State unemployment agencies have been overwhelmed with Unemployment Insurance (UI) claims since the start of the COVID-19 pandemic and subsequent economic shut down, leading to unprecedented opportunities for UI fraud. This creates a difficult balancing act for state agencies that must pay benefits quickly to those in need while preventing and investigating potentially fraudulent claims.
Unfortunately, the surge hit while states are understaffed and saddled with outdated technology. Unable to keep up with the swell, many states slowed down or stopped benefit payments altogether due to the high volume of suspect claims. Given this tremendous challenge, agencies striving to combat UI fraud should consider a three-phased approach:
Triage current backlog of suspended claims
Implement a real-time fraud mitigation strategy
Review existing claims for authenticity
At its height in April, as the COVID-19 pandemic was taking hold, the national unemployment rate was over 30%, though it has slowly eased as the economy initially began to reopen in May. The unemployment rate sits at 10.2% as of July, representing 16.3 million unemployed persons in the US, according to the Bureau of Labor Statistics.
In May, the Washington State Employment Security Department reported a significant increase in “imposter fraud,” where a stolen identity is used to apply for unemployment benefits. A well-organized Nigerian fraud ring hit multiple states, though according to the Secret Service, Washington State appears to have been the primary target.
The state may have paid out between $550 million and $650 million in fraudulent claims; so far, it’s recovered about $333 million, according to Employment Security Department Commissioner Suzi LeVine. After implementing fraud controls, Washington State unemployment filings dropped 36%.
While organized crime accounts for a portion, most fraudulent claims are instead from individuals who see UI as an opportunity for free money, taken at the expense of claimants who are actually eligible for benefits. In June, the Maine State Department of Labor cancelled 6,500 unemployment insurance claims and 11,500 weekly certifications suspected of being fraudulent. The state reported $13 million in benefits (filed by 2,200 individuals) was cancelled having been cited as fraudulent.
Although the unemployment rate is improving, seasonally adjusted weekly, initial UI claims still came in at 1.18 million the first week of August, per the Department of Labor. That same week, the Ohio Department of Job and Family Services put nearly 270,000 unemployment insurance claims on hold due to multiple indications of fraud. Clearly, the risk is not going away.
Unfortunately, this huge jump in UI claims, coupled with states’ urgent response to get benefits paid quickly, opened the door to unprecedented UI fraud. Previous data breaches, phishing scams and account takeover tactics provided the backdrop for rampant, identity-based fraudulent activity. Even as new claim rates start to normalize, states struggle to sift through millions of backlogged UI claims to determine legitimate from fraudulent while new claims continue to be filed.
Organizations administering state unemployment insurance benefits have a complex task administering a critical lifeline to those most in need. Delays in claim processing could result in a family being unable to provide food, shelter or clothing during a precarious time. Understanding UI claimants often represent individuals without a traditional consumer footprint, validating claimants’ identities, authenticating claims and ensuring ongoing benefits is challenging even under normal circumstances.
During the current economic crisis, the sheer number of claims has simply been overwhelming. Antiquated technology and unprecedented UI fraud has slowed agencies’ abilities to do their jobs. In order to regain control and restore these critical benefits, agencies should consider applying fraud prevention strategies and techniques using a phased, risk-based approach.
The first step is clearing the backlog of existing UI claims already put into a hold status due to suspicion of fraud. Attributes from these claims should be evaluated using a range of analytic processes to highlight and refine cases warranting deeper forensic insights. These insights are driven by additional datasets and capabilities unavailable to workforce agencies which otherwise only have access to internally-derived information.
Risky email and IP addresses, known and suspected suspicious mailing addresses, misused (or reused) Social Security numbers and synthetic fraud risks are among the conditions evaluated by external data and insight partners. Assessing these claims offline or via batch is a low-impact approach that allows state workforce agencies to continue with real-time claim support.
The next step is stopping new fraudulent claims from entering the UI system. Informed by fraud tactics identified in Phase 1, along with industry best practices, state workforce agencies need to implement real-time fraud evaluations. A smooth customer experience is important, and risk-based fraud mitigation solutions create a “friction-right” flow, escalating rigor appropriate to the risk presented.
This risk-based approach must employ a comprehensive understanding of claimants through a multilayered strategy. Risks can be determined in real time by evaluating physical identity elements and digital device configuration and reputation, and contextualizing the behavior of both device and identity elements. Additional friction should be applied in real time based off the combined risk of a claim — requiring a claimant to prove they are who they say they are (one-time passcode vs. ID card verification).
After assessing known fraudulent claims and preventing new fraud from entering the UI system, workforce agencies should review their entire existing population. Using lessons learned from both Phase 1 and 2, along with new insights as they become available, agencies should conduct recurring review of their population.
New (or newly identified) risks can be mitigated in real time as a claimant interacts with the system on a weekly basis. For example, higher-risk users can be asked to conduct a new identity verification transaction upon their next login.
The economic fallout attributed to COVID-19 will continue to demand higher than normal UI claims, particularly as government recovery loan programs expire. Now is the time to make sure administrators implement the fraud protection needed to stop abuse from sapping limited benefit resources. The task of winnowing existing fraudulent claims from legitimate claims while preventing new fraud from entering the system may seem daunting. By adopting a three-phased approach to identify UI claims fraud, administrators have the ability to efficiently serve constituents while mitigating abuse.