States were not prepared to face COVID-era UI fraud, congressional report says

After two years of partisan wrangling, a House subcommittee released its final report last week on its investigation into the COVID-19 pandemic and appeared to agree on at least one thing: states could and should have done more to prevent unemployment insurance fraud.

The House Select Subcommittee on the Coronavirus Pandemic’s 557-page report said states have now lost more than $191 billion in fraudulent payments, an increase on the $135 billion the Government Accountability Office estimated last year that states had lost.

Congress allocated $872 billion to various unemployment insurance programs through the 2020 Coronavirus Aid, Relief, and Economic Security Act, but those efforts quickly ran into issues as states dealt with an overwhelming number of claims from people who lost their jobs and legacy systems that could not cope.

“These programs were implemented rapidly as Congress, governors, and state legislatures pushed for state workforce agencies to distribute funds efficiently,” the report says. “However, the unprecedented volume of claims placed enormous strain on states’ unemployment systems contributing to delays, confusion, improper payments, and fraud.”

That fraud ran rampant, as two pandemic-era unemployment insurance programs had reported improper payment rates of 18.71%.

The report particularly took states to task for how they administered the Pandemic Unemployment Assistance program, which was established under the CARES Act to provide unemployment insurance to self-employed workers, freelancers, independent contractors and part-time workers impacted by COVID-19 with up to 79 weeks of unemployment benefits.

That program did even worse, according to the U.S. Department of Labor, which reported an improper payment rate of 35.9% in August 2023. Issues stemmed from the program not requiring claimants to provide state workforce agencies with any documentation or evidence of earnings for the first nine months of its existence. Agencies thus “lacked the necessary information to verify the credibility of the claims,” the report says, even as they were responsible for distributing funds.

Meanwhile, the House subcommittee also assailed states for failing to cross-check claims to make sure applicants weren’t filing in multiple states, were in prison or were otherwise a high fraud risk. States also struggled to verify applicants’ identities, as they were outside the regular taxation system. The program “enabled widespread fraud at an unprecedented level,” the report says.

“This absence of robust verification measures allowed criminals to exploit the system by receiving multiple payment cards, with some sent to the same address, and by fraudulently obtaining benefits in the names of incarcerated individuals,” the report continues.

If states had implemented better cross-matching of applicant data, they could have avoided many of their fraudulent claims, the report says. And it also could have reduced the number of times that legitimate claimants later found out their identities had been stolen as they received paperwork from the Internal Revenue Service for benefits paid out in their name.

But it is not just states that are blamed for the fraudulent payouts. The report also said “most” of the losses incurred could have been prevented if Congress and federal agencies had provided “up-to-date technologies along with proper verification methods for oversight,” something the GAO has been urging for more than a decade.

And while agencies are working to track down some of fraudsters’ ill-gotten gains, it isn’t easy. Senators have dabbled with a plan that would have states recover funds directly and keep 25% for themselves, but such proposals may not be possible given how some money has allegedly been spent.

“Agencies are actively working to recover funds lost to fraudsters but are having difficulties tracking down some of the money, as some was converted into tangible assets,” the report says. “Fraudsters bought cars, property, and even hired hitmen with the money stolen from taxpayers.”

Notably, Democrats released a report of their own on the subcommittee’s findings, and while they disagreed with many of the Republican majority’s conclusions, they did not argue against any unemployment insurance-related findings.

Since the dark days of the pandemic, the federal government and states have spent hundreds of millions of dollars to modernize their unemployment insurance systems and stay ahead of new threats. In doing so, they have also looked to create a more seamless user experience, but such efforts have proven tricky as fraudsters have become even more sophisticated.

James Cotter, director of the Integrity Data Hub at the National Association of State Workforce Agencies, said at a conference earlier this year that the pandemic “lowered the guardrails” and encouraged bad actors to try even more malicious schemes.

It will only get harder as attackers make more use of artificial intelligence, especially generative AI tools. Jordan Burris, vice president and general manager of public sector solutions at identity verification company Socure, warned that hackers are essentially using “FraudGPT” to share insights and “perpetuate their schemes.”

“They're using these tools, day in and day out, to perpetuate a whole host of attacks against government organizations,” Burris said in an interview earlier this year. “It's incumbent upon government leaders to be thinking about how they use these types of technologies, AI and others, as part of their multi-layered strategy to combat identity theft based attacks.”