Expedited Assistance for Victims of Hurricanes Katrina and Rita
FEMA's Control Weaknesses Exposed the Government to Significant Fraud and Abuse Gao ID: GAO-06-655 June 16, 2006In the wake of Hurricanes Katrina and Rita, the Federal Emergency Management Agency (FEMA) faced the challenge of providing assistance quickly while having sufficient controls to provide assurance that benefits were paid only to those eligible under the Individuals and Households Program (IHP). On February 13, 2006, GAO testified on the initial results of its ongoing work related to whether (1) controls are in place and operating effectively to limit assistance to qualified applicants, (2) indications exist of fraud and abuse in the application for and receipt of assistance payments, and (3) controls are in place and operating effectively over debit cards to prevent duplicate payments and improper usage.
GAO identified significant flaws in the process for registering disaster victims that leave the federal government vulnerable to fraud and abuse of expedited assistance (EA) payments. For Internet applications, limited automated controls were in place to verify a registrant's identity. However, there was no independent verification of the identity of those who applied for disaster assistance via the telephone. GAO demonstrated the vulnerability inherent in the call-in applications by using falsified identities, bogus addresses, and fabricated disaster stories to register for IHP. FEMA's automated system frequently identified potentially fraudulent registrations, such as multiple registrations with identical social security numbers (SSN) but different addresses. However, the manual process used to review these flagged applications did not prevent EA and other payments from being issued. Other control weaknesses include the lack of any validation of damaged property addresses for both Internet and telephone registrations. Given these weak or nonexistent controls, it is not surprising that GAO's data mining and investigations showed substantial potential for fraud and abuse of EA. Thousands of registrants misused IHP by applying for assistance using SSNs that were never issued or belonged to deceased or other individuals. GAO's case study investigations of several hundred registrations also indicate the use of bogus damaged property addresses. Visits to over 200 of these damaged properties in Texas and Louisiana showed that at least 80 of these addresses were bogus--including vacant lots and nonexistent apartments. FEMA also made duplicate EA payments to about 5,000 of the nearly 11,000 debit card recipients--once through the distribution of debit cards and again by check or electronic funds transfer. In addition, while debit cards were used predominantly to obtain cash, food, clothing, and personal necessities, a small number were used for adult entertainment, bail bond services, and weapons purchase, which do not appear to be items or services required to satisfy disaster-related needs.
RecommendationsOur recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director: Team: Phone: