SPEAKERS CONTENTS INSERTS
Page 1 TOP OF DOC
49–632 CC
1998
''HIGH-RISK'' PROGRAMS WITHIN THE JURISDICTION OF THE COMMITTEE ON WAYS AND MEANS
HEARING
before the
SUBCOMMITTEE ON OVERSIGHT
of the
COMMITTEE ON WAYS AND MEANS
HOUSE OF REPRESENTATIVES
ONE HUNDRED FIFTH CONGRESS
FIRST SESSION
MARCH 4, 1997
Serial 105–22
Page 2 PREV PAGE TOP OF DOC
Printed for the use of the Committee on Ways and Means
COMMITTEE ON WAYS AND MEANS
BILL ARCHER, Texas, Chairman
PHILIP M. CRANE, Illinois
BILL THOMAS, California
E. CLAY SHAW, Jr., Florida
NANCY L. JOHNSON, Connecticut
JIM BUNNING, Kentucky
AMO HOUGHTON, New York
WALLY HERGER, California
JIM McCRERY, Louisiana
DAVE CAMP, Michigan
JIM RAMSTAD, Minnesota
JIM NUSSLE, Iowa
SAM JOHNSON, Texas
JENNIFER DUNN, Washington
MAC COLLINS, Georgia
ROB PORTMAN, Ohio
PHILIP S. ENGLISH, Pennsylvania
JOHN ENSIGN, Nevada
JON CHRISTENSEN, Nebraska
WES WATKINS, Oklahoma
Page 3 PREV PAGE TOP OF DOC
J.D. HAYWORTH, Arizona
JERRY WELLER, Illinois
KENNY HULSHOF, Missouri
CHARLES B. RANGEL, New York
FORTNEY PETE STARK, California
ROBERT T. MATSUI, California
BARBARA B. KENNELLY, Connecticut
WILLIAM J. COYNE, Pennsylvania
SANDER M. LEVIN, Michigan
BENJAMIN L. CARDIN, Maryland
JIM McDERMOTT, Washington
GERALD D. KLECZKA, Wisconsin
JOHN LEWIS, Georgia
RICHARD E. NEAL, Massachusetts
MICHAEL R. McNULTY, New York
WILLIAM J. JEFFERSON, Louisiana
JOHN S. TANNER, Tennessee
XAVIER BECERRA, California
KAREN L. THURMAN, Florida
A.L. Singleton, Chief of Staff
Janice Mays, Minority Chief Counsel
Page 4 PREV PAGE TOP OF DOC
Subcommittee on Oversight
NANCY L. JOHNSON, Connecticut, Chairman
ROB PORTMAN, Ohio
JIM RAMSTAD, Minnesota
JENNIFER DUNN, Washington
PHILIP S. ENGLISH, Pennsylvania
WES WATKINS, Oklahoma
JERRY WELLER, Illinois
KENNY HULSHOF, Missouri
WILLIAM J. COYNE, Pennsylvania
GERALD D. KLECZKA, Wisconsin
MICHAEL R. McNULTY, New York
JOHN S. TANNER, Tennessee
KAREN L. THURMAN, Florida
Pursuant to clause 2(e)(4) of Rule XI of the Rules of the House, public hearing records of the Committee on Ways and Means are also published in electronic form. The printed hearing record remains the official version. Because electronic submissions are used to prepare both printed and electronic versions of the hearing record, the process of converting between various electronic formats may introduce unintentional errors or omissions. Such occurrences are inherent in the current publication process and should diminish as the process is further refined.
C O N T E N T S
Page 5 PREV PAGE TOP OF DOC
Advisory of February 13, 1997, announcing the hearing
WITNESSES
U.S. General Accounting Office, Gene L. Dodaro, Assistant Comptroller General, Accounting and Information Management Division; accompanied by Dr. Rona Stillman, Chief Scientist, Computers and Telecommunications, and Joel Willemssen, Director
U.S. General Accounting Office, Lynda D. Willis, Director, Tax Policy and Administration Issues, General Government Division
U.S. General Accounting Office, Jane L. Ross, Director, Income Security Issues, Health, Education, and Human Services Division
U.S. General Accounting Office, Leslie G. Aronovitz, Associate Director, Health Financing and Systems Issues, Health, Education, and Human Services Division
U.S. Department of the Treasury, Hon. Valerie Lau, Inspector General; accompanied by Gary Bell, Chief Inspector
U.S. Department of Labor, Patricia A. Dalton, Deputy Inspector General
U.S. Department of Health and Human Services, Michael F. Mangano, Principal Deputy Inspector General
Page 6 PREV PAGE TOP OF DOC
SUBMISSIONS FOR THE RECORD
Social Security Administration, John J. Callahan, Acting Commissioner, statement
ERISA Industry Committee, Janice M. Gregory, letter and attachment
Health Industry Distributors Association, Alexandria, VA, statement
''HIGH-RISK'' PROGRAMS WITHIN THE JURISDICTION OF THE COMMITTEE ON WAYS AND MEANS
TUESDAY, MARCH 4, 1997
House of Representatives,
Committee on Ways and Means,
Subcommittee on Oversight,
Washington, DC.
The Subcommittee met, pursuant to notice, at 10:13 a.m., in room 1100, Longworth House Office Building, Hon. Nancy L. Johnson (Chairman of the Subcommittee) presiding.
[The advisory announcing the hearing follows:]
ADVISORY
FROM THE COMMITTEE ON WAYS AND MEANS
Page 7 PREV PAGE TOP OF DOC
SUBCOMMITTEE ON OVERSIGHT
CONTACT: (202) 225-7601
FOR IMMEDIATE RELEASE
February 13, 1997
No. OV–2
Johnson Announces Hearing on
''High-Risk'' Programs Within the Jurisdiction
of the Committee on Ways and Means
Congresswoman Nancy L. Johnson (R–CT), Chairman, Subcommittee on Oversight of the Committee on Ways and Means, today announced that the Subcommittee will hold a hearing on ''high-risk'' programs within the jurisdiction of the Committee on Ways and Means, along with other management issues. The hearing will take place on March 4, 1997, in the main committee hearing room, 1100 Longworth House Office Building, beginning at 10:00 a.m.
In view of the limited time available to hear witnesses, oral testimony at this hearing will be heard from invited witnesses only. Witnesses will include the U.S. General Accounting Office (GAO) and the inspectors general of several departments and agencies. However, any individual or organization not scheduled for an oral appearance may submit a written statement for consideration by the Committee and for inclusion in the printed record of the hearing.
Page 8 PREV PAGE TOP OF DOC
BACKGROUND
The GAO has issued the third in a series of reports on Federal programs it has identified as high risk because of vulnerabilities to waste, fraud, abuse, and mismanagement. The February 1997 series identifies 25 high-risk areas. Several fall within the jurisdiction of the Committee on Ways and Means, including Internal Revenue Service (IRS) financial management, IRS receivables, filing fraud, IRS Tax Systems Modernization, Customs Service financial management, asset forfeiture programs, the year 2000 problem, information security, Medicare, Supplemental Security Income (SSI), and Superfund program management.
In announcing the hearing, Chairman Johnson stated: ''The GAO's high-risk work has zeroed in on programs in which there is the greatest potential for wasting tax dollars. These reports will be tremendously helpful to the Subcommittee in its ongoing oversight of the programs within the Committee's jurisdiction.''
FOCUS OF THE HEARING
Improving the efficiency and effectiveness of the IRS, Medicare, and SSI will be a primary focus. However, all of the programs identified by the GAO, as well as the work of the inspectors general, will be examined during the hearing.
Page 9 PREV PAGE TOP OF DOC
DETAILS FOR SUBMISSION OF WRITTEN COMMENTS
Any person or organization wishing to submit a written statement for the printed record of the hearing should submit at least six (6) copies of their statement and a 3.5-inch diskette in WordPerfect or ASCII format, with their address and date of hearing noted, by the close of business, Tuesday, March 18, 1997, to A.L. Singleton, Chief of Staff, Committee on Ways and Means, U.S. House of Representatives, 1102 Longworth House Office Building, Washington, D.C. 20515. If those filing written statements wish to have their statements distributed to the press and interested public at the hearing, they may deliver 200 additional copies for this purpose to the Subcommittee on Oversight office, room 1136 Longworth House Office Building, at least one hour before the hearing begins.
FORMATTING REQUIREMENTS
Each statement presented for printing to the Committee by a witness, any written statement or exhibit submitted for the printed record or any written comments in response to a request for written comments must conform to the guidelines listed below. Any statement or exhibit not in compliance with these guidelines will not be printed, but will be maintained in the Committee files for review and use by the Committee.
1. All statements and any accompanying exhibits for printing must be typed in single space on legal-size paper and may not exceed a total of 10 pages including attachments. At the same time written statements are submitted to the Committee, witnesses are now requested to submit their statements on a 3.5-inch diskette in WordPerfect or ASCII format.
Page 10 PREV PAGE TOP OF DOC
2. Copies of whole documents submitted as exhibit material will not be accepted for printing. Instead, exhibit material should be referenced and quoted or paraphrased. All exhibit material not meeting these specifications will be maintained in the Committee files for review and use by the Committee.
3. A witness appearing at a public hearing, or submitting a statement for the record of a public hearing, or submitting written comments in response to a published request for comments by the Committee, must include on his statement or submission a list of all clients, persons, or organizations on whose behalf the witness appears.
4. A supplemental sheet must accompany each statement listing the name, full address, a telephone number where the witness or the designated representative may be reached and a topical outline or summary of the comments and recommendations in the full statement. This supplemental sheet will not be included in the printed record.
The above restrictions and limitations apply only to material being submitted for printing. Statements and exhibits or supplementary material submitted solely for distribution to the Members, the press and the public during the course of a public hearing may be submitted in other forms.
Note: All Committee advisories and news releases are available on the World Wide Web at 'HTTP://WWW.HOUSE.GOV/WAYS_MEANS/'.
Page 11 PREV PAGE TOP OF DOC
The Committee seeks to make its facilities accessible to persons with disabilities. If you are in need of special accommodations, please call 202–225–1721 or 202–225–1904 TTD/TTY in advance of the event (four business days notice is requested). Questions with regard to special accommodation needs in general (including availability of Committee materials in alternative formats) may be directed to the Committee as noted above.
—————
Chairman JOHNSON. Good morning. It is a pleasure to convene these hearings on high-risk programs.
Some say the problem with government is that it tries to fix things that are not broken. While this is sometimes true, more often we try to fix things that are broken, where the law is either badly written or the bureaucracy is performing poorly.
In 1990, the GAO, the General Accounting Office, began a series of reviews of Federal programs that are high risk, at high risk of mismanagement and fraud, to enable both the executive and the legislative branches to focus on key problems and to improve the performance of government.
During the time I have been in the Congress, I have worked to turn constituent examples of fraud into legislative and administrative reform. But the process is always slow and complex, and the results not always satisfying.
Fortunately, the General Accounting Office and the Inspectors General throughout the Federal Government are doing the difficult and often thankless task of ferreting out a lot of the problems. I am also pleased that this Committee and Subcommittee have a strong bipartisan tradition of providing constructive oversight of the programs within our jurisdiction.
Page 12 PREV PAGE TOP OF DOC
In December 1990, the Committee launched a comprehensive oversight initiative, holding literally dozens of hearings in this Subcommittee. Beth Vance, who is now the Subcommittee's minority counsel, played a critical role in developing and implementing the oversight initiative, and I very much appreciate her good work in helping us to prepare for today's hearing.
It is, however, unsettling to note that one-third of the 25 high-risk programs identified by the GAO fall within this Committee's jurisdiction. While this fact must be put in the context of the additional fact that this Committee is responsible for nearly all of the government's revenue and about half of the government's spending, it nonetheless poses a tremendous challenge to this Subcommittee. Our job is to understand why certain programs pose a high risk of mismanagement and fraud, and change the law to prevent such abuse.
This morning the GAO will provide us with an overview of the 10 high-risk areas. Six of them—IRS receivables, filing fraud, IRS financial management, tax systems modernization, Customs Service financial management, and asset forfeiture programs—relate to making sure revenues are collected and accounted for.
Two relate to waste, fraud, and abuse, and mismanagement in entitlements—specifically, Medicare, and SSI. And two relate to governmentwide technology issues, information security, and the so-called year 2000 problem.
We will also hear from the Inspectors General of the three departments with programs that fall within the Committee's jurisdiction: Treasury, Labor, and Health and Human Services.
While today's hearing will focus primarily on the problems identified by the GAO and the Inspectors General, in order to determine what actions we need to take legislatively, we will continue to monitor the departments' progress in addressing the issues raised in the high-risk programs.
Page 13 PREV PAGE TOP OF DOC
Welcome. And I would like to yield to my Ranking Member, Mr. Coyne.
Mr. COYNE. Thank you, Madam Chairwoman, and welcome. We have an opportunity today to hear from the experts about many of the program areas within the Ways and Means Committee jurisdiction. For the next several hours, we will receive very important testimony from the U.S. General Accounting Office and the Inspectors General of the Departments of the Treasury, Health and Human Services, and Labor about high-risk programs and related fraud problems facing the Nation.
It is important that the Oversight Subcommittee routinely hold hearings such as the one we are having today, in order to provide oversight review of the large and diverse programs for which we legislate. Legislating a program is one thing. Making sure the program works is quite another.
I consider it our responsibility to conduct meaningful oversight of all Ways and Means programs, to ensure that our legislative actions are effective. As we proceed over the next several months, I look forward to working with the Members of the Subcommittee and other Subcommittees to follow up on the recommendations made by the witnesses that are here with us today.
I commend the Chairwoman for agreeing to hold these hearings, and appreciate her willingness to include pension plan issues as one of the Subcommittee's first orders of business.
Chairman JOHNSON. Mr. Ramstad, who could not be with us today, asked that his statement be submitted for the record, and that will be ordered, and the statements of any other Members who would like to so submit.
[The statement of Mr. Ramstad follows:]
Statement of U.S. Rep. Jim Ramstad
Madame Chairman, thank you for holding this important hearing on the ''high risk'' programs under Ways and Means Committee jurisdiction that are vulnerable to waste, fraud and abuse.
Page 14 PREV PAGE TOP OF DOC
Reining in the abuses of ''high risk'' programs is a continuing struggle, but we are making headway.
For example, the health insurance reform bill we passed last year cracked down hard on the waste, fraud and abuse in the Medicare program.
American taxpayers lose as much as 10% of total health care costs to fraud and abuse—$31 billion annually for Medicare and Medicaid alone.
This is why we established the ''Medicare Integrity Program'' to increase our ability to prevent payments for fraudulent, abusive or erroneous claims in the Medicare system.
We also required the Health Care Finance Agency to acquire state-of-the-art computer software used by private insurers and to hire private sector companies with proven track records in preventing fraud and abuse. This should result in a net savings of almost $2 billion over the next six years, according to CBO.
Another provision will coordinate federal, state and local law enforcement to combat fraud. We also toughened criminal laws and provided new civil penalties, as an added deterrent.
We can find solutions, but we must do more. I hope this hearing will move us toward more common sense measures like these to crack down on waste, fraud and abuse in our ''high risk'' programs.
Again, Madame Chairman, I commend you for holding this hearing.
—————
Chairman JOHNSON. On the other hand, if any Member would like to make a comment at this time, I will recognize them.
Page 15 PREV PAGE TOP OF DOC
[No response.]
Chairman JOHNSON. Thank you. I welcome the first panel this morning: Gene Dodaro, Assistant Comptroller General, Accounting and Information Management Division, of the U.S. GAO; Lynda Willis, the Director of Tax Policy and Administration Issues, General Government Division of the GAO; Jane Ross, Director of Income Security Issues, Health, Education, and Human Services Division of the GAO; and Leslie Aronovitz, Associate Director, Health Financing and Systems Issues, Health, Education, and Human Services Division of the GAO.
Mr. Dodaro.
STATEMENT OF GENE L. DODARO, ASSISTANT COMPTROLLER GENERAL, ACCOUNTING AND INFORMATION MANAGEMENT DIVISION, U.S. GENERAL ACCOUNTING OFFICE; ACCOMPANIED BY DR. RONA STILLMAN, CHIEF SCIENTIST FOR COMPUTERS AND TELECOMMUNICATIONS, AND JOEL WILLEMSSEN, DIRECTOR
Mr. DODARO. Good morning. Madam Chairman, Members of the Subcommittee, we are pleased to be here today to discuss GAO's high-risk work. In the past, since 1990, we've been issuing this list of areas that we feel are vulnerable to waste, fraud, and mismanagement, and we have made hundreds of recommendations directed at solving these problems.
Our latest high-risk series, which comes out as a special publication of booklets, was issued last month. We are now issuing this series at the beginning of each new Congress, to help the Committees focus on areas that need attention, as well as conveying this information to the administration.
In this latest series, our overall conclusion is that progress is being made in these areas. Agencies are taking these problems seriously, working to correct them. Also, some of the progress is due and the credit belongs to the Congress for conducting oversight hearings in many of these areas, and for passing specific legislation directed at some of them: For example, the Health Portability and Accountability Act, which tightens some of the requirements and controls for the Medicare area, which was very important. And there have been some broad-based management reforms passed by the Congress as well, which I am going to talk about in 1 minute.
Page 16 PREV PAGE TOP OF DOC
All of those areas collectively are creating some progress. However, in many areas much remains to be done to implement these reforms and to effectively correct these problems and remove their high-risk designation.
In 1 minute, my colleagues are going to talk about the specific areas the Subcommittee asked us to focus on this morning, which are the IRS problems that are listed in here that Lynda will talk about; Jane will talk about the fact that we are adding the SSI Program to the list new in 1997; and Leslie will report on the progress being made in the Medicare area.
Now, we have taken basically two tacks to try to effectively resolve these problems, and our goal is to get these areas off the list. The first tack has been specific recommendations in each of the individual areas, which the rest of the panel will talk about.
The other tactic that we have tried is to help the Congress shape some broad-based management reform legislation that gets at the underlying causes, some of the common problems underlying these high-risk areas. And there are really three main pieces of legislation that I want to talk about this morning, because those pieces of legislation are important tools that are now available to this Committee to effectively help oversee the agencies under its jurisdiction and to help resolve these problems.
The first are a set of management reforms in the information technology area that were passed in 1995 through the reauthorization of the Paperwork Reduction Act and the passage of the Clinger-Cohen Act in 1996.
This Subcommittee is well aware of some of the problems that have occurred in the tax system modernization in IRS. Unfortunately, these problems that IRS has experienced are not confined to that agency. We also have on our high-risk list the FAA air traffic control modernization effort. We have Defense Information Systems. And we have problems that we have identified in the National Weather Service.
The Federal Government's track record in bringing online information technology projects is poor. And that failure to harness technology in one way or another is at the heart of many of these high-risk problems.
Page 17 PREV PAGE TOP OF DOC
So in order to effectively implement this and find out solutions, we went to the private sector to learn from leading organizations. And we published a guide called ''Best Practices in Information Management,'' and we issued 11 different practices. And we have been working with the Congress to get these embodied in legislation.
And that is what the Paperwork Reduction Act does and the Clinger-Cohen Act. It requires and establishes for the first time chief information officers throughout the government. It focuses on building technology and information systems in modular procurements. It focuses on reengineering before you buy technology. It requires system architectures, or blueprints, to be put in place to guide system development efforts.
So there is a number of important reforms that have just been passed by the Congress that, if effectively implemented, can help solve many of these problems and bring the government into the modern age of technology.
Also, the IT areas—information technology—is important to solving the two new areas that we identified as governmentwide problems. Information security: Basically, we found that the Federal Government systems are vulnerable to unauthorized access and manipulation, and that great numbers of actions are needed in order to fix these problems, both from internal risk as well as external risk to the systems.
Also, the year 2000 problem, which basically is a problem created by a two-digit memory and needs to be changed so that when the year 2000 comes computers do not read that as the year 1900: Effectively, we have put out a guide to agencies about how to prepare themselves to be ready.
And if I could call your attention to the white chart here, basically, best practices tell you there need to be four phases that agencies need to go through to be ready. First, they have to be aware of the problem; they need to assess and go through an inventory of their systems, focus on some of their key vulnerabilities, go through the lines of code; then make the changes in the renovation stage; and then keep, basically, 1999 available for testing. So you basically have that last year that needs to be available for perfecting the changes.
Page 18 PREV PAGE TOP OF DOC
[The official Committee record contains additional material here.]
[The official Committee record contains additional material here.]
—————
We are concerned that many agencies are not moving as fast as they need to in the assessment phase; thereby further condensing the time available to make the needed changes. And in many areas, the government's computer systems are not well documented, the Code is old, and there need to be a number of changes put in place. And agencies also need to have contingency plans. So this is a pressing problem that we are calling to the attention of the Congress and the agencies.
And the second major type of reform is financial management. In 1990, the Congress passed the Chief Financial Officers Act, which for the first time brought a requirement for Federal agencies to have financial audits. It is the same type of requirement that was put in place by the private sector many years ago, and of State and local governments.
Implementation of the CFO Act has been at the heart of some of the progress that the IRS and Customs have made in fixing some of their financial management problems. And also, right now the act has been extended to all executive branch agencies, effective with audits beginning in fiscal year 1996. So we think this Chief Financial Officers Act provides a set of best practices, proven practices, to fix some of the underlying financial management and control problems.
The third major reform is the Congress legislating the government Performance and Results Act in 1993. That act calls for the first time for agencies to produce strategic plans and have performance measures. The requirement for that act comes to fruition governmentwide this year. By September 1997, agencies are required to have strategic plans and performance measures.
Page 19 PREV PAGE TOP OF DOC
I call that to your attention because agencies are required to consult with the Congress in preparing these plans, so that over the next few months this Subcommittee can play an important role in working with the agencies to shape those strategic plans and how we measure performance. And measuring performance is very, very important to assuring that we have an ability to track agencies' progress, in terms of whether making meaningful change or not.
That concludes my remarks. I think that we are working hard to try to help solve these problems. These management reforms that have been passed by the Congress—none of which were in place when we began the high-risk series 7 years ago—we think are important and, if collectively used, implemented, and encouraged by the Congress through oversight hearings, we think will go a long way to bringing some lasting improvements to these problems.
With that, I will turn it over, with your permission, Madam Chairman, to Lynda, to talk about the Internal Revenue Service.
[The prepared statement follows:]
Statement of Gene L. Dodaro, Assistant Comptroller General, Accounting and Information Management Division, U.S. General Accounting Office Madame Chairman and Members of the Subcommittee:
We are pleased to be here today to discuss major government programs and operations we have identified as high risk because of vulnerabilities to waste, fraud, abuse, and mismanagement. In 1990, we began a special effort to focus attention on such areas, and over the past several years we have made hundreds of recommendations to get at the heart of high-risk problems and help improve this situation. On February 12, 1997, we issued our latest series of high-risk reports.(see footnote 1)
Page 20 PREV PAGE TOP OF DOC
Overall, legislative and agency actions have resulted in progress toward fixing these high-risk areas and establishing a solid foundation to help ensure greater progress. However, because these areas involve long-standing problems which are difficult to fix, additional corrective measures are necessary to remove the high-risk designation.
Today, at the Subcommittee's request, we will focus on high-risk areas related to the Internal Revenue Service (IRS) and the Medicare and Supplemental Security Income (SSI) programs. While this statement provides a brief synopsis of these areas, more detailed statements on these three topics are also being issued today. In addition, this statement will discuss other high-risk areas that affect agencies under the Subcommittee's jurisdiction, including the Customs Service's financial management, information security weaknesses, and the possibility of serious computer disruptions in service to the public due to the Year 2000 Problem.
As the key message of this testimony, I would like to emphasize the importance of the Subcommittee using recent legislative management reforms to help oversee these agencies' actions to fully and effectively remedy their high-risk problems. These include
—the 1995 Paperwork Reduction Act and the 1996 Clinger-Cohen Act, which provide a basis for agencies to better manage investments in information technology;
—the expanded Chief Financial Officers (CFO) Act of 1990, which requires agencies to prepare financial statements that can pass the test of an independent audit and provide decisionmakers more reliable financial information; and
—the 1993 Government Performance and Results Act (GPRA), which requires agencies to measure performance and focus on results.
Ensuring All Revenues are Collected and Accounted for
In 1995, IRS reported collecting $1.4 trillion from taxpayers, disbursing $122 billion in tax refunds, and managing an estimated accounts receivable inventory of $113 billion in delinquent taxes. The reliability of IRS' financial information is critical to effectively manage the collection of revenue to fund the government's operations.
Page 21 PREV PAGE TOP OF DOC
Our audits of IRS' financial statements, however, have identified many significant weaknesses in IRS' accounting for revenue and accounts receivable, as well as for funds provided to carry out IRS' operations. IRS has improved payroll processing and accounting for administrative operations and is working on solutions to revenue and accounts receivable accounting problems. But much remains to be done, and effective management follow-through is paramount to achieving fully the goals of the CFO Act.
In addition, IRS is hampered in efficiently and effectively managing its huge inventory of accounts receivable due to inadequate management information. The root cause here is IRS' antiquated information systems and outdated business processes, which handle over a billion tax returns and related documents annually. IRS has undertaken many initiatives to deal with its accounts receivable problems, including correcting errors in its tax receivable masterfile and attempting to speed up aspects of the collection process. Efforts such as these appear to have had some impact on collections and the tax debt inventory, but many of the efforts are long-term in nature and demonstrable results may not be available for some time.
Further, while IRS' efforts to reduce filing fraud have resulted in some success—especially through more rigid screening in the electronic filing program—this continues to be a high-risk area. IRS' goal is to increase electronic filings, which would strengthen its fraud detection capabilities. But to effectively achieve its electronic filing goal, IRS must (1) identify those groups of taxpayers who offer the greatest opportunity for filing electronically and (2) develop strategies focused on alleviating impediments that have inhibited those groups from participating in the program.
In attempting to overhaul its timeworn, paper-intensive approach to tax return processing, IRS has spent or obligated over $3 billion on its tax systems modernization, which has encountered severe difficulties. Currently, funding for tax systems modernization has been curtailed, and IRS and the Department of the Treasury are taking several steps to address modernization problems and implement our recommendations. However, much more progress is needed to fully resolve serious underlying management and technical weaknesses.
Page 22 PREV PAGE TOP OF DOC
Behind IRS, the Customs Service is the next highest revenue collector. The Customs Service has made considerable progress in correcting major management and organizational structure weaknesses we pointed to in our 1992 high-risk report. In 1995, we reported that Customs had taken several actions to address these problems, including revising its planning process, improving controls over identification and collection of revenues owed, aggressively pursuing delinquent receivables, and embarking on an agencywide reorganization plan. As a result, we narrowed the scope of our high-risk work at Customs to focus only on its financial management problems.
Since 1995, Customs has continued to take actions to address its financial management and internal control weaknesses. These include, for example, statistically sampling compliance of commercial importations through ports of entry to better focus enforcement efforts and to project and report duties, taxes, and fees lost due to noncompliance. However, Customs still has not fully corrected significant problems in these areas. For example, audits of Customs' financial statements under the CFO Act disclose that Customs continues to lack adequate assurance that all revenue due is collected, has weaknesses in readily detecting duplicate and excessive drawback payments, and lacks integrated core financial systems. These problems diminish Customs' ability to reasonably ensure that (1) duties, taxes, and fees on imports are properly assessed and collected and refunds of such amounts are valid and (2) core financial systems provide reliable information for managing operations.
We have made numerous recommendations to Customs to address its financial management weaknesses and have assisted in developing corrective actions. It will be important for top management at Customs to provide continuing support to ensure that the planned financial management improvements are properly implemented.
Controlling Fraud, Waste, Abuse and Mismanagement in Benefit Programs
Medicare—the nation's second largest social program—is inherently vulnerable to and a perpetually attractive target for exploitation. The Congress and the President have been seeking to introduce changes to Medicare to help control program costs, which were $197 billion in fiscal year 1996. At the same time, they are concerned that the Medicare program loses significant amounts due to persistent fraudulent and wasteful claims and abusive billings, which could be from $6 billion to as much as $20 billion, based on 1996 outlays. The Congress passed the Health Insurance Portability and Accountability Act of 1996 to add funding for program safeguard efforts and make the penalties for Medicare fraud more severe. Effective implementation of this legislation and other agency actions are key to mitigating many of Medicare's vulnerabilities to fraud and abuse.
Page 23 PREV PAGE TOP OF DOC
Also, the Health Care Financing Administration (HCFA), which runs the Medicare program, has begun to acquire a new claims processing system—the Medicare Transaction System (MTS)—to provide, among other things, better protection from fraud and abuse. In the past, we have reported on risks associated with this project, including (1) HCFA's plan to implement the system in a single stage rather than incrementally, (2) difficulty in defining requirements, (3) inadequate investment analysis, and (4) significant schedule problems. HCFA has responded to these concerns by changing its single-stage approach to one under which the system will be implemented incrementally and working to resolve other reported problems.
A newly designated high-risk area involves overpayments in the SSI program, which provided about $22 billion in federal benefits to recipients between January 1, 1996, and October 31, 1996. SSI overpayments have grown to over $1 billion per year, which is about 5 percent of total benefit payments. Also, criticisms have been raised regarding the Social Security Administration's (SSA) ability to effectively manage SSI workloads and internal control weaknesses that leave the program susceptible to fraud, waste, and abuse. For example, in August 1996, we reported that about 3,000 current and former prisoners in 13 county and local jail systems had been erroneously paid $5 million in SSI benefits, primarily because SSA lacked timely and complete information.
One root cause of SSI overpayments is SSA's difficulty in corroborating financial eligibility information that program beneficiaries self report and that affects their benefit levels. In addition, determining whether an impairment qualifies a claimant for disability benefits can often be difficult, especially in cases involving applicants with mental impairments and other hard-to-diagnose conditions.
Addressing Governmentwide Information Technology Issues
In addition to the difficulties agencies have in managing large computer systems modernization efforts, our high-risk effort identified two governmentwide information technology issues that affect agencies under the Committee's purview: information security and the Year 2000 Problem.
Page 24 PREV PAGE TOP OF DOC
Information Security
Information systems security weaknesses pose high risk of unauthorized access and disclosure of sensitive data. Many federal operations that rely on computer networks are attractive targets for individuals or organizations with malicious intentions. Examples of such operations include law enforcement, import entry processing, and various financial transactions.
Since June 1993, we have issued over 30 reports describing serious information security weaknesses at major federal agencies. For example, our financial audits at IRS and the Customs Service have identified poor computer controls. IRS cannot ensure that the confidentiality and accuracy of taxpayer data are protected and that the data are not manipulated for purposes of individual gain. The Customs Service continues to have problems that diminish its ability to reasonably ensure that sensitive data maintained in automated systems are adequately protected from unauthorized access and modification.
In September 1996, we reported that during the previous 2 years, serious information security control weaknesses had been reported for 10 of the 15 largest federal agencies. We have made dozens of recommendations for improvement to individual agencies, and they have started acting on many of them.
In addition, we have recommended ways for the Office of Management and Budget (OMB) to enhance its ability to oversee and improve federal information security programs. We suggested steps that OMB can take to (1) effectively use opportunities to aid in overseeing and improving agency information security programs—such as annual financial audits and the newly created Chief Information Officers Council, and (2) increase the expertise of its staff in information security management issues.
Page 25 PREV PAGE TOP OF DOC
The Year 2000 Problem
The Year 2000 Problem poses the high risk that computer systems throughout government will fail to run or malfunction because computer equipment and software were not designed to accommodate the change of date at the new millennium. For example, IRS' tax systems could be unable to process returns, which in turn could jeopardize the collection of revenue and the entire tax processing system. Or SSA's disability insurance process could experience major disruptions if the interface with various state systems failed, thereby causing delays and interruptions in disability payments to citizens.
We recently issued a guide, Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD–10.1.14, exposure draft), to provide agencies a framework and a checklist for assessing their readiness to achieve year 2000 compliance. It provides information on the scope of the challenge, and offers a structured approach for reviewing the adequacy of agency planning and management of the year 2000 program.
Continuing Congressional Oversight Using New Management Tools is Key Continued congressional oversight, such as this hearing by the Subcommittee, will add essential impetus to make improvements and ensure more progress in addressing the high-risk areas just discussed and, thus, to achieve greater benefits. Effective and sustained follow-through by agency managers is necessary to resolve specific high-risk problems and implement broader management reforms, which the Congress has established to achieve better financial and information management and measure the results of program operations.
The Subcommittee can focus on agencies' progress in fixing specific high-risk problems and implementing this legislative framework through the following three efforts.
Page 26 PREV PAGE TOP OF DOC
• Apply a framework of modern technology management, as required by the 1995 Paperwork Reduction Act and the Clinger-Cohen Act of 1996.
This framework is based on practices followed by leading public and private sector organizations that have successfully used technology to dramatically improve performance and meet strategic goals. These laws fundamentally revamp and modernize federal information management practices by emphasizing the involvement of senior executives in information management decisions, establishing senior-level Chief Information Officers, tightening controls over technology spending, redesigning inefficient work processes, and using performance measures to assess technology's contribution to achieving mission results. These management practices provide agencies—such as IRS for tax systems modernization—a proven, practical means of addressing the federal government's information problems, maximizing benefits from technology spending, and controlling the risks of systems development efforts.
• Improve financial reporting and make other financial management improvements, as called for by the expanded Chief Financial Officers Act.
The landmark CFO Act spelled out a long overdue and ambitious agenda to help resolve financial management problems. This act has prompted many improvements at IRS, the Customs Service, and other agencies to provide reliable financial information for managing government programs. Fully and effectively implementing the CFO Act is critical to achieving full accountability and providing relevant information on the government's true financial status.
In addition, improved reporting and internal controls, as called for by the CFO Act, can produce substantial savings in high-risk areas. For example, better data and controls can help reduce the billions of dollars now lost annually in the Medicare program due to fraudulent and abusive claims and help decrease the $1 billion in overpayments that the SSI program experiences each year.
• Use the Government Performance and Results Act to measure performance and focus on results, which can help to pinpoint opportunities for improved performance and increased accountability.
Page 27 PREV PAGE TOP OF DOC
GPRA requires agencies to set goals, measure performance, and report on their accomplishments. Under GPRA, every major federal agency must now ask itself basic questions about performance to be measured and how performance information can be used to make improvements. For instance, performance measures would be useful for (1) reaching agreement with the Congress on and monitoring acceptable levels of errors in benefit programs (errors which may never be totally eliminated but can be much better controlled) and (2) assessing the results of tax enforcement initiatives, delinquent tax collection activities, and filing fraud reduction efforts.
Without additional attention to resolving problems in the high-risk areas that we have discussed today, the government will continue to miss important opportunities to ensure effective revenue collection operations, have well controlled and operated information systems, and save billions of dollars. We will continue to identify other ways for agencies to more effectively manage and control these and other high-risk areas and to make recommendations for improvements that can be implemented to overcome the root causes of these problems.
Madame Chairman, this concludes my statement. I will be happy to respond to any questions.
Attachment I
Areas Designated High Risk
Providing for Accountability and Cost-Effective Management of Defense Programs
Financial management (1995)
Contract management (1992)
Inventory management (1990)
Weapon systems acquisition (1990)
Defense infrastructure (1997)
Ensuring All Revenues Are Collected and Accounted for
Page 28 PREV PAGE TOP OF DOC
IRS financial management (1995)
IRS receivables (1990)
Filing fraud (1995)
Tax Systems Modernization (1995)
Customs Service financial management (1991)
Asset forfeiture programs (1990)
Obtaining an Adequate Return on Multibillion Dollar Investments in Information Technology
Tax Systems Modernization (1995)
Air traffic control modernization (1995)
Defense's Corporate Information Management initiative (1995)
National Weather Service modernization (1995)
Information security (1997)
The Year 2000 Problem (1997)
Controlling Fraud, Waste, and Abuse in Benefit Programs
Medicare (1990)
Supplemental Security Income (1997)
Minimizing Loan Program Losses
HUD (1994)
Farm loan programs (1990)
Student financial aid programs (1990)
Improving Management of Federal Contracts at Civilian Agencies
Department of Energy (1990)
NASA (1990)
Superfund (1990)
Also, planning for the 2000 Decennial Census was designated high risk in February 1997.
Page 29 PREV PAGE TOP OF DOC
Attachment II
1997 High-Risk Series
An Overview (GAO/HR–97–1)
Quick Reference Guide (GAO/HR–97–2)
Defense Financial Management (GAO/HR–97–3)
Defense Contract Management (GAO/HR–97–4)
Defense Inventory Management (GAO/HR–97–5)
Defense Weapon Systems Acquisition (GAO/HR–97–6)
Defense Infrastructure (GAO/HR–97–7)
IRS Management (GAO/HR–97–8)
Information Management and Technology (GAO/HR–97–9)
Medicare (GAO/HR–97–10)
Student Financial Aid (GAO/HR–97–11)
Department of Housing and Urban Development (GAO/HR–97–12)
Department of Energy Contract Management (GAO/HR–97–13)
Superfund Program Management (GAO/HR–97–14)
The entire series of 14 high-risk reports is numbered GAO/HR–97–20SET.
—————
Page 30 PREV PAGE TOP OF DOC
Chairman JOHNSON. Thank you.
Ms. Willis.
STATEMENT OF LYNDA D. WILLIS, DIRECTOR, TAX POLICY AND ADMINISTRATION ISSUES, GENERAL GOVERNMENT DIVISION, U.S. GENERAL ACCOUNTING OFFICE
Ms. WILLIS. Good morning. It is good to be here again with you today, as we continue our efforts to improve the operations of the Internal Revenue Service.
A key factor in understanding IRS' ongoing difficulties in the high-risk areas is the realization that its major processes and systems were developed and implemented decades ago, and were not designed to address the critical needs and vulnerabilities that confront IRS in the nineties.
In addition, the problems that IRS faces in eliminating its high-risk vulnerabilities are compounded by their interdependencies. IRS' success in addressing the weaknesses in its program areas is clearly linked to its success in modernizing its systems. However, this understanding does not mitigate our concern over IRS' progress in developing a comprehensive business strategy or plan for modernizing its processes and systems.
For years we have chronicled IRS' struggle to manage its operations, and have made scores of recommendations to improve IRS' systems, processes, and procedures. In order to achieve its stated goals of reducing the volume of paper returns, improving customer service, and enhancing voluntary compliance with the tax system, IRS needs to ensure that its new and revised processes drive its systems development and implementation.
Solving problems in the high-risk areas is not an insurmountable task, but it requires sustained management commitment, accurate information systems, and reliable performance measures to track IRS' progress and to provide the data necessary to make sound management decisions.
Page 31 PREV PAGE TOP OF DOC
There are four longstanding high-risk areas at IRS: Tax systems modernization, financial management, accounts receivable, and filing fraud. In addition, two of the new governmentwide high-risk areas also directly affect IRS operations: Information security, and the year 2000 problem or century date change.
Turning to each of these areas, I would like to briefly discuss the progress IRS has made and the measures IRS must take to solve them. For tax systems modernization, in July 1995 we reported that IRS did not have a comprehensive business strategy to effectively reduce paper tax return filings; had not yet fully developed and put in place the requisite management software development and technical infrastructure necessary to successfully implement its ambitious world class modernization; and lacked an overall systems architecture, or blueprint, to guide the modernization's development and evolution.
At that time, we made over a dozen recommendations to the Commissioner to address these weaknesses. In 1996, we reported that IRS had initiated many activities to improve its modernization efforts, but had not yet fully implemented any of our recommendations.
Since then, IRS has taken additional steps. For example, a new Chief Information Officer has been hired, as well as additional technical expertise. IRS also created an investment review board that has reevaluated and terminated several modernization development projects that were found not to be cost effective. IRS is also updating its systems development life cycle methodology, and is developing a systems architecture and project sequencing plan for the modernization.
While we recognize the IRS' actions, we remain concerned because much remains to be done to fully implement essential improvements and successfully modernize the IRS. It will take both management commitment and technical expertise for IRS to accomplish these tasks.
Our audits of IRS' financial statements have outlined the substantial improvements needed in IRS' accounting and reporting in order to comply fully with the requirements of the CFO Act. IRS has made progress in addressing these areas, and has been working to position itself to have more reliable financial statements for fiscal year 1997 and thereafter.
Page 32 PREV PAGE TOP OF DOC
To accomplish this, especially in accounting for revenue and related accounts receivable, IRS will need to institute long-term solutions involving reprogramming software for its antiquated systems and developing new systems. Followthrough to complete corrective actions is essential if IRS is to solve the financial management problems it faces.
Turning to accounts receivable, IRS' ability to effectively address its accounts receivable problems is seriously hampered by outdated equipment and processes, incomplete information to better target its collection efforts, and the absence of a comprehensive strategy and detailed plan to address the systemic nature of the underlying problems. IRS' collection efforts have also been hampered by the age of the delinquent tax accounts.
In the last 2 years, IRS has undertaken several initiatives to overcome its deficiencies. Specifically, it has efforts underway to correct errors in its master file records of tax receivables, develop profiles of delinquent taxpayers, and study the effectiveness of various collection techniques.
It has also streamlined its collection process, placed additional emphasis on contacting repeat delinquents, made its collection notices more readable, and targeted compliance-generated delinquencies for earlier intervention.
Despite these positive results, IRS needs to continue the development of the information databases and performance measures its managers need to determine which actions or improvements generate the desired changes in IRS programs and operations.
This is not a short-term commitment. It will be some time before the full results of the new initiatives are realized. IRS must take deliberate action to ensure that its problem-solving efforts are on the right track. It needs to implement a comprehensive strategy that involves all aspects of IRS operations and that sets priorities, accelerates the modernization of outdated equipment and processes, and establishes realistic goals, specific time tables, and a system to measure progress.
Page 33 PREV PAGE TOP OF DOC
When we first identified filing fraud as a high-risk area in 1995, the amount of filing fraud being detected by IRS was on an upward spiral. Since then, IRS has introduced new controls and expanded existing controls in an attempt to reduce its exposure. These controls are directed toward either preventing the filing of fraudulent returns or identifying questionable returns after they have been filed.
IRS' efforts have produced some positive results. For example, IRS efforts to validate Social Security numbers on paper returns produced over $800 million in reduced refunds or additional taxes.
IRS was less successful in identifying fraudulent returns, identifying over 65 percent fewer fraudulent returns in 1996 than during a comparable period in 1995. IRS believes this decrease is attributable to a 31-percent reduction in its fraud detection staff and the resulting underutilization of its electronic fraud detection system which enhances the identification of fraudulent returns. However, IRS does not have the information it needs to verify that the decline was the result of staff reductions, or by a general decline in the incidence of fraud.
Given the decrease in fraud detection staff, it is critically important for IRS to optimize the electronic controls that are intended to prevent the filing of fraudulent returns, and to maximize the effectiveness of available staff. Modernization is the key to achieving these objectives.
Turning now to two new governmentwide high-risk areas, IRS is vulnerable to problems in both. Related to information security, as the result of our recent work at IRS, we believe that the vulnerabilities of IRS computer systems may affect the confidentiality and accuracy of taxpayer data and may allow unauthorized access, modification, or destruction of taxpayer information. IRS does not have a proactive information security group that systematically reviews the adequacy and consistency of security over IRS computer operations.
Page 34 PREV PAGE TOP OF DOC
The year 2000 problem at IRS is such that it could create a disruption of functions and services that could jeopardize almost all of IRS' tax processing systems. It could effectively halt the processing of tax returns and related return information, the maintenance of taxpayer accounts, the assessment and collection of taxes, the recording of obligations and expenditures, and the disbursement of refunds.
To avoid the crippling effects of a multitude of computer systems simultaneously producing inaccurate and unreliable information, IRS must assign management and oversight responsibility within its senior executive corps to find the potential impact of such systems failure and develop appropriate renovation strategies and contingency plans for its critical systems.
Madam Chairman, Members of the Subcommittee, in summary, for years IRS has struggled to collect the Nation's tax revenues using outdated processes and technology. To address its high-risk problem areas, IRS needs an implementation strategy for modernizing its systems and processes that includes developing cost-benefit analyses and reasonable estimates of timeframes and resources required. Above all, IRS management needs to sustain an agencywide commitment to solving these problems.
[The prepared statement follows:]
Statement of Lynda D. Willis, Director, Tax Policy and Administration Issues, General Government Division, U.S. General Accounting Office
Madam Chairman and Members of the Subcommittee:
We are pleased to be here today to assist the Subcommittee in its review of the Internal Revenue Service's (IRS) efforts to improve the efficiency and effectiveness of its program areas that we have identified as high risk because of their vulnerability to waste, fraud, abuse, and mismanagement. A key factor in understanding IRS' ongoing difficulties in the high-risk areas is the realization that its major processes and systems were developed and implemented decades ago and were not designed to address the critical needs and vulnerabilities that confront IRS in the 1990s. In addition, the problems IRS faces in attempting to eliminate its high-risk vulnerabilities are compounded by the interdependency of the high-risk areas. For example, IRS' success in addressing the weaknesses in its program areas is clearly linked to its success in modernizing its information systems. However, this understanding of the difficulties IRS faces does not mitigate our concern over IRS' progress in developing a comprehensive strategy or detailed business plan to modernize its outdated processes and systems. Without successfully modernizing its processes and systems, IRS cannot hope to resolve the problems in its high-risk areas.
Page 35 PREV PAGE TOP OF DOC
Overview
In February 1997, we issued our third series of reports on the status of high-risk areas across the government.(see footnote 2) One report in the series discussed the four long-standing high-risk areas at IRS: (1) tax systems modernization—IRS' development of the business and management strategies, software acquisition and development capabilities, and technical infrastructure and systems architecture needed to modernize its systems and processes; (2) financial management—IRS' efforts to properly account for its tax revenues, obligations, and disbursements; (3) accounts receivable—IRS' initiatives to better understand the composition of its tax debt inventory and to devise effective collection strategies and reliable programs to prevent future delinquencies; and (4) filing fraud—IRS' efforts to gather sufficient information to determine the effectiveness of its attempts to deter the filing of fraudulent returns.(see footnote 3)
Our 1997 high-risk report series also designated five new high-risk areas, two of which have government-wide implications and directly affect IRS' operations.(see footnote 4) One area is information security—IRS' initiatives to better protect the confidentiality and accuracy of taxpayer data from unauthorized access and manipulation. The other area is the year 2000 problem—IRS' plans to protect itself from the operational and financial impacts that could affect tax processing and revenue collection systems if its computer systems cannot accommodate the change of date to the year 2000.
Today, we will briefly discuss the problems IRS faces in these six high-risk areas, the progress IRS has made since our last series of high-risk reports in 1995, and the measures IRS must take to resolve the problems in its high-risk areas. This testimony is based on our prior reports and recent information obtained from IRS.
Page 36 PREV PAGE TOP OF DOC
IRS' High-Risk Areas
For years we have chronicled IRS' struggle to modernize and manage its operations, especially in the high-risk areas, and have made scores of recommendations to improve IRS' systems, processes, and procedures. It is clear that in order to achieve its stated goals of reducing the volume of paper tax returns, providing better customer service, and improving compliance with the nation's tax laws, IRS must successfully modernize its systems and operations. To accomplish this modernization, however, IRS needs to develop comprehensive business strategies to ensure that its new and revised processes drive systems development and acquisition. Solving the problems in the high-risk areas is not an insurmountable task, but it requires sustained management commitment, accurate information systems, and reliable performance measures to track IRS' progress and provide the data necessary to make informed management decisions.
Tax Systems Modernization
Over the last decade, IRS has been attempting to overhaul its timeworn, paper-intensive approach to tax return processing. At stake is the over $3 billion that IRS has spent or obligated on this modernization since 1986, as well as any additional funds that IRS plans to spend on the modernization.
In July 1995, we reported that IRS (1) did not have a comprehensive business strategy to cost-effectively reduce paper tax return filings; (2) had not yet fully developed and put in place the requisite management, software development, and technical infrastructure necessary to successfully implement its ambitious, world-class modernization; and (3) lacked an overall systems architecture, or blueprint, to guide the modernization's development and evolution.(see footnote 5) At that time, we made over a dozen recommendations to the IRS Commissioner to address these weaknesses.
Page 37 PREV PAGE TOP OF DOC
Pursuant to subsequent congressional direction, we assessed IRS' actions to correct its management and technical weaknesses. We reported in June and September 1996 that IRS had initiated many activities to improve its modernization efforts but had not yet fully implemented any of our recommendations.(see footnote 6) We also suggested to Congress that it consider limiting modernization funding exclusively to cost-effective efforts that (1) support ongoing operations and maintenance; (2) correct IRS' pervasive management and technical weaknesses; (3) are small, represent low technical risk, and can be delivered quickly; and (4) involve deploying already developed and fully tested systems that have proven business value and are not premature given the lack of a completed architecture.
IRS has taken steps to address our recommendations and respond to congressional direction. For example, IRS hired a new Chief Information Officer. It also created an investment review board to select, control, and evaluate its information technology investments. Thus far, the board has reevaluated and terminated several major modernization development projects that were not found to be cost-effective. In addition, IRS provided a report to Congress in November 1996 that set forth IRS' strategic plan and its schedule for shifting modernization development and deployment to contractors.
IRS is also finalizing a comprehensive strategy to maximize electronic filing that is currently scheduled for completion in May 1997. It is also updating its system development life cycle methodology and is working across various IRS organizations to define disciplined processes for software requirements management, quality assurance, configuration management, and project planning and tracking. Additionally, IRS is developing a systems architecture and project sequencing plan for the modernization and intends to provide this to Congress by May 15, 1997.
While we recognize IRS' actions, we remain concerned because much remains to be done to fully implement essential improvements. Increasing the use of contractors, for example, will not automatically increase the likelihood of successful modernization because IRS does not have the technical capability needed to manage all of its current contractors. To be successful, IRS must also continue to make a concerted, sustained effort to fully implement our recommendations and respond effectively to the requirements outlined by Congress. It will take both management commitment and technical discipline for IRS to accomplish these tasks.
Page 38 PREV PAGE TOP OF DOC
Financial Management
Our audits of IRS' financial statements have outlined the substantial improvements needed in IRS' accounting and reporting in order to comply fully with the requirements of the Chief Financial Officers Act of 1990 (CFO Act). The audits for fiscal years 1992 through 1995 have described IRS' difficulties in (1) properly accounting for its tax revenues, in total and by reported type of tax; (2) reliably determining the amount of accounts receivable owed for unpaid taxes; (3) regularly reconciling its Fund Balance With Treasury accounts; and (4) either routinely providing support for receipt of the goods and services it purchases or, where supported, accurately recording the purchased item in the proper period.
IRS has made progress in addressing problems in these areas and has developed an action plan, with specific timetables and deliverables, to address the issues our financial statement audits have identified. In the administrative accounting area, for example, IRS reported that it has identified substantially all of the reconciling items for its Fund Balance With Treasury accounts, except for certain amounts IRS has deemed not to be cost-beneficial to research further. It also has successfully transferred its payroll processing to the Department of Agriculture's National Finance Center and has begun designing both a short-term and a long-term strategy to fix the problems that contribute to its nonpayroll expenses being unsupported or reported in the wrong period.
In the revenue accounting area, IRS' problems are especially affected and complicated by automated data processing systems that were implemented many years ago and thus not designed to support the new financial reporting requirements imposed by the CFO Act. Therefore, IRS has designed an interim solution to capture the detailed support for revenue and accounts receivable until longer-term solutions can be identified and implemented. Some of the longer-term actions include (1) implementing software, hardware, and procedural changes needed to create reliable subsidiary accounts receivable and revenue records that are fully integrated with the general ledger; and (2) implementing software changes that allow the detailed taxes reported to be maintained separately from the results of compliance efforts that would not be valid financial reporting transactions in the masterfile, other related revenue accounting feeder systems, and the general ledger.
Page 39 PREV PAGE TOP OF DOC
Over the past 4 years, we have made numerous recommendations to improve IRS' financial management systems and reporting, and IRS has been working to position itself to have more reliable financial statements for fiscal year 1997 and thereafter. To accomplish this, especially in accounting for revenue and the related accounts receivables, IRS will need to institute long-term solutions involving reprogramming software for IRS' antiquated systems and developing new systems as required.
Follow-through to complete necessary corrective measures is essential if IRS is to ensure that its corrective actions are carried out and effectively solve its financial management problems. Solving these problems is fundamental to providing reliable financial information and ensuring taxpayers that the government can properly account for their federal tax dollars. The accuracy of IRS' financial statements is vital to both IRS and Congress for (1) ensuring adequate accountability for IRS programs; (2) assessing the impact of tax policies; and (3) measuring IRS' performance and cost effectiveness in carrying out its numerous tax enforcement, customer service, and collection activities.
Accounts Receivable
IRS routinely collects over a trillion dollars annually in taxes, but many taxpayers are unable or unwilling to pay their taxes when due. As a result, IRS estimates that its accounts receivable amounts to tens of billions of dollars. Unfortunately, IRS' ability to effectively address its accounts receivable problems is seriously hampered by its outdated equipment and processes, incomplete information needed to better target collection efforts, and the absence of a comprehensive strategy and detailed plan to address the systemic nature of the underlying problems.
IRS' collection efforts have also been hampered by the age of the delinquent tax accounts. Because of the outdated equipment and processes used to match tax returns and related information documents, it can take IRS several years to identify potential delinquencies and then initiate collection actions. In addition, according to IRS, the 10-year statutory collection period generally precludes it from writing off uncollectible receivables until that period has expired. As a result, the receivables inventory includes many relatively old accounts that will never be collected because the taxpayers are deceased or the companies defunct.
Page 40 PREV PAGE TOP OF DOC
This is not to say, however, that IRS has not been trying to overcome its deficiencies. In the last 2 years, IRS has undertaken initiatives to correct errors in its masterfile records of tax receivables, develop profiles of delinquent taxpayers, and study the effectiveness of various collection techniques. It has also streamlined its collection process, placed additional emphasis on contacting repeat delinquents, made its collection notices more readable, and targeted compliance-generated delinquencies for earlier intervention.
IRS reported that, as a result of taking these actions, its collection employees took in more money than they classified as ''currently not collectible'' and that the amount of money collected immediately following the revision of its collection notices increased by almost 25 percent over a comparable period in 1995. In addition, IRS reported collecting more in delinquent taxes in fiscal year 1996 than it ever has, almost $30 billion.
Despite these positive results, IRS needs to continue the development of information databases and performance measures to afford its managers the data needed to determine which actions or improvements generate the desired changes in IRS' programs and operations. And, this should not be looked upon as a short-term commitment. It will still take a number of years to identify the root causes of delinquencies and to develop, test, and implement courses of action to deal with the causes. Furthermore, once the analyses and planning are completed, it will still be some time before full results of the new initiatives are realized.
Therefore, IRS must take deliberate action to ensure that its problem-solving efforts are on the right track. Specifically, it needs to implement a comprehensive strategy that involves all aspects of IRS' operations and that sets priorities; accelerates the modernization of outdated equipment and processes; and establishes realistic goals, specific timetables, and a system to measure progress.
Filing Fraud
Page 41 PREV PAGE TOP OF DOC
When we first identified filing fraud as a high-risk area in February 1995, the amount of filing fraud being detected by IRS was on an upward spiral. Since then, IRS has introduced new controls and expanded existing controls in an attempt to reduce its exposure to filing fraud. Those controls are directed toward either (1) preventing the filing of fraudulent returns or (2) identifying questionable returns after they have been filed.
To deter the filing of fraudulent returns, IRS (1) expanded the number of up-front filters in the electronic filing system designed to screen electronic submissions for selected problems in order to prevent returns with those problems from being filed electronically and (2) strengthened the process for checking the suitability of persons applying to participate in the electronic filing program as return preparers or transmitters by requiring fingerprint and credit checks.
To better identify fraudulent returns once they have been filed, IRS placed an increased emphasis in 1995 on validating social security numbers (SSN) on filed paper returns and delayed any related refunds to allow time to do those validations and to check for possible fraud. IRS also revised the computerized formulas it used to score all tax returns as to their fraud potential and upgraded the research capabilities of its fraud detection staff.
IRS' efforts produced some positive results. For example, the number of SSN problems identified by the electronic filing filters quadrupled between 1994 and 1995, and about 350 persons who applied to participate in the electronic filing program for 1995 were rejected because they failed the new fingerprint and credit checks. IRS' efforts to validate SSNs on paper returns produced over $800 million in reduced refunds or additional taxes. Unfortunately, IRS identified many more SSN problems than it was able to deal with and released about 2 million refunds without resolving the problems.
IRS was less successful in identifying fraudulent returns, identifying over 65 percent fewer fraudulent returns in 1996 than during a comparable period in 1995. IRS believes this decrease is attributable to a 31-percent reduction in its fraud detection staff and the resulting underutilization of its Electronic Fraud Detection System, which enhances the identification of fraudulent returns and lessens the probability of improperly deleting accurate refunds. However, IRS does not have the information it needs to verify that the decline was the result of staff reductions or to determine the extent to which the downward trend may have been affected by changes in the program's operating and reporting procedures or by a general decline in the incidence of fraud.
Page 42 PREV PAGE TOP OF DOC
Given the decrease in fraud detection staff, it is critically important for IRS to (1) optimize the electronic controls that are intended to prevent the filing of fraudulent returns and (2) maximize the effectiveness of available staff. Modernization is the key to achieving these objectives, and electronic filing is the cornerstone of that modernization. One solution, then, is to increase the percentage of returns filed electronically. To achieve this goal, IRS must first identify those groups of taxpayers who offer the greatest opportunity to reduce IRS' paper-processing workload and operating costs if they were to file electronically. IRS must then develop strategies that focus its resources on eliminating or lessening impediments that inhibit those groups from participating in the program.
Information Security
Malicious attacks on computer systems are an increasing threat to our national welfare. The federal government now relies heavily on interconnected systems to control critical functions which, if compromised, place billions of dollars worth of assets at risk of loss and vast amounts of sensitive data at risk of unauthorized disclosure. Increasing reliance on networked systems and electronic records has elevated our concerns about the possibility of serious disruption to critical federal operations.
As a result of our recent work at IRS, we believe that the vulnerabilities of IRS' computer systems may affect the confidentiality and accuracy of taxpayer data and may allow unauthorized access, modification, or destruction of taxpayer information. The overriding problem at IRS is that information security issues are addressed on a reactive basis. IRS does not have a proactive, independent information security group that systematically reviews the adequacy and consistency of security over IRS' computer operations. In addition, computer security management has not completed a formal risk assessment of its systems to determine system sensitivity and vulnerability. As a result, IRS cannot effectively prevent or detect unauthorized browsing of taxpayer information and cannot ensure that taxpayer data is not being improperly manipulated for personal gain.
Page 43 PREV PAGE TOP OF DOC
IRS needs to address its information security weaknesses on a continuing basis. More specifically, IRS needs to impress upon its senior managers the need to conduct regular systematic security reviews and risk assessments of IRS' computer systems and operations. The weaknesses identified by these reviews and assessments then need to be corrected expeditiously by personnel who have the technical expertise to effectively implement, manage, and monitor the necessary security controls and measures.
The Year 2000 Problem
For the past several decades, computer systems have used two digits to represent the year, such as ''97'' for 1997, in order to conserve electronic data storage and reduce operating costs. In this format, however, the year 2000 is indistinguishable from the year 1900 because both are represented as ''00.'' As a result, if not modified, computer systems and applications that use dates or perform date- or time-sensitive calculations may generate incorrect results beyond 1999.
For IRS, such a disruption of functions and services could jeopardize all of its tax processing systems and administration. It could effectively halt the processing of tax return and return-related information, the maintenance of taxpayer account information, the assessment and collection of taxes, the recording of obligations and expenditures, and the disbursement of refunds. At the very least, IRS' core business functions and mission-critical processes are at risk of failure, as is numerous other administrative and management processes.
To avoid the crippling effects of a multitude of computer systems simultaneously producing inaccurate and unreliable information, IRS must assign management and oversight responsibility within its senior executive corps, define the potential impact of such a systems failure, and develop appropriate renovation strategies and contingency plans for its critical systems. Modifying IRS' critical computer systems is a massive undertaking whose success or failure will, in large part, be determined by the quality of IRS' executive leadership and program management.
Page 44 PREV PAGE TOP OF DOC
Summary Outlook
For years, IRS has struggled to collect the nation's tax revenue using outdated processes and technology. The result has often been inefficient and ineffective programs and operations that are vulnerable to waste, fraud, abuse, and mismanagement. Of particular concern to us have been IRS' efforts to modernize its tax systems, manage its administrative and revenue accounting systems, identify and collect taxes owed the government, detect and prevent the filing of fraudulent tax returns, protect the confidentiality of taxpayer information, and prevent the future disruption of tax services due to computer malfunctions.
These areas of concern share common characteristics that IRS must address in the very near future. At a minimum, IRS needs an implementation strategy that includes both performing cost-benefit analyses and developing reasonable estimates of the extent, time frames, and resources required to correct its high-risk vulnerabilities. IRS also needs to (1) better define, prioritize, implement, and manage new information systems; (2) ensure that its administrative and revenue accounting systems fully comply with government accounting standards; (3) design and implement both administrative and electronic controls to protect taxpayer data from unauthorized access; and (4) develop performance measures that will allow its managers, Congress, and us to track its progress. And, above all, IRS management needs to sustain an agencywide commitment to solving the agency's high-risk problems.
Madam Chairman, this concludes my prepared statement. We will be glad to answer any questions that you or the Members of the Subcommittee may have.
—————
Page 45 PREV PAGE TOP OF DOC
Chairman JOHNSON. Thank you, Ms. Willis.
Ms. Ross.
STATEMENT OF JANE L. ROSS, DIRECTOR, INCOME SECURITY ISSUES, HEALTH, EDUCATION, AND HUMAN SERVICES DIVISION, U.S. GENERAL ACCOUNTING OFFICE
Ms. ROSS. Good morning. I am pleased to be here to discuss the Supplemental Security Income Program and our decision to designate it as one of our high-risk areas. As you know, the SSI Program provides means tested income support payments to eligible aged, blind, and disabled persons.
Before I discuss SSI's vulnerabilities, let me give you a little background on the program. SSI was enacted in 1974. It is almost entirely financed by Federal taxes, and it is run by the Social Security Administration. SSI now has about 6.6 million recipients who receive benefits totaling over $27 billion a year, virtually all of which are Federal dollars.
While you may not hear as much about SSI as other welfare programs such as AFDC or food stamps, the dollars spent on SSI are larger than those spent on AFDC, and are about the same as those spent on food stamps. In other words, SSI is a major Federal welfare program.
There are several longstanding problems in SSI that caused us to designate the program as high risk. These problems involve the methods SSA uses to verify recipients' initial and continuing eligibility for SSI benefits, and the Agency's efforts to get SSI recipients into the work force.
These deficiencies have placed the program at considerable risk and contributed to significant annual increases in overpayments. During 1996, SSA had $2.3 billion in SSI overpayments that was owed to them, including almost $900 million in newly detected overpayments during the year. The Agency was successful in recovering only 15 percent of the amount they were owed.
Page 46 PREV PAGE TOP OF DOC
This morning I want to give you a better understanding of why we consider SSI a high-risk program, by discussing just one area of vulnerability: The way in which SSA determines whether individuals are financially eligible for the program.
Individuals cannot have income greater than $484 a month, nor have resources worth more than $2,000, in order to qualify. Applicants have to tell all about their income sources, as well as information on assets, marital status, living arrangements, and any changes in those things, including whether you become incarcerated or become a resident in a nursing home.
To verify that the information provided by recipients is accurate, SSA generally relies on matching data from other Federal and State agencies, such as VA benefits data and State unemployment data. SSA needs accurate and timely information because it is much easier to prevent overpayments than to recover them later.
However, we have found that the data from computer matches is often quite old and incomplete. For example, computer matches in the employment and earned income area are from 6 to 21 months old, so that overpayments accrue for at least that long before collection actions can begin.
Another weakness in this process is that SSA does not conduct some matches which actually might detect overpayments. For example, SSA has not matched its data with AFDC records to detect SSI recipients who may be receiving benefits from that source.
Our work in the last few years suggests that recipients do not always report required information when they should, and may not report it at all. For example, last year we reported that about 3,000 current and former prisoners in 13 of the Nation's largest county and local jails had been erroneously paid millions of dollars in SSI benefits, mainly because SSA lacked timely and complete information on their incarceration.
Also, some recipients may be making false reports. SSA staff have indicated that reports of changes in living arrangements are frequently subject to abuse. One common scenario involves recipients who become eligible for SSI benefits and shortly thereafter report to SSA that they have separated from their spouse and are living in separate residences. SSA field staff suspects that these reported changes occur as recipients become aware that separate living arrangements will substantially increase their monthly benefits.
Page 47 PREV PAGE TOP OF DOC
To obtain more timely and accurate recipient data, SSA is currently testing the use of online access to State databases to supplement the information it already receives. Online access provides direct connections between SSA's computers and the computers maintained by certain State agencies. Data can be obtained by SSA staff as soon as it is requested and used to verify the amount of AFDC or other benefit income.
We believe that nationwide use of online access to State computerized income data could prevent or more quickly detect about $130 million in overpayments each year. Although some States can currently provide online access to their data inexpensively and easily, SSA has moved too slowly in this area.
In addition to State data, online access to other Federal agencies' data may also greatly help SSA, but SSA has moved slowly in this area, as well. Overall, SSA is not sufficiently alert to current problems in verifying data related to financial eligibility, nor sufficiently active in pursuing new techniques to mitigate these problems.
Let me conclude at this point. The problems we have identified in the SSI Program are long standing and have contributed to billions of tax dollars being overpaid to recipients. They have also served to compromise the integrity of the program and reinforce public perceptions that the SSI Program pays benefits to too many people for too long.
Although many of the changes recently enacted by the Congress or implemented by SSA may result in improvements, the underlying problems still exist. In light of welfare reform, the importance of having tight controls on SSI is even greater. As time limits and work requirements begin to be felt, it is likely that both individuals and States will look for opportunities to move people onto the SSI roles.
Our work has shown that SSI's vulnerability is due both to problems in program design and inadequate SSA management attention to the program. Revising SSA's approach to managing the program will require sustained attention and direction at the highest levels of the Agency.
Page 48 PREV PAGE TOP OF DOC
One challenge for the new SSA Commissioner will be to focus greater Agency attention on management of SSI and the future viability and integrity of the program. This completes my statement.
[The prepared statement follows:]
Statement of Jane L. Ross, Director, Income Security Issues, Health, Education, and Human Services Division, U.S. General Accounting Office
Madame Chairman and Members of the Subcommittee:
I am pleased to be here to discuss the Social Security Administration's (SSA) Supplemental Security Income (SSI) program and our decision to designate the program one of our high-risk areas. As you know, the SSI program provides means-tested income support payments to eligible aged, blind, or disabled people. Since the program's inception in 1974, the number of individuals receiving SSI cash benefits has grown significantly. About 6.6 million recipients now receive roughly $22 billion in federal benefits. In the past several years, a major reason for growth in the SSI rolls has been an increasing number of younger recipients with mental impairments who have limited work histories. Rapid growth in the number of children receiving SSI benefits has further contributed to changes in the program's character. The increased number and diversity of SSI recipients has spurred criticism that the SSI program is increasingly susceptible to fraud, waste, and abuse. Through our work, we have also demonstrated that the SSI program has been adversely affected by internal control weaknesses, complex policies, and insufficient management attention. (A list of related GAO products dealing with SSI program vulnerabilities appears at the end of this statement).
Today, I would like to discuss several long-standing problems in SSI that have caused us to designate the program as high risk. These problems involve the methods SSA uses to verify recipients' initial and continuing eligibility for SSI benefits and the agency's efforts to get SSI recipients into the workforce. These deficiencies have placed the program at considerable risk and contributed to significant annual increases in overpayments to SSI recipients. Overpayments include payments to people ineligible for the program, as well as to those receiving higher benefit payments than their income and assets warrant. During 1996, SSA had $2.3 billion in overpayments that was owed to the agency, including $895 million in newly detected overpayments during the year. In that year, the agency was successful in recovering only $357 million of the total outstanding debt.
Page 49 PREV PAGE TOP OF DOC
To briefly summarize our findings, the SSI program has had significant problems in determining initial and continuing financial eligibility because of the agency's reliance on individuals' own reports of their income and resources and failure to thoroughly check this information. Moreover, the judgmental nature of SSA's disability determination process and SSA's past failure to adequately review SSI recipients to determine whether they remain disabled have also exposed the program to fraud, waste, and abuse. Finally, SSA is at risk of paying some SSI recipients benefits for too long because it has not adequately addressed their special vocational rehabilitation needs nor developed an agencywide strategy for helping recipients who can enter the workforce. The Congress has recently made several changes that address program eligibility issues and increase the frequency of SSA's continuing eligibility reviews. SSA has also begun addressing its program vulnerabilities and has made the prevention of fraud and abuse a part of its plan for rebuilding public confidence in the agency. However, our concerns about underlying SSI program vulnerabilities and the level of management attention devoted to these vulnerabilities continue. As part of our high-risk work, we are continuing to evaluate the underlying causes of long-standing SSI problems and the actions necessary to address them.
Background
SSI provides cash benefits to low-income aged, blind, or disabled people. Currently, the aged SSI population is roughly 1.4 million and the blind and disabled population more than 5.2 million. Those who are applying for benefits on the basis of age must be age 65 or older and be financially eligible for benefits; those who are applying for disability benefits must qualify on the basis of two criteria: financial and disability eligibility. To qualify for benefits financially, individuals may not have income greater than the current maximum monthly SSI benefit level of $484 ($727 for a couple) or have resources worth more than $2,000 ($3,000 for a couple). To be qualified as disabled, applicants must be unable to engage in any substantial gainful activity because of an impairment expected to result in death or last at least 12 months.
Page 50 PREV PAGE TOP OF DOC
The process SSA uses to determine an applicant's financial eligibility for SSI benefits involves an initial determination when someone first applies and periodic reviews to determine whether the recipient remains eligible. SSI recipients are required to report significant events that may affect their financial eligibility for benefits, including changes in income, resources, marital status, or living arrangements, such as incarceration or residence in a nursing home. To verify that the information provided by a recipient is accurate, SSA generally relies on matching data from other federal and state agencies, including the Internal Revenue Service form 1099 information, Department of Veterans Affairs benefits data, and state-maintained earnings and unemployment benefits data. When SSA staff find discrepancies between income and assets claimed by a recipient and the data from other agencies, they send notices to SSA field offices to investigate further.
To determine a person's qualifications for SSI as a disabled person, SSA must determine the individual's capacity to work as well as his or her financial eligibility. To determine whether an applicant's impairment qualifies him or her for SSI benefits, SSA uses state Disability Determination Services (DDS) to make the initial assessment. Once a recipient begins receiving benefits, SSA is required to periodically conduct Continuing Disability Reviews (CDR) to determine whether a recipient's condition remains disabling.
Regarding returning recipients to work, the Social Security Act states that to the maximum extent possible, individuals applying for disability benefits should be rehabilitated into productive activity. To this end, SSA is required to refer SSI recipients to state vocational rehabilitation agencies for services intended to prepare them for returning to work. The act also provides various work incentives to safeguard cash and medical benefits while a recipient tries to return to work.
SSA Pays Inadequate Attention to Verifying Recipients' Financial Eligibility
To correctly determine an individual's initial and continuing financial eligibility, SSA needs accurate and timely information because it is much easier to prevent overpayments than to recover them. SSA tries to get this information directly from applicants and recipients but also supplements this data through the use of computer matches with other federal and state agencies. To do this, SSA compares federal and state data with information claimed by SSI applicants. In many instances, these matches allow SSA to detect information that SSI recipients fail to report; in other cases, they provide more accurate information. However, our prior reviews have found that data from computer matches are often quite old and sometimes incomplete. For example, computer matches for earned income rely on data that are from 6 to 21 months old, allowing overpayments to accrue for this entire period before collection actions can begin. This puts SSI at risk because it collects only about 15 percent of outstanding overpayments. Another weakness in this process is that SSA does not conduct some matches that could help to detect additional overpayments. For example, SSA has not matched data from Aid to Families With Dependent Children (AFDC) to detect SSI recipients who may be receiving benefits from this program.
Page 51 PREV PAGE TOP OF DOC
Our work in the last few years suggests that recipients do not always report required information when they should and may not report it at all. For example, last year we reported that about 3,000 current and former prisoners in 13 county and local jails had been erroneously paid $5 million in SSI benefits, mainly because SSA lacked timely and complete information on their incarceration. Recipients or their representative payees did not report the incarceration to SSA as required, and SSA had not arranged for localities to report such information. SSA told us that it has begun a program to identify SSI recipients in jails who should no longer be receiving benefits.
Our ongoing SSI work is identifying similar program problems and weaknesses as those noted in prior reports. For example, SSA staff have indicated that recipients' reporting of changes in living arrangements is frequently subject to abuse. One common scenario involves recipients who become eligible for SSI benefits and shortly thereafter report to SSA that they have separated from their spouse and are living in separate residences. SSA field staff suspect that these reported changes in living arrangements take place because recipients become aware that separate living arrangements will substantially increase their monthly benefits. Another ongoing study of SSI recipients admitted to nursing homes has found that despite SSA procedures and recent legislation to encourage reporting such living arrangement changes, thousands of SSI recipients in nursing homes continue to receive full benefits, resulting in millions of dollars in overpayments each year. This happens because recipients and nursing homes do not report changes in living arrangements and because computer matches with participating states to detect nursing home admissions are not done in a timely manner and are often incomplete. Consequently, these admissions and the resulting overpayments are likely to go undetected for long time periods.
In a final area related to financial eligibility, we recently reported that between 1990 and 1994, approximately 3,500 SSI recipients transferred ownership of resources, such as cash, houses, land, and other items valued at an estimated $74 million to qualify for SSI benefits. This figure represents only transfers of resources that recipients actually told SSA about. Although these transfers are legal, using them to qualify for SSI benefits raises serious questions about SSA's ability to protect taxpayer dollars from waste and abuse and may undermine the public's confidence in the program. SSA has acknowledged and supports the need to work with the Congress to develop legislation to address this problem.
Page 52 PREV PAGE TOP OF DOC
To obtain more timely and accurate recipient data, SSA is currently testing the use of online access to state databases to supplement the information it receives. Online access provides direct connections between SSA's computers and the databases maintained by certain state agencies. Data can be obtained immediately by SSA staff as soon as requested and used for a variety of purposes, including verifying the amount of AFDC or other benefit income a client reports. After reviewing this SSA initiative, we concluded that nationwide use of online access to state computerized data could prevent or more quickly detect about $130 million in overpayments due to unreported or underreported income in one 12-month period. Online access could save program dollars by controlling overpayments and reducing the administrative expense of trying to recover them. In responding to our review, SSA noted that it was exploring options for expanding online access and was examining the cost-effectiveness of doing so. Although some states can currently provide online access to their data inexpensively and easily, SSA has moved slowly in this area. In addition to state data, online access to other federal agencies' data may help SSA save program dollars. SSA has also moved slowly in this area, however.
Program Vulnerabilities Are Associated with Determining Disability Eligibility
In addition to financial eligibility, for those who apply for disability benefits, SSA must also determine their disability eligibility or their capacity to work. SSA's lengthy and complicated disability decision-making process results in untimely and inconsistent decisions. Adjudicators at all levels of this process have to make decisions about recipients' work capacity on the basis of complex and often judgmental disability criteria. Determining disability eligibility became increasingly difficult in the early 1990s as younger individuals with mental impairments began to apply for benefits in greater numbers. Generally, mental impairments are difficult to evaluate, and the rates of award are higher for these impairments than for physical impairments.
SSA's processes and procedures for determining disability have placed the SSI program at particular risk for fraud, waste, and abuse. For example, in 1995, we reported that SSA's ability to ensure reasonable consistency in administering the program for children with behavioral and learning disorders had been limited by the subjectivity of certain disability criteria. To address these problems, recent welfare reform legislation included provisions to tighten the eligibility rules for childhood disability and remove children from the rolls who have qualified for SSI on the basis of less restrictive criteria. It is too early, however, to tell what impact the new legislation will ultimately have on SSI benefit payments and SSA's ability to apply consistent disability policies to this population.
Page 53 PREV PAGE TOP OF DOC
In addition, we reported in 1995 that middlemen were facilitating fraudulent SSI claims by providing translation services to non-English-speaking individuals who were applying for SSI. These middlemen were coaching SSI claimants on appearing mentally disabled, using dishonest health care providers to submit false medical evidence to those determining eligibility for benefits, and providing false medical information on claimants' medical and family history. In one state alone, a middleman arrested for fraud had helped at least 240 people obtain $7 million in SSI benefits. SSI's vulnerability to fraudulent applications involving middlemen was the result of the lack of a comprehensive strategy for keeping ineligible applicants off the SSI rolls, according to our review. SSA told us that half of all SSI field office recent hires are bilingual, a step that it believes will reduce the involvement of fraudulent middlemen.
In light of the difficulty of determining disability and SSI's demonstrated vulnerability to fraud and manipulation, periodic reviews are essential to ensure that recipients are disabled. Our work has shown, however, that SSA has not placed adequate emphasis on CDRs of SSI cases. In 1996, we reported that many recipients received benefits for years without having any contact with SSA about their disability. We also noted that SSA performed relatively few SSI CDRs until the Congress mandated in 1994 that it conduct such reviews. Furthermore, SSA's processes for identifying and reviewing cases for continuing eligibility did not adequately target recipients with the greatest likelihood for medical improvement.
Currently, SSA is implementing new review requirements in the welfare reform law. In addition, SSA had about 2 1/2 million required CDRs due or overdue in the Disability Insurance (DI) program and 118,000 SSI CDRs due or overdue as of 1996. Despite the importance of CDRs for ensuring SSI program integrity, competing workloads from implementing welfare reform legislation will challenge SSA in completing the required number of SSI CDRs.
SSA Has not Emphasized Return to Work and Vocational Rehabilitation
Page 54 PREV PAGE TOP OF DOC
As mentioned previously, the Social Security Act states that as many people as possible who are applying for disability benefits should be rehabilitated into productive activity. We have found, however, that SSA places little priority on helping recipients move off the SSI rolls by obtaining employment. Yet, if only a small proportion of recipients were to leave the SSI rolls by returning to work, the savings in lifetime cash benefits would be significant.
Technological and societal changes in the last decade have raised the possibility of more SSI recipients returning to work. For example, technological advances, such as standing wheelchairs and synthetic voice systems, have made it easier for people with disabilities to enter the workplace. Legislative changes, such as the Americans With Disabilities Act, and social changes, such as an increased awareness of the economic contributions of individuals with disabilities, have also enhanced the likelihood of these individuals finding jobs. During the past decade, the proportion of middle-aged SSI recipients has steadily increased. Specifically, the number of SSI recipients between the ages of 30 and 49 has increased from 36 percent in 1986 to about 46 percent in 1995 to about 1.6 million people. Thus, many SSI recipients have many productive years in which to contribute to the workforce.
Despite these factors, SSA has missed opportunities to promote work among disabled SSI recipients. In 1972, the Congress created the plan for achieving self-support (PASS) to help low-income individuals with disabilities return to work. The program allows SSI recipients to receive higher monthly benefits by excluding from their SSI eligibility and benefit calculations any income or resources used to pursue a work goal. SSA pays about $30 million in additional cash benefits annually to PASS program participants. Despite these cash outlays, almost none of the participants leave the rolls by returning to work.
SSA has poorly implemented and managed the PASS program. In particular, SSA has developed neither a standardized application containing essential information on the applicant's disability, education, and skills nor ways to measure program effectiveness. We have recommended that SSA act on several fronts to control waste and abuse and evaluate the effect of PASS on recipients' returning to work. In general, SSA has agreed with our recommendations and taken some steps to more consistently administer the PASS program.
Page 55 PREV PAGE TOP OF DOC
In the past several months, however, several efforts have begun to place a greater emphasis on returning disabled people to work. The administration is seeking statutory authority to create a voucher system that recipients could voluntarily use to get rehabilitation and employment services from public or private providers and is also seeking legislation to extend medical coverage for recipients who return to work. The Congress has also put forth several proposals in these areas.
Conclusion
The problems we have identified in the SSI program are long-standing and have contributed to billions of tax dollars being overpaid to recipients. They have also served to compromise the integrity of the program and reinforce public perceptions that the SSI program pays benefits to too many people for too long. Although many of the changes recently enacted by the Congress or implemented by SSA may result in improvements, the underlying problems still exist.
Our work has shown that SSI's vulnerability is due both to problems in program design and inadequate SSA management attention to the program. Revising SSA's approach to managing the program will require sustained attention and direction at the highest levels of the agency as well as actively seeking the cooperation of the Congress in improving the program's operations and eligibility rules. One challenge for the new SSA Commissioner will be to focus greater agency attention on management of SSI and the future viability and integrity of this program.
This concludes my prepared statement. I will be happy to respond to any questions you or other members of the Subcommittee may have.
For more information on this testimony, please call Jane Ross on (202) 512–7230 or Roland Miller, Assistant Director, on (202) 512–7246.
Related GAO Products
Page 56 PREV PAGE TOP OF DOC
Social Security Disability: Improvements Needed to Continuing Disability Review Process (GAO/HEHS–97–1, Oct. 16, 1996).
Supplemental Security Income: SSA Efforts Fall Short in Correcting Erroneous Payments to Prisoners (GAO/HEHS–96–152, Aug. 30, 1996).
Supplemental Security Income: Administrative and Program Savings Possible by Directly Accessing State Data (GAO/HEHS–96–163, Aug. 29, 1996).
SSA Disability: Return-to-Work Strategies From Other Systems May Improve Federal Programs (GAO/HEHS–96–133, July 11, 1996).
Social Security: Disability Programs Lag in Promoting Return to Work (GAO/T–HEHS–96–147, June 5, 1996).
SSA Disability: Program Redesign Necessary to Encourage Return to Work (GAO/HEHS–96–62, Apr. 24, 1996).
Supplemental Security Income: Some Recipients Transfer Valuable Resources to Qualify for Benefits (GAO/HEHS–96–79, Apr. 30, 1996).
PASS Program: SSA Work Incentive for Disabled Beneficiaries Poorly Managed (GAO/HEHS–96–51, Feb. 28, 1996).
Supplemental Security Income: Disability Program Vulnerable to Applicant Fraud When Middlemen Are Used (GAO/HEHS–95–116, Aug. 31, 1995).
Social Security: New Functional Assessments for Children Raise Eligibility Questions (GAO/HEHS–95–66, Mar. 10, 1995).
—————
Chairman JOHNSON. Thank you very much.
Page 57 PREV PAGE TOP OF DOC
Ms. Aronovitz.
STATEMENT OF LESLIE G. ARONOVITZ, ASSOCIATE DIRECTOR, HEALTH FINANCING AND SYSTEMS ISSUES, HEALTH, EDUCATION, AND HUMAN SERVICES DIVISION, U.S. GENERAL ACCOUNTING OFFICE
Ms. ARONOVITZ. Thank you. Good morning, Chairman Johnson, and Members of the Subcommittee. We are pleased to be here today to discuss efforts to fight fraud and abuse in the Medicare Program. As you know, while changes to Medicare are being sought to help control program costs, the Congress is concerned that billions of dollars are lost to fraudulent and wasteful claims.
Today I would like to address Medicare's fee-for-service and managed care programs, their problems, recent initiatives to address them, and several remaining concerns.
First, in Medicare's fee-for-service program, HCFA and its claims processing contractors have struggled to carry out critical claims review and provider audit activities with a declining budget. Claims have climbed 70 percent over the last 7-year period, while the amount contractors could spend on claims review shrank, in today's dollars, from 74 cents per claim to 38 cents per claim.
The effect of inadequate funding on contractors' reviews of claims has been felt. Take home health, for instance. In 1986 and 1987, contractors reviewed 62 percent of home health claims processed. By 1989, however, HCFA lowered the contractors' claims review target to 3.2 percent.
In 1996, the Health Insurance Portability and Accountability Act, also known as HIPAA, infused badly needed funds into Medicare's antifraud and abuse activities. In fiscal year 1997, the act gradually boosts the contractors' budget for program safeguard activities each year until the year 2003, after which it remains constant.
Page 58 PREV PAGE TOP OF DOC
These additional funds, however, essentially stabilize per-claim safeguard activities and expenditures at about 1996's level, and will still be only half of what was spent in 1989, in real dollars.
Another important fraud fighting effort is the 2-year multiagency project called Operation Restore Trust, which I could discuss in greater detail, if you would like, later. Notwithstanding funding issues, HCFA could improve oversight aspects of its antifraud and abuse activities.
In addition to better coordinating contractors' reviews of claims before the checks are cut, HCFA needs to be vigilant over its information management efforts. This includes its acquisition of MTS, Medicare's big new claims processing system. But even before MTS is completed, HCFA must manage several types of system conversions, one involving the consolidation of several part A and part B systems currently operating into a single system for each part; and another involving the mechanics of making digit changes in computer systems to accommodate the year 2000.
I would now like to talk a bit about Medicare's managed care and its own set of risks for taxpayers and beneficiaries. As we recently testified before the Ways and Means Subcommittee on Health, a methodological flaw in HCFA's approach to paying HMOs has produced excess payments for some plans. We are proposing a modification to HCFA's method that would improve the accuracy of the basic county rate on which the HMO payment is based. That could save hundreds of millions of dollars annually in Medicare expenditures.
A second problem is that HCFA has been lax in enforcing HMO compliance with program standards. And finally, HCFA currently does not provide beneficiaries any of the comparative information on benefits and premiums that FEHBP and many employers routinely provide their retirees. HCFA also collects a wealth of information on HMO performance that it does not package for public consumption.
Page 59 PREV PAGE TOP OF DOC
HCFA acknowledges these problems, and is working to address them. The HIPAA legislation gives HCFA more flexible sanction authority, such as suspending an HMO's right to enroll Medicare beneficiaries until deficiencies are corrected.
Also, HCFA is developing several consumer information efforts that are a small first step in helping beneficiaries compare features of competing HMOs in their areas. We have some suggestions to improve those efforts, also.
In summary, many of Medicare's vulnerabilities are inherent in its size and mission, making it a perpetually attractive target for exploitation. HCFA needs to make judicious use of HIPAA funding for program safeguards, mitigate MTS acquisition risks, and oversee information management transitions.
Also, HCFA must work to ensure that payments to HMOs better reflect the cost of beneficiaries' care, that the Agency's expanded authority to enforce HMO compliance with Federal standards is used, and that beneficiaries receive information about HMOs sufficient to make informed choices. To adequately protect taxpayers' dollars, as well as beneficiaries, HCFA needs to meet these important challenges promptly.
Thank you. Thi