The Government Auditor's Role in Investigating Fraud: The US General Accounting Office Experience

Introduction

In the United States, Medicare, which provides health care for the elderly and the disabled, costs the U.S. taxpayer $197 billion in fiscal year 1996. It is estimated that from $6 billion to $20 billionÑsome 3 to 10 percent of total program costsÑcould have resulted from fraudulent and abusive claims. This is not the only example I could cite, and I know that many of you in the audience could tell similar stories, for fraud and corruption in government agencies and programs is a global issue of great concern to national governments and their audit institutions.

Several international studies have documented the disastrous effects that fraud has on government programs and international trade. Fraud and corruption increase costs, distort public expenditures, and deter foreign investment. They reduce the efficiency and effectiveness of government operations and erode citizen confidence in public institutions, elected leaders, and career government employees. Consequently, audit organizations worldwide are now wrestling with what the role of the government auditor should be in deterring and uncovering fraud and corruption. Because concern over the phenomenon is so widespread, international organizations such as this consortium, the International Organization of Supreme Audit Institutions, and others have made preventing and detecting fraud and corruption in government a major item for review.

Today, I am very pleased to discuss the role of the auditor in investigating fraud, how the General Accounting Office's (GAO) Government Auditing Standards define that role, and our experiences at the GAO in addressing these very important issues. In particular, I want to describe what has evolved over the years into a comprehensive approach to addressing fraud, waste, abuse, and mismanagement issues. Finally, I will discuss three cases that illustrate the results of this approach.

The Government Auditor's Role in Investigating Fraud

The auditor's role in investigating fraud encompasses both an awareness of and a consequent search for fraud indicators during the course of an audit. Auditors also play a critical role in contributing to prevention through financial statement and performance audits. These audits strengthen financial management systems by evaluating internal controls to identify and correct weaknesses and by providing timely reports and recommendations to agencies, oversight bodies, and the public.

Government Auditing Standards Establish Responsibilities and Define Roles

From the outset, GAO's Government Auditing Standards, familiarly known as the Yellow Book,1 have gone further than traditional audit standards. That is, the Yellow Book standards have emphasized (1) assessing compliance with statutes and regulations relevant to an audit and (2) reporting significant irregularities and illegal acts to appropriate authorities if the audited entity fails to immediately do so. The Yellow Book standards are expressed in broad statements that describe the auditor's responsibilities regarding irregularities, illegal acts, and other noncompliance. These broad statements of responsibility define the auditor's role as one of:

• designing the audit to provide reasonable assurance of detecting material irregularities and illegal acts;
• expanding audit steps when evidence of irregularities or illegal acts exists, to determine if such acts occurred and whether they are material to financial statement or audit results;
• exercising due professional care so as not to interfere with future investigations or legal proceedings; and
• reporting irregularities/illegal acts outside of the audited entity as required by law, regulations, and standards.

Government Auditors Play a Critical Role in Contributing to Prevention

While fraud prevention is not the primary responsibility of the government auditor, the auditor can contribute to prevention by strengthening financial management systems and identifying internal control weaknesses. A strong financial management system limits opportunities for fraud and corruption by providing ongoing accountability through timely reporting of complete and accurate financial information. Such reporting also serves as a basis for effective performance measurement. Another essential component of a strong financial management system is a reliable system of internal controls; historically, effective internal controls have been the main line of defense against fraud and other serious irregularities. Recommendations to strengthen internal controls and follow-up to assure that corrective actions have been taken contribute to prevention by limiting the vulnerability of government programs to fraud and mismanagement.

Timely reporting of audit findings to oversight bodies, such as the legislature; government agencies; and the public provides for transparency in government operations. In addition to facilitating oversight of government programs and allowing agencies to take corrective actions, public reporting of audit findings and, as appropriate, related investigative results and judicial actions stimulates accountability by those who manage or receive government funds. Public reporting also acts as a deterrent by communicating the efforts given to uncovering misconduct, the consequences for those found to engage in such activity, and the corrective actions designed to prevent future occurrences.

The GAO Experience

Through a variety of initiatives over the years, GAO has sought to strengthen and intensify its efforts to address fraud, waste, abuse, and mismanagement in government agencies and programs. These efforts have ranged from those that affect the entire organization to specific initiatives intended to address a particular need. They include strategic planning that identifies exposing fraud as a major objective, focusing on high risk programs that are particularly vulnerable to fraud and abuse, improving auditors' awareness of fraud and its indicators, using a fraud hotline, and establishing an in-house oversight investigation capability to address specific allegations of criminal misconduct and serious abuse.

Strategic Plan

In 1995, GAO developed a strategic plan that established priorities throughout the organization and cut across institutional and agency boundaries. The plan is intended to guide GAO's work over a three-year period. Concerned that stolen and wasted federal dollars have reached an intolerable level, GAO made exposing fraud, waste, abuse, and mismanagement in government programs the second of five major strategic plan objectives. By identifying fraud issues as a major strategic plan objective, GAO leadership has clearly communicated the priority that it gives to identifying and eliminating fraud in government programs to its staff members, the U.S. Congress and the general public.

The High-Risk Program

In 1990, in the aftermath of scandals at the Departments of Defense and Housing and Urban Development, GAO reviewed and reported on federal program areas that it had identified as high risk because of vulnerabilities to waste, fraud, abuse, and mismanagement. It used indicators such as inadequate internal controls, a history of program abuse, and poor management oversight by program officials to identify and then monitor the high-risk areas.

As part of this "High-Risk Series," first published in 1992, GAO has made hundreds of recommendations to get at the heart of these problems, which are invariably caused by a fundamental lack of accountability and weak internal controls. At present, the major priorities of GAO's high-risk programs are (1) providing accountability and cost-effective management of defense programs; (2) ensuring that all revenues are collected and accounted for; (3) obtaining an adequate return on multibillion-dollar investments in information technology; (4) controlling fraud, waste, and abuse in benefits programs; (5) minimizing loan program losses; and (6) improving management of federal contracts at civilian agencies.

Through its high-risk program, GAO has cast light on areas where major improvements in internal controls and program management are needed. In many instances, high-risk designation has prompted agencies to take corrective actions in their programs. For example, the Department of Education reduced losses in its guaranteed student loan program by over a billion dollars between 1991 and 1995. It did so by requiring lenders and guaranty agencies to share more of the risk of default, more closely monitoring school performance in administering the program, and improving management practices and information systems.

Fraud Awareness Training

Since the late 1980s, GAO's Training Institute has offered courses in basic and advanced fraud awareness. These courses are intended to raise the auditors' understanding of fraud issues and enhance their skills in identifying indicators of fraud. Additionally, they reinforce to the audit staff GAO's priority and commitment to exposing fraud through the audit process and provide specific guidance on the appropriate actions to take when indicators of fraud are found.

Hotline/FraudNET

In 1970, GAO initiated the first fraud hotline in the federal government. The GAO Fraud Hotline, now called FraudNET because it is accessible through GAO's home page on the Internet, is an integral part of GAO's effort to uncover fraud. Through the hotline, GAO has provided a mechanism for government employees and the public to anonymously report specific allegations of fraud and corruption in government programs. In-House Fraud Investigation Capability

In 1986, a GAO task force recommended that a separate group composed of trained criminal investigators with specialized backgrounds be established within GAO to conduct investigations into fraud, waste, and abuse. As a result, the Office of Special Investigations (OSI) was created to enhance the investigative work that GAO conducts for the Congress. OSI investigates specific allegations involving conflict-of-interest and ethics matters, contract and procurement irregularities, official misconduct and abuse, and fraud in federal government programs or activities.

In 1990, a GAO management initiative sought to more effectively integrate GAO's audit, evaluative, and investigative work in finding and reporting fraud, waste, and abuse in federal programs. Under this initiative, GAO auditors and investigators work together to identify program weaknesses, investigate case-specific examples of program abuse, and produce reports that illustrate program deficiencies and support the need for change. Such interaction between auditors, evaluators, and investigators improves the completeness of GAO's findings and the effectiveness of its reports to Congress and the American people.

OSI's own strategic plan emphasizes its partnership with GAO's auditors to enhance GAO's overall capability to expose and reduce fraud in current and emerging high-risk programs of oversight concern to the Congress.

Case Examples

The following examples illustrate the comprehensive and integrated approach used by GAO to detect fraud: uncovering irregularities during the audit procedures, evaluating the internal controls in place, and identifying high-risk programs. I will also comment on the resulting public disclosure, prosecution, and corrective action, as appropriate. In all the cases cited, the abuses occurred in high-risk program areas.

In an evaluation of a military inventory control system, GAO evaluators uncovered indicators suggesting that small arms parts were being stolen from an Army National Guard site. Subsequently, auditors and investigators working together examined the controls and physical security over sensitive small arms parts at the site. The combination of the evaluators' expertise in inventory management and control procedures and the investigators' knowledge of law enforcement procedures and techniques resulted in a successful audit and investigation. The investigation revealed evidence of breakdowns in inventory management controls, theft of small arms parts, and the availability of these stolen parts through a national black market network of gun dealers. Some of these parts could be used to convert a semi-automatic civilian rifle to the equivalent of a fully automatic military assault rifle. The auditors' and investigators' efforts resulted in a congressional hearing that exposed the seriousness of the problem, a commitment from the military to strengthen controls over its supply system, the conviction of two national guardsmen for theft of small arms parts, and the conviction of a third guardsman for theft of a fully automatic assault rifle.

As a second example, in the area of health care fraud, a joint effort between GAO evaluators and investigators found prescription drug diversion to be a problem in many states, often occurring in conjunction with other types of fraud. The economic incentives were substantial for the perpetrators.

For example, the fraud included a doctor writing 2,000 prescriptions a month; a pharmacist billing for more than 30 prescriptions a month for the same person; a pharmacist billing for more than 30 prescriptions a day for a single recipient; a patient who, in one 4-day period, had the same three lab tests five times; and an organized network of colluding physicians, pharmacists, patient brokers, and other middlemen, some of whom transferred money overseas through the Bank of Credit and Commerce International. As a result of this work, congressional committees held two hearings. GAO also made recommendations to the Department of Health and Human Services and referred findings to federal law enforcement agencies.

As a third example, a joint effort by GAO investigators and evaluators on fraud in a military payroll system resulted in 2,512 individuals being referred to a military investigative agency for investigation and prosecution. The subsequent investigation strengthened audit findings by emphasizing the extent of the weaknesses identified and by exposing the loss of millions of dollars through the payroll system.

In this instance, the Department of the Army was identified as vulnerable to fraud as a result of a long-standing history of serious control weaknesses in its financial management systems. The department was designated as high risk and incorporated into GAO's strategic plan, resulting in numerous financial statement and performance audits.

During one of these financial statement audits, GAO auditors reviewed internal controls in a payroll system and found significant grounds for concern. Specifically, some crucial internal controls had been eliminated in the payroll system during a period of increased activation of military personnel. Further testing revealed numerous discrepancies between the payroll system and personnel systems. These discrepancies raised concerns that the department was paying military personnel who were not in the personnel system by utilizing a possible ghost payroll scheme. After a further review, discrepancies between payroll and personnel systems were narrowed. The findings indicated the potential for fraud, and the matter was referred to GAO investigators.

The resulting investigation determined that widespread abuse, attributable to a breakdown in the internal controls, had probably occurred. In several instances, corrupt pay/personnel clerks were able to create fictitious pay accounts, or ghost payroll employees, because there was no separation of duties between the payroll and personnel functions. In one case, a pay/personnel clerk fraudulently created two fictitious accounts and transferred approximately $100,000 to his own account. The pay/personnel clerk further manipulated the pay system to show overseas deployment, which resulted in foreign duty pay and family separation pay. In a second instance, a pay/personnel clerk used a fabricated name and social security number to create bogus documents, thus establishing a ghost employee. The pay/personnel clerk fraudulently obtained $71,000 in payroll payments.

The absence of internal controls that matched pay and personnel data also resulted in overpayment to employees. In hundreds of cases, the accounting system had failed to stop payments to individuals separated from a department who continued to receive paychecks improperly. These individuals failed to report or return the improper payments to the department.

GAO referred its findings to the appropriate criminal investigative unit within the department. A subsequent investigation, conducted jointly by GAO investigators and the department's criminal investigative unit, resulted in the following:

• corrective action by the department to strengthen internal controls, based on recommendations by GAO;
• follow-up audits by the department's internal auditors, resulting in additional corrective actions;
• public hearings with newspaper and television coverage, resulting in additional referrals from the public, which identified cases of fraud that were also pursued by the department's criminal investigators;
• prosecution of a number of cases; and
• reimbursements to the department of the overpayments.

Conclusion

In this era of significant fraud and corruption schemes, there is an increased expectation that government auditors will address the issue of fraud. Since 1980, GAO has been much more focused on fraud and has worked with the Congress to expand GAO's role, and improve its effectiveness, in conducting investigations into fraud, waste, and abuse. As I have discussed with you today, GAO has developed a comprehensive, meaningful, integrated, and well-rounded approach to focusing on and addressing fraud. As a result, legislative initiatives enacted by the Congress have provided the framework for the actions needed to bring about lasting solutions to serious and long-standing federal government management problems.