leadership disagreed with OIG’s conclusion that the agency did not implement fraud prevention controls because it considers the LWA policies and procedures it developed to be sufficient.