[Senate Report 114-229] [From the U.S. Government Publishing Office] Calendar No. 391 114th Congress } { Report SENATE 2d Session } { 114-229 _______________________________________________________________________ FRAUD REDUCTION AND DATA ANALYTICS ACT OF 2015 __________ R E P O R T of the COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE to accompany S. 2133 TO IMPROVE FEDERAL AGENCY FINANCIAL AND ADMINISTRATIVE CONTROLS AND PROCEDURES TO ASSESS AND MITIGATE FRAUD RISKS AND TO IMPROVE FEDERAL AGENCIES' DEVELOPMENT AND USE OF DATA ANALYTICS FOR THE PURPOSE OF IDENTIFYING, PREVENTING, AND RESPONDING TO FRAUD, INCLUDING IMPROPER PAYMENTS [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] March 15, 2016.--Ordered to be printed ______ U.S. GOVERNMENT PUBLISHING OFFICE 59-010 WASHINGTON : 2016 COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS RON JOHNSON, Wisconsin, Chairman JOHN McCAIN, Arizona THOMAS R. CARPER, Delaware ROB PORTMAN, Ohio CLAIRE McCASKILL, Missouri RAND PAUL, Kentucky JON TESTER, Montana JAMES LANKFORD, Oklahoma TAMMY BALDWIN, Wisconsin MICHAEL B. ENZI, Wyoming HEIDI HEITKAMP, North Dakota KELLY AYOTTE, New Hampshire CORY A. BOOKER, New Jersey JONI ERNST, Iowa GARY C. PETERS, Michigan BEN SASSE, Nebraska Christopher R. Hixon, Staff Director Gabrielle D'Adamo Singer, Chief Counsel Patrick J. Bailey, Chief Counsel for Governmental Affairs Jennifer L. Schaeffer, Professional Staff Member Gabrielle A. Batkin, Minority Staff Director John P. Kilvington, Minority Deputy Staff Director Mary Beth Schultz, Minority Chief Counsel Katherine C. Sybenga, Minority Chief Counsel for Governmental Affairs Laura W. Kilbride, Chief Clerk Calendar No. 391 114th Congress } { Report SENATE 2d Session } { 114-229 ====================================================================== FRAUD REDUCTION AND DATA ANALYTICS ACT OF 2015 _______ March 15, 2016.--Ordered to be printed _______ Mr. Johnson, from the Committee on Homeland Security and Governmental Affairs, submitted the following R E P O R T [To accompany S. 2133] The Committee on Homeland Security and Governmental Affairs, to which was referred the bill (S. 2133) to improve Federal agency financial and administrative controls and procedures to assess and mitigate fraud risks, and to improve Federal agencies' development and use of data analytics for the purpose of identifying, preventing, and responding to fraud, including improper payments, having considered the same, reports favorably thereon without amendment and recommends that the bill do pass. CONTENTS Page I. Purpose and Summary..............................................1 II. Background and Need for the Legislation..........................2 III. Legislative History..............................................3 IV. Section-by-Section Analysis......................................4 V. Evaluation of Regulatory Impact..................................4 VI. Congressional Budget Office Cost Estimate........................5 VII. Changes in Existing Law Made by the Bill, as Reported............6 I. PURPOSE AND SUMMARY S. 2133, the Fraud Reduction and Data Analytics Act of 2015, seeks to strengthen Federal anti-fraud controls by implementing agency guidelines set by the Director of the Office of Management and Budget (OMB) with input from the Governmental Accountability Office (GAO) on risk-based fraud prevention techniques, increasing reporting on agency fraud reduction strategies to Congress, and facilitating the creation of a Federal interagency library of data analytics and data sets used to prevent fraud and improper payments. II. BACKGROUND AND THE NEED FOR LEGISLATION Fraud in the Federal Government is a serious problem that wastes taxpayer dollars, prevents Federal programs from carrying out their intended purpose and serving target populations, and creates potential national security risks. Congress and Federal agencies have been working to combat fraud and reduce improper payments by creating policies and legislation that will give agencies the tools that they need to target and prevent fraud. In 2014, Federal agencies reported an estimated $124.7 billion in improper payments, which includes payments made because of waste, fraud, and abuse.\1\ According to GAO, the improper payment amount was $136.9 billion in 2015.\2\ --------------------------------------------------------------------------- \1\Gov't Accountability Office, GAO-15-593SP, A Framework for Managing Fraud Risks in Federal Programs 47 (July 2015), available at http://www.gao.gov/assets/680/671664.pdf. \2\Gov't Accountability Office, GAO-16-357R, Financial Audit: U.S. Government's Fiscal Years 2015 and 2014 Consolidated Financial Statements 32 (Feb. 2016), available at http://www.gao.gov/assets/680/ 675425.pdf. --------------------------------------------------------------------------- This Committee has a history of conducting oversight of the fraudulent and wasteful use of taxpayer dollars, including holding hearings on improper payments in both the 113th and 114th Congress. For example, on February 11, 2015, the Committee held a hearing titled Risky Business: Examining GAO's 2015 List of High Risk Government Programs. The hearing examined government functions identified by the GAO as a high risk to taxpayers, including fraudulent income tax returns due to identity fraud, which led to $5.8 billion in improper payments in 2013.\3\ --------------------------------------------------------------------------- \3\Risky Business: Examining GAO's 2015 List of High Risk Government Programs: Hearing Before the S. Comm. on Homeland Sec. & Governmental Affairs, 114th Cong. (2015), available at http:// www.hsgac.senate.gov/hearings/risky-business-examining-gaos-2015-list- of-high-risk-government-programs; Gov't Accountability Office, GAO-15- 371T, GAO'S 2015 High-Risk Series: An Update 7 (Feb. 2015), available at http://www.gao.gov/assets/670/668419.pdf. --------------------------------------------------------------------------- In another February 2015 hearing looking at the work of Federal inspectors general, the Social Security Administration's (SSA) Inspector General testified that in fiscal year 2013, SSA reported $3 billion in improper payments in its Old Age, Survivors, and Disability programs, and $5.1 billion in improper payments in the Supplemental Security Income program.\4\ The Inspector General was quick to point out that these aggregate numbers do not include fraud that the agency has not detected, meaning it represents only a portion of the full amount of improper payments made, and highlighting the importance of detecting fraud.\5\ --------------------------------------------------------------------------- \4\Improving the Efficiency, Effectiveness, and Independence of Inspectors General: Hearing Before the S. Comm. on Homeland Sec. & Governmental Affairs 2, 114th Cong. (2015) (statement of Patrick P. O'Carroll, Jr., Inspector General, Social Security Administration), available at http://www.hsgac.senate.gov/hearings/improving-the- efficiency-effectiveness-and-independence-of-inspectors-general. \5\Id. --------------------------------------------------------------------------- To help Federal agencies reduce fraud, in 2014, GAO updated their Standards for Internal Control in the Federal Government (the ``Green Book'') which provides the overall framework for establishing and maintaining an effective internal control system. According to GAO, internal controls are the organizational processes which agencies use to comply with applicable laws and regulations and report accurately on their operations.\6\ The new Green Book, which became effective at the beginning of fiscal year 2016, sets the standards for internal controls in Federal agencies and requires Federal managers to ``consider the potential for fraud when identifying, analyzing, and responding to risks.''\7\ --------------------------------------------------------------------------- \6\Gov't Accountability Office, GAO-14-704G, Standards For Internal Control in the Federal Government 5 (Sept. 2014), available at http:// www.gao.gov/assets/670/665712.pdf. \7\Id at 34. --------------------------------------------------------------------------- Additionally, GAO published the Fraud Risk Management Framework (the Framework) in July 2015 to help Federal managers adjust to a risk-based approach to combat fraud.\8\ The Framework emphasizes fraud prevention and recommends control activities Federal managers can implement to prevent, detect, and respond to fraud. It was created with input from Offices of Inspector General (OIG), national audit institutions from other countries, the World Bank, the Organization for Economic Co- operation and Development, as well as anti-fraud experts representing private companies, state and local audit associations, and nonprofit entities.\9\ The Framework recommends that agencies create an organizational culture that emphasizes fraud risk management, plan regular risks assessments tailored to each program, design anti-fraud strategies that include cooperation with program stakeholders, and design methods to measure fraud reduction outcomes, among other recommendations.\10\ --------------------------------------------------------------------------- \8\Gov't Accountability Office, GAO-15-593SP, A Framework For Managing Fraud Risks in Federal Programs (July 2015), available at http://www.gao.gov/assets/680/671664.pdf. \9\Id. at 1. \10\Id. at 6. --------------------------------------------------------------------------- The Fraud Reduction and Data Analytics Act of 2015 seeks to utilize the GAO Framework by codifying these new standards and directing OMB to use the Framework to create guidelines for agencies to establish controls to identify and assess fraud risks and to design and implement control activities to prevent, detect, and respond to fraud. Agencies will then be required to report to Congress on their implementation of the new fraud reduction strategies, as well as identify their risks and vulnerabilities to fraud. These reports will help Congress monitor the progress made by agencies in addressing and reducing fraud risk, including the success or failures of the guidelines created by OMB as a result of this bill. Finally, to give Federal agencies the technical tools they need to better analyze fraud risk, the bill establishes a working group tasked with establishing a plan for the creation of a Federal interagency library of data analytics and data sets to facilitate the detection of fraud and the recovery of improper payments. The working group is comprised of the Controller of OMB as chairperson and the Chief Financial Officer (CFO) of each agency. This information will allow agencies to coordinate in their fraud detection and improve their ability to use data analytics to monitor databases for potential improper payments, a recommendation included in GAO's Framework for reducing fraud risk.\11\ --------------------------------------------------------------------------- \11\Id. --------------------------------------------------------------------------- III. LEGISLATIVE HISTORY S. 2133, the Fraud Reduction and Data Analytics Act of 2015, was introduced October 5, 2015, by Senators Tom Carper, Thom Tillis, Claire McCaskill, Ron Johnson, and Tammy Baldwin. The bill was referred to the Committee on Homeland Security and Governmental Affairs. The Committee considered S. 2133 at a business meeting on October 7, 2015. The Committee ordered the bill reported favorably by voice vote without amendment. Members present for the vote on the bill were Senators Johnson, Portman, Lankford, Enzi, Ernst, Sasse, Carper, McCaskill, Baldwin, Heitkamp, and Booker. IV. SECTION-BY-SECTION ANALYSIS OF THE BILL, AS REPORTED Section 1. Short title This section establishes the short title of the bill as the ``Fraud Reduction and Data Analytics Act of 2015.'' Section 2. Definitions This section defines the terms ``agency'' and ``improper payment.'' Section 3. Establishment of financial and administrative controls relating to fraud and improper payments This section directs the Director of OMB to create guidelines for agencies to establish controls to identify fraud risks and to design and implement control activities to respond to fraud, which should specifically incorporate practices identified in the GAO Framework, and states that the Director of OMB should work with the United States Comptroller General to modify the guidelines as necessary. This section specifies that agencies should be using a risk-based approach to design controls to prevent fraud and that control activities should mitigate identified fraud risks. The section also states that agencies should be collecting data to detect and monitor fraud, and using that data to perfect their fraud prevention techniques, as well as using the results of audits and investigations to improve their fraud detection and response. Finally this section requires each agency to submit a report on their progress toward: enacting the guidelines created by OMB, the fraud risk principle in the Green Book, and the OMB Circular A-123 with respect to the leading practices for managing fraud risk; and identifying risks and vulnerabilities to fraud. Such reports are required to be submitted to Congress in the agency's annual financial report to Congress for each of the three fiscal years following the enactment of this bill. Section 4. Working group This section establishes a working group, comprised of the Controller of OMB as chairperson, and the CFO of each agency. This working group will meet quarterly to share best practices in addressing fraud and to establish a plan for the creation of a Federal interagency library of data analytics and data sets to facilitate the detection of fraud and the recovery of improper payments. V. EVALUATION OF REGULATORY IMPACT Pursuant to the requirements of paragraph 11(b) of rule XXVI of the Standing Rules of the Senate, the Committee has considered the regulatory impact of this bill and determined that the bill will have no regulatory impact within the meaning of the rules. The Committee agrees with the Congressional Budget Office's statement that the bill contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act (UMRA) and would impose no costs on state, local, or tribal governments. VI. CONGRESSIONAL BUDGET OFFICE COST ESTIMATE January 12, 2016. Hon. Ron Johnson, Chairman, Committee on Homeland Security and Governmental Affairs, U.S. Senate, Washington, DC. Dear Mr. Chairman: The Congressional Budget Office has prepared the enclosed cost estimate for S. 2133, the Fraud Reduction and Data Analytics Act of 2015. If you wish further details on this estimate, we will be pleased to provide them. The CBO staff contact is Matthew Pickford. Sincerely, Keith Hall. Enclosure. S. 2133--Fraud Reduction and Data Analytics Act of 2015 S. 2133 would require federal agencies to report on their efforts to assess and combat fraud and improper payments in each of the next three years. In addition, the legislation would require the Office of Management and Budget (OMB) to set up a working group to establish best practices for preventing fraud and improper payments and for sharing analytical information among federal agencies. The Federal Managers' Financial Integrity Act requires agencies to establish and maintain internal controls to ensure federal programs operate efficiently, effectively, and in compliance with relevant laws. The Government Accountability Office (GAO) issues financial control standards for the federal government through the Standards for Internal Control in the Federal Government (known as the Green Book). Additionally, OMB establishes specific requirements for assessing and reporting on financial controls used by the federal government. The standards in the most recent Green Book include methods for assessing the risk of fraud. Based on information from GAO and OMB, CBO expects that implementing the bill would increase the administrative costs of each major federal agency by roughly $50,000 annually primarily to prepare reports for the Congress for three years. Because there are about 25 major agencies, CBO estimates that implementing S. 2133 would cost about $4 million over the 2016- 2020 period, including funds to operate the proposed working group. Such spending would be subject to the availability of appropriated funds. Under S. 2133, agencies would be required to undertake additional efforts to detect fraud and improper payments that will not be undertaken under current law. Such efforts could result in cost savings to some agencies, but could also lead to additional costs to correct financial systems. CBO has no basis for estimating the magnitude of either increases in the recovery of fraudulent payments or costs to correct financial systems. Enacting S. 2133 also could affect direct spending by some agencies (such as the Tennessee Valley Authority) because they are authorized to use receipts from the sale of goods, fees, and other collections to cover their operating costs. Therefore, pay-as-you-go procedures apply. Because most of those agencies can make adjustments to the amounts collected as operating costs change, CBO estimates that any net changes in direct spending by those agencies would not be significant. Enacting the bill would not affect revenues. CBO estimates that enacting S. 2133 would not increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2026. S. 2133 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act and would not affect the budgets of state, local, or tribal governments. The CBO staff contact for this estimate is Matthew Pickford. The estimate was approved by H. Samuel Papenfuss, Deputy Assistant Director for Budget Analysis. VII. CHANGES IN EXISTING LAW MADE BY THE BILL, AS REPORTED Because this legislation would not repeal or amend any provision of current law, it would make no changes in existing law within the meaning of clauses (a) and (b) of paragraph 12 of rule XXVI of the Standing Rules of the Senate. [all]