A new report conducted by Deloitte found areas of Michigan's Unemployment Insurance Agency's policy that resulted in potential fraud exposure. Additionally, the UIA's technology and organizational areas were also impacted.
According to the report, UIA's policy, technological and organizational changes increased the Agency’s potential exposure to fraud. Additionally, the report provided steps the agency has already taken to enhance its fraud risk management capabilities to address these concerns.
“While the Agency’s previous decisions sought to balance fraud prevention and timely payment to eligible claimants, we strongly agree with the report’s findings that policy, technological and organizational changes increased the Agency’s potential exposure to fraud,” said UIA Acting Director Liza Estlund Olson. “By releasing this report, our hope is that the public will better understand the aggressive measures UIA took to address these vulnerabilities. Our work isn’t done, and the UIA will continue to review our operations and organization to prevent criminals from accessing the unemployment benefits our hardworking families deserve.”
The UIA has been tasked with an increasing number of claims. Since the beginning of the pandemic in March, the agency has received as many claims as it did in the nearly seven previous years combined, the report says. That demand combined with added criminal attacks on the unemployment system has caused potential vulnerability within the system.
"When unemployed Michigan workers needed emergency financial assistance the most, criminals began filing malicious claims in an attempt to take advantage of a global pandemic. Law enforcement and the UIA took action to identify the fraud and malicious filings to investigate crimes against the unemployment system,” Frost said.
In response to efforts to address this vulnerability to fraud, the UI has taken a number of steps, including increasing capacity, improving workflow, and other internal systems, reduced red tape to meet the unprecedented level of claims that have been filed during the pandemic.
The agency has also quadrupled customer-facing staff.
The report has also been submitted to Gov. Gretchen Whitmer.
Below is a list of corrective actions the UIA has implemented.
Finding: The UIA uses a technology platform called Fraud Manager, among other tools, to automatically screen claims for potential fraud. Because of a sequencing error, from April 5, 2020 until May 19, 2020, it was possible for a claim to be filed, certified and a first payment made on the day it was filed before Fraud Manager could process the claim.
Corrective Action: The UIA re-sequenced the claims payment process so that claims and certifications (regardless of type) are run through Fraud Manager prior to being paid (effective as of May 19, 2020).
Finding: There are several filters used by Fraud Manager to identify claims for additional investigation or review. While the filter regarding suspicious bank routing numbers remained, many of these filters were turned off in April due to concerns that they were incorrectly identifying too many legitimate claims for review. This resulted in an increased risk of fraudulent payments being made.
Corrective Actions: The Agency reactivated all filters on May 22, 2020 and additional filters were later added.
Finding: The UIA suspended first-payment review on claims, commonly referred to as the “10-day hold requirement” which previously allowed employers 10 business days to help verify eligibility and respond to/dispute new claims before being released for certification. The removal was in line with actions taken by other states and helped ensure the expedited delivery of benefit payments. Though as a result, UIA personnel had less ability and time to review claims for eligibility before payments were released.
Corrective Action: The Agency reinstated the 10-day hold requirement for new claims on September 24, 2020.
Finding: Previously, claimants were required to submit claims within 14 days of unemployment. The federal CARES Act required states to backdate PUA claims to the date on which the claimant self-certifies that they lost income due to COVID-19, without respect to good cause. Knowing that UI systems were still overwhelmed, the UIA decided to permit the same timeline for traditional state UI claims, allowing applicants to backdate UI claims to March 1, 2020, and PUA claims to February 2, 2020, which greatly increased the amount of initial payments that could be paid to new claimants.
Corrective Action: The UIA implemented a benefit payment review for all backdated claims and returned to normal procedure for late filing on traditional state UI claims on June 11, 2020.
Finding: With hundreds of thousands of ID verification issues to resolve, the UIA made temporary procedural changes to its ID verification process, including allowing ID verification over the phone which increased the risk of fraudulent payments being made.
Corrective Action: The UIA discontinued ID verification over the phone on July 28, 2020, and instead requires claimants to submit required supporting documents to verify their identity.
Finding: The UIA temporarily reassigned key personnel on its Investigations Unit to help issue timely payments to eligible claimants. As a result, the UIA’s Fraud Manager system had less operational oversight to detect and assess potential irregularities that were identified.
Corrective Action: The Agency reestablished the Investigations Unit on May 22, 2020, assembled the State’s Unemployment Insurance Fraud Task Force on June 5, 2020, and appointed retired Special Agent in Charge for the U.S. Secret Service Jeffrey Frost as a Special Fraud Advisor to serve on the task force on June 30, 2020.
Finding: The UIA hired more than 1,800 third-party contractors to help process claims. The large addition of contractors over a short period of time presented challenges related to maintaining adherence to State policies for security checks, onboarding, training, supervising and offboarding third-party contractors.
Corrective Action: The agency made a number of changes to the procedures for onboarding and managing contractors hired through third-party vendors and is running daily reports of offboarded contractors to deactivate system access.