In its most recent tally of improper payments, the Government Accountability Office (GAO) reported federal government agencies paid more than $135 billion incorrectly. If you add up the annual numbers since 2004, the total exceeds $1 trillion. Not all of those improper payments were fraud, but some certainly were. And we can do more to prevent them. 

The words waste, fraud, and abuse are often used, but just as often misunderstood. Waste typically refers to improper payments that are unintentional, often resulting in the mistaken diversion of resources away from their intended beneficiary. Abuse generally includes payments for services that are not necessary, which often results in unnecessary costs. Fraud is an intentional deception or misrepresentation, often including things like identity theft, financial kickbacks, or improper billing for services or items not provided. Collectively, these threats often impact the financial, operational, and reputational facets of an organization.

It’s hard to measure the extent of fraud committed against government agencies. A good proxy, however, is to assess the risk of fraud. In 2014, the Social Security Administration (SSA) undertook an independent programmatic fraud risk assessment. The objectives of the SSA Fraud Risk assessment included the evaluation of existing disability and authentication fraud risks, an evaluation of existing anti-fraud activities and the identification of potential gaps and weaknesses in existing and/or proposed anti-fraud measures. Not surprisingly, the review uncovered weaknesses that substantiated the existence of known fraud risk.

The SSA Fraud Risk assessment resulted in three primary recommendations: (1) improve recording keeping; (2) employ a more risk based approach to combating fraud; and (3) find a more dependable source of mandatory program integrity funding. Implementation of a strategic fraud risk management program with a focus on a proactive and preventive approach to mitigating exposure to fraud risks will go a long way toward minimizing fraud risk at Social Security.

To address similar risks across government and more aggressively combat fraud, GAO last year recommended that agencies consider adopting an even more ambitious “Framework for Managing Fraud Risks.” If implemented correctly, this framework can help federal managers “combat fraud and preserve integrity in government agencies and programs.”

The GAO’s framework concisely outlines the objective of fraud risk management: ensuring program integrity by continuously and strategically mitigating the likelihood and impact of fraud. According to GAO, effective fraud risk management has three objectives: prevent, detect, and respond. GAO’s Fraud Risk Management Framework hinges on four key elements:  leadership commitment, regular assessments of risks, effective design and implementation of mitigation activities, and risk-based evaluation of outcomes.

What GAO recommends is a simple, elegant approach to tackling a longstanding weakness in federal programs. Executive leadership must communicate the importance of governance, internal control, and transparency to all employees, managers, and pertinent stakeholders. Regular fraud risk assessments should be tailored for individual agencies and programs due to the inherent uniqueness of risks themselves. Once risks are identified, management must design and implement the proper level of controls needed to mitigate risk of fraud. Finally, agencies must have in place a process for evaluating the outcomes of the program for managing fraud risk.

Government agencies must balance their missions with the need for oversight and risk assessment. The desire for prompt payment may invite risks of payment inaccuracy, including increased risk of fraud. Even within the most robust of fraud prevention programs, an oversight team cannot unilaterally reduce the risk of fraud; this takes a collaborative effort between an integrated team of providers, administrative staff, contractors, program offices, government oversight organizations, and other agencies. Such relationships foster a culture of fraud risk management, and can be further bolstered by analytics that prevent improper payments, rather than paying first with the hopes of recovery later.

The Partnership for Public Service, in collaboration with Grant Thornton, hosted a meeting of officials from the Executive and Legislative branches, as well as from the private sector, to discuss the prospects for adoption of the GAO’s framework. It was agreed the return on investment in adoption of such a framework would be high. In fact, Congress is currently considering legislation, the Fraud Reduction and Data Analytics Act (H.R. 4180 in the House; S. 2133 in the Senate), which would require the Office of Management and Budget and agencies to establish guidelines for the adoption of the Fraud Risk Management principles outlined in the GAO Framework. If agencies don’t do it, the legislative representatives seemed to say, Congress may have to require it. And that might be a good thing. The alternative? Continued erosion of the public’s perception of government programs, and continued, unnecessary waste of taxpayer dollars to criminal abuse.

Wallig is a principal with Grant Thornton Public Sector, leading the governance, risk and compliance practice. He has more than 20 years of consulting experience in both the public and private sectors.