License to Steal
eBook - ePub

License to Steal

Why Fraud Plagues America's Health Care System

  1. 240 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

License to Steal

Why Fraud Plagues America's Health Care System

About this book

This book brings an unusual opportunity to explore the peculiarities of America's health care industry's approach to fraud control, when compared with the financial services sector, credit card companies, or the Internal Revenue Service—all of which have to defend themselves against fraud.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access License to Steal by Malcolm K. Sparrow in PDF and/or ePUB format, as well as other popular books in Medicine & Diseases & Allergies. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Taylor & Francis
Year
2019
eBook ISBN
9780429721090
Edition
1
Topic
Medicine
Subtopic
Diseases & Allergies

Part One

Understanding the Fraud-Control Challenge

1
The Pathology of Fraud Control

Fraud control is a miserable business. Failure to detect fraud is bad news; and finding fraud is bad news too. Senior managers seldom want to hear any news about fraud, because news about fraud is never good.
Institutional denial of the scope and seriousness of fraud losses is the norm. Many interviewees explained how their own views differed from “the official position” of their organizations and how uncomfortable they felt telling what they saw as “the truth,” even to their own management. Investigators in Florida described how only recently, after years of media attention to the concentration of fraud problems in southern Florida, had it become acceptable to “speak up” during interagency meetings. Previously, they explained, if you talked honestly about the prevalence of fraud, you immediately got blamed for having failed to prevent it.
Employees closest to the work of fraud control habitually feel frustrated, unappreciated, sometimes ostracized by their own organizations, and deeply resentful of management’s deaf ears to the whole subject. As one industry consultant, James Guzzi, told me:
Senior management does not want to take the time to deal with the issue. It’s too troublesome, and with too many other things on their plate to attend to, fraud always gets pushed to the bottom. The only time they pay attention is when there’s a scandal involving them, or close to them. If they see a headline case, then they just want to know if their company was involved and whether or not they are going to be embarrassed.
Fraud-control policy tends to be scandal-driven. Management pays little attention to fraud control provided everything is quiet. They finally pay attention when scandal hits, either at home or close to home: But they pay attention for a remarkably short period and with short-term damage control as the primary motivation.
Fraud control—as a science or art—is scarcely developed and little understood. There is little instruction available from academia. And there is not much expert guidance in the field. Guiding principles or practical approaches to fraud control are almost impossible to find in any literature.
The discipline of “Managerial Accounting” gives the subject some attention but treats it as a rare subspecialty. Even specialist texts readily acknowledge the vacuum. Howard Davia (author of Management Accountant’s Guide to Fraud Discovery and Control) confesses:
There is no existing, established methodology for fraud auditing. Furthermore, there are no generally accepted fraud audit field standards, or generally available criteria that normally guide traditional auditors in the pursuit of their craft.
Why is this so? There is a lack of such methodology and standards because effective fraud auditing is generally not being practiced.1
Under the heading, “Fraud—Pernicious and Largely Ignored,” Davia describes the inevitable consequence:
We cannot overemphasize the fact that entities throughout the world do not adequately recognize the seriousness of their exposure to fraud. The result is that he or she who would commit fraud has, more or less, carte blanche to do so. All entities are at risk, but few perceive the serious gravity of that risk.
Unfortunately, even when accounting or audit textbooks tackle fraud, they deal with it almost exclusively from the point of view of defense against internal corruption (employee embezzlement), rather than from the point of view of institutions defending their payment systems against concerted criminal attacks from outside.2
So, those who commit to the task of controlling fraud throw themselves into an area that academic literature has virtually ignored,3 and where practitioners often feel isolated and abandoned. As one investigator testified to Congress: “You have to have guts…. There is no body of law or procedure, and you are… going out in an area relatively unexplored.”4

Essential Character of Fraud Control

Before turning to the particular difficulties of the health care industry, what do we know about fraud control in general? What makes fraud control—in any environment such a difficult and depressing business? Why do so many managers prefer to leave it alone? Why do organizations routinely underestimate or deny the existence of fraud? Why do organizations routinely fail to make proper investment in fraud-control apparatus?
The general pathology of fraud control needs to be understood, as backdrop, before considering the health care industry more specifically. The following seven points represent common experience in fraud control, across many different professions. They represent the core, harsh realities, which any effective approach to fraud control must confront.

What You See Is Never the Problem

Frauds can be categorized as self-revealing or non-self-revealing, depending on whether or not the fact that fraud has been committed shows up by itself some time after the commission of the offense.
Credit card fraud that involves usurping somebody else’s account is generally self-revealing: The account holder usually reports the unauthorized activity eventually, when it shows up on their monthly statement. Tax refund fraud, where the perpetrator files a return and claims a refund using another person’s identity, will also show up by itself if the real person subsequently files a return. Tax administration systems will notice the duplicate submission. Check fraud, also, usually reveals itself ultimately, provided the legitimate account holder is alive and well and paying sufficient attention to their bank statements to spot illegitimate activity.
Some fraud schemes fall between the two extremes, showing up, but showing up as something other than fraud. For example, many organized credit card frauds are based on fraudulent applications. Perpetrators obtain cards using totally fictitious names, run the cards up to their credit limit, and then discontinue use of those personal identities. From the credit card company’s point of view the “cardholder” has simply become untraceable—a common phenomenon with a variety of possible explanations. Most credit card companies classify such losses as “credit losses,” being unable to establish fraudulent intent.
But most white-collar fraud schemes do not reveal themselves. Examples include most categories of insurance fraud; bankruptcy fraud; and tax refund fraud where the perpetrator uses his own identity, or that of a non-filer. All these frauds, provided they go undetected at the time of commission, and provided they escape any post-payment audit, will remain invisible forever.
In relation to non-self-revealing frauds, therefore, you see only what you detect. Whatever fraud-control systems do not detect, no one will ever know about (although the aggregate economic impact might become apparent if the volume of fraud is sufficiently high).
The danger, of course, is that organizations vulnerable to fraud lull themselves into a false sense of security by imagining that their “caseload” (i.e., what they detect) reflects the scope and nature of fraud being perpetrated against them. Often it represents only a tiny fraction, and a biased sample, of the frauds being perpetrated. A 1980 study of white-collar crime expressed this basic truth. “Conceptually and empirically, the records of individual events themselves are products of socially organized means of perceiving, defining, evaluating, recording and organizing information.”5 In plainer language: the number and type of fraud schemes that become visible depends as much upon the effectiveness and biases of the detection systems as upon the underlying patterns of fraud.
Detection rates for non-self-revealing fraud types are usually extremely low, typically ranging from a high of 10 percent all the way down to zero. Some organizations simply have no idea they are vulnerable to fraud at all. Seeing no problem, they create no detection apparatus. Having no detection apparatus, they see no problem. Thus some organizations remain completely oblivious to the truth about fraud losses until some outside source surprises them by showing them what they lost.
Other organizations see a problem, but make the serious mistake of allowing the performance of their detection systems (often exceedingly poor) to shape their understanding of the problem and their sense of its magnitude. The inevitable consequence, with extremely serious long-term effect, is that they allow what they see to determine the level of resources allocated to fraud control or prevention. Quite naturally, everyone focuses on the visible part of the fraud problem. The real battle in fraud control is always over the invisible part.

Available Performance Indicators Are All Ambiguous

Nearly every available statistic in a fraud-control environment is ambiguous—at best, ambiguous; at worst, perverse and misleading.
If the amount of detected fraud increases, that can mean one of two things: Either the detection apparatus improved, or the underlying incidence of fraud increased. Few organizations can tell for sure which, or how much of each, is happening. The resulting ambiguity pervades much fraud-control reporting, as noted by Larry Morey (deputy inspector general for investigations, Office of Inspector General, HHS) testifying to Congress in 1993:
Fraud is invisible until detected. Because of that fact, it is extremely difficult to estimate the total monetary loss as a result of fraud in the health care industry. While we cannot assign a dollar figure to the monetary loss to the Medicare and Medicaid programs as a result of fraud, we can tell you that we have noticed a dramatic inσease in our investigative workload. This is caused, in part, by the ever expanding size of these programs. The increase in administrative and prosecutable authorities that the Congress has enacted is also a contributing factor. Finally, there may also be an increase in fraud in absolute terms.6
One private insurer, the Travelers, had observed steady increases in their levels of detected fraud from 1987 through 1990. Unable to tell whether this meant more fraud or better detection, they used an interesting technique to try to separate the two factors.7 They carefully recreated the old set of detection tools (i.e., as of 1987) and then passed a subset of each subsequent year’s claims through that same set of controls.8 Having eliminated improved detection from the experiment, they still observed a 14 percent increase each successive year. Hence they concluded that the level of fraudulent claims being submitted was actually increasing, even in areas for which defenses had been in place for some time. Without such careful analysis, it generally remains impossible to say whether an increase in detected fraud is good news or bad news.9
Many other quantitative measures of fraud control success are ambiguous too. Reactive successes can equally be viewed as preventative failures. Some organizations boast of “record recoveries”; others say they prefer to stop the fraud up front and regard chasing monetary recovery after the fact as a poor second best to prevention. Some organizations emphasize prevention simply to avoid having to admit that their detection systems are ineffective. In fact, if detection systems detect next to nothing, one can always claim preventative success.
The introduction of fingerprinting as a welfare-fraud control in New York State serves as a case in point. New York City and thirty-seven other counties in the state implemented a fingerprint system for welfare recipients, designed to detect “double dipping”—claiming the benefit multiple times using multiple identities—by recipients of home relief. In the summer of 1995, during the first two months of the operation, the system only identified 43 cases out of 148,502 claimants. The New York Times reported the story under the headline “Welfare Fingerprinting Finds Most People Are Telling the Truth.”10 But there are two quite plausible explanations for the unexpectedly low number of cases—one of which suggests the system accomplished its goal, whereas the other suggests the system was a waste of money. “While the Giulini administration hailed the low number of double dippers as proof that fingerprinting was scaring off cheats, advocates for the poor said the results showed that welfare fraud was an overblown issue.” The Giulini administration, which had introduced the measure as part of a more comprehensive crackdown on welfare fraud, pointed to the fact that the number of claimants of home relief had dropped by 30,000 since January 1995 as a result of tougher investigative procedures and the institution of a work requirement.
The article raises the question, unanswerable without much more serious analysis, “Did the creation of a system to fight fraud stop it? Or was there little to begin with?”11 Either way, the administration will have trouble maintaining a budget for a fingerprint system that prevents fraud but does not detect much, because nobody can say for sure what a preventive system does or does not accomplish.
To complicate things further: Fraud controls usually come in a sequence of phases or stages. The phases of fraud control typically parallel various phases of the claims-processing operation. Detection successes late in the sequence often represent failure at earlier points in the process.
For example, auditors at one Medicaid fraud control unit (MFCU) described what could be called “last-ditch controls,” just before checks were sent out. Following the entire claims adjudication process, a magnetic tape was sent over to the state controller’s office to generate the weekly payments to providers. Two employees within the controller’s office took the trouble to examine the “big checks” and identify providers or services that appeared problematic. The auditors reported that these two employees typically saved the state “between 30 and 60 million dollars each year” and suggested that 30 to 60 million dollars per year, as an error rate, reflected “surprisingly accurate payment for a $15 billion program.”
Well, that is one way of looking at it. But when you realize that two employees (maybe costing the state a total of $100,000 per year each) are saving up to $60 million per year, one has to ask how much ten employees would save? With a savings-to-cost ratio exceeding 150:1, it would seem wise to invest additional resources.
The ratio of direct dollar savings to cost, for virtually all fraud-control activities, normally ranges from a low of 2:1, to a high of 50:1 or 80:1. Savings-to-cost ratios are frequently used as a method of justifying the budgets for fraud control expenditures. In calculating the “savings” companies typically combine prepayment savings with post-payment recoveries. (The indirect and unmeasurable deterrent effects are never included in the calculation.) Of course these ratios, as measures of fraud-control effectiveness, are ambiguous too. Higher ratios may reflect unusually effective operations or the existence of huge, untapped reservoirs of fraud.
One hundred fifty to 1 is unusually high, though. To find that kind of return so late in the process suggests serious weaknesses earlier in the process. The existence of such rich pickings so late in the day should surely lead officials to question the adequacy of prior controls. Still, when it comes to saving 30 or 60 million dollars of taxpayers’ money, better late than never!
Thirty million dollars is indeed a small fraction (0.2%) of a $15 billion program. If $30 million was really all of the fraud left at this last stage of the process, then...

Table of contents

  1. Cover
  2. Half Title
  3. Title
  4. Copyright
  5. Contents
  6. Foreword
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. PART ONE Understanding the Fraud-Control Challenge
  11. PART TWO Current Developments
  12. PART THREE Prescription for Progress
  13. Conclusion
  14. Appendix
  15. Notes
  16. About the Book and Author
  17. Index