Your Role in Preventing Fraud and Abuse Dr. Linda Wilbanks Chief Information Security Officer U.S. Department of Education - PowerPoint PPT Presentation


PPT – Your Role in Preventing Fraud and Abuse Dr. Linda Wilbanks Chief Information Security Officer U.S. Department of Education PowerPoint presentation | free to download - id: 47027d-ZjMxN


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Your Role in Preventing Fraud and Abuse Dr. Linda Wilbanks Chief Information Security Officer U.S. Department of Education


Your Role in Preventing Fraud and Abuse Dr. Linda Wilbanks ... single student Fraud Rings Occupational fraud Social engineering FSA Focus Financial Fraud! – PowerPoint PPT presentation

Number of Views:276
Avg rating:3.0/5.0
Slides: 53
Provided by: Auth54
Learn more at:


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Your Role in Preventing Fraud and Abuse Dr. Linda Wilbanks Chief Information Security Officer U.S. Department of Education

Your Role in Preventing Fraud and AbuseDr.
Linda WilbanksChief Information Security
OfficerU.S. Department of Education
  • Introduction
  • Defining Fraud
  • Sources of Fraud
  • Identify losses relating to Fraud
  • Reporting Fraud
  • Preventing and Deterring Fraud
  • Resources
  • Cyber Crime terminology

  • Despite efforts to minimize fraud, student
    financial aid fraud is a "rapidly growing
    problem," according to the Semi-Annual Report to
    Congress 66, October 1, 2012 March 31, 2013
    from the U.S. Department of Education's Office of
    Inspector General.
  • The inspector general estimates that, between
    2009 and 2012, federal student aid fraud
    increased 82.
  • For that time period, the OIG identified more
    than 85,000 federal aid recipients who may have
    participated in fraud ring activity. The
    education agency believes these students may have
    illegally received more than 187 million in
    federal student aid.

Fraud Defined
  • An intentional distortion of the truth in an
    attempt to obtain something of value. Does not
    have to result in monetary loss.
  • Laymans terms
  • Lying, cheating, and/or stealing.

This is REALLY Happening
Sept. 18, 2012 - 21 individuals have been
indicted for participating in Federal student aid
fraud schemes that preyed on at least 15 schools
across California. The indictments are a result
of EDs Office of Inspector Generals (OIG)
criminal investigations aimed at shutting down
student aid fraud ringsgroups of criminals
that seek to exploit distance education programs
to fraudulently obtain federal student aid. The
defendants allegedly fraudulently obtained more
than 770,000 in federal student aid.   The U.S.
Attorneys Office provided summaries of the seven
schemes, which include a fraud ring that not only
relied on participating family and friends, but
also allegedly used stolen personal identifiers
of individuals with disabilities to fraudulently
obtain more than 285,000 in federal student aid
and grants.  Leaders of another ring allegedly
recruited more than 50 straw students including
prison inmatesto fraudulently receive 200,000
in student aid.   
Types of Fraud
  • Title IV fraud single student
  • Fraud Rings
  • Occupational fraud
  • Social engineering

FSA Focus Financial Fraud!
Fraud Rings
Who Commits Fraud Involving Education Funds?
  • School employees, officials, owners, financial
    managers, and instructors
  • Lenders and lender servicers
  • Guarantee Agencies
  • Award recipients
  • Grantees and contractors
  • ED employees
  • Others

Examples of Title IV Fraud Schemes
  • FAFSA fraud enrollment
  • Falsification of entrance exams
  • Falsification of GEDs/HS Diplomas
  • Falsification of attendance
  • Falsification of grades
  • Failure to make refunds
  • Ghost students
  • Leasing of eligibility
  • Loan theft/forgeries
  • Fraud/theft by school employees
  • Default rate fraud
  • 90/10 rule
  • Financial statement falsification
  • Falsified last date of attendance
  • Obstruction of a federal audit or program review

Title IV Fraud Schemes Related to Students or
Other Individuals
  • FAFSA Fraud
  • Social Security Number
  • Alien Registration Status
  • Dependency Status
  • Income and Assets
  • Number of Family Members in College
  • Falsification of GEDs/HS Diplomas
  • Intent to attend
  • Intent to repay
  • Identity Theft
  • Distance Fraud Schemes
  • Fraud Rings (Distance Fraud is not only
    perpetrated by rings it is many types committed
    by individual(s) or schools)

Title IV Fraud Schemes Related to Schools
  • Ghost students
  • Leasing of eligibility
  • Default rate fraud
  • 90/10 Rule manipulation scheme
  • Financial statement falsification
  • Falsified last date of attendance
  • Obstruction of a federal audit or program
  • Fraud/Theft by School Employees
  • FAFSA fraud- enrollment
  • Falsification of GEDs/HS Diplomas
  • Falsification of attendance and Satisfactory
    Academic Progress
  • Falsification of grades
  • Failure to make refunds Loan theft/ forgeries
  • Fraud Rings

Individual Fraud
Non- Students
School Personnel
Example Fraud!
When Sussette Sheree Timmons, of Dallas, enrolled
in several online colleges, she had no intention
of becoming educated, federal authorities said.
Timmons, 30, instead kept the financial aid she
applied for and withdrew from the colleges and
universities, which offered distance learning
programs on the Internet, the U.S. attorneys
office said. She was indicted Tuesday on six
counts of financial aid fraud. The indictment
said Timmons received financial aid from the
following schools New Mexico State University
Western New Mexico University Ashford
University Northern New Mexico College Coconino
Community College and Pima Community
College. She enrolled in classes at the schools
and the awarded financial aid was applied to her
tuition and fees, the U.S. attorneys office
said. She did not complete any of the classes
for which she enrolled, and she did not intend to
pursue an education at the schools. Timmons also
received checks that she cashed, although she had
no plans to use it for educational expenses,
according to the indictment. When the schools
asked her for the money back, she refused.
Timmons even appealed when one of the schools
suspended her financial aid in 2011. That school
rejected her appeal, stating that she had
withdrawn from 13 colleges or universities since
2009, federal authorities said. If convicted of
all counts, Timmons faces up to 30 years in
prison and a maximum fine of 1.5 million. The
U.S. Department of Education Office of Inspector
General investigated the case.
Source news releases
Fraud Rings
Fraud Rings
Benjamin Franklin
There is no kind of dishonesty into which
otherwise good people more easily and frequently
fall than that of defrauding the government.
Profile of an Occupational Fraudster
  • The Perpetrators Department
  • Fraud offenders were most likely to be found in
    one of six departments
  • Accounting (22)
  • Operations (17)
  • Sales (13)
  • Executive/upper management (12)
  • Customer service (7)
  • Purchasing (6)

Profile of a Fraudster
  • The most common behavioral red flags displayed by
  • Living beyond ones means
  • Experiencing financial difficulties
  • Unusually close association with vendor/customer
  • Control issues unwillingness to share duties
  • Wheeler-dealer attitude
  • Divorce/family problems
  • Irritability, suspiciousness or defensiveness
  • Addiction problems
  • Refusal to take vacations

Cresseys Fraud Triangle Theory
Why People Commit Fraud
  • Weak controls
  • Little or no oversight
  • Lax rules
  • Debt
  • Addictions
  • Status

Perceived Pressure
Fraud Triangle
  • Everyone does it
  • I was only borrowing the money
  • I was underpaid and deserve it

Fraud Indicators
  • One person in control
  • No separation of duties
  • High turnover of personnel
  • Unexplained entries in records
  • Unusually large amounts of payments for cash
  • Inadequate or missing documentation
  • Altered records (white-out, copies of documents,
  • Non-serial number transactions
  • Inventories and financial records not reconciled
  • Lack of internal controls/ignoring controls
  • Repeat audit findings
  • Unauthorized transactions

Office Manager Fraud
NEW BRUNSWICK, N.J. - After an office manager for
New Jersey City University admitted embezzling
486,000 in student funds three years ago, the
U.S. Department of Education began auditing the
use of all federal money by the state college. It
soon discovered that 608,766 in federally
subsidized loans and grant money had been
improperly awarded by the school - in some cases
to students who flunked out or never showed up to
class, making them ineligible for financial
assistance. An examination of federal Department
of Education records by The Star-Ledger of Newark
shows that NJCU was not the only state college in
New Jersey cited for giving too much money to
students who were either ineligible for the aid
or whose financial need was overestimated. Those
records show at least three universities are on
the hook for 868,000 in improperly awarded loans
or grants - or in some cases, undercutting
student wages paid under federally subsidized
work-study programs. The schools - Kean
University in Union Township, Rutgers University,
and New Jersey City University in Jersey City -
did not contest the findings and either repaid
the financial aid money, or are currently paying
it off over time. No students were
penalized. According to the audits, Kean owed
255,920 in aid inappropriately awarded between
2001 and 2003. Unlike the audit at New Jersey
City University, the review at Kean was not
sparked by any warning bells. A spokeswoman for
the U.S. Department of Education said it
typically conducts program reviews of schools
every five years.
Social Engineering
  • Social Engineering is the art of prying
    information out of someone else to obtain access
    or gain important details about a particular
    system through the use of deception.

Social Engineering Loss of PII
Personally Identifiable Information (PII)
  • PII is information that can be used to
    distinguish a persons identity, e.g., name,
    social security number, biometric data, etc.,
    alone, or when combined with other personal data,
    linked or linkable to a specific person, such as
    date and place of birth, mothers maiden name,
  • Some PII is always sensitive and requires a high
    level of protection because of the substantial
    harm to an individual that could occur if it were
    wrongfully disclosed.
  • The level of protection should reflect the
    sensitivity of the data data that is determined
    by the owner to be of high value or that
    represents a high risk to the individual if it
    were wrongfully disclosed requires increased

OMB Memorandum M-07-16, Safeguarding Against and
Responding to the Breach of Personally
Identifiable Information, May 22, 2007
Common Identity Theft Practices
  • Obtain or take over financial accounts
  • Take out loans for large purchases
  • Open new lines of credit
  • Sign lease agreements
  • Establish services with utility companies
  • Write fraudulent checks
  • Purchase goods and services on the Internet

Stolen PII for Fraud
Who is Responsible for Reporting Fraud?
  • Everyone who deals with Federal Student Aid
    funding has a responsibility to help control

OIG Sources of Allegations
  • OIG Hotline 1-800-MIS-USED
  • ED Program Offices
  • School Employees and Officials
  • Guarantee Agencies
  • Citizens and Students
  • Competing Vendors/Schools
  • Other Federal Agencies
  • U.S. Attorneys Offices
  • Other ED OIG Investigations
  • Federal Bureau of Investigation
  • State and Local Education Agencies

Is Your System a Victim?
  • Yes? Maybe? Not Sure?
  • Immediate reporting is necessary!
  • Have the facts
  • Why you think there is an issue
  • Date/Time of the Incident
  • System information
  • Location
  • Type and Purpose of the System
  • Point of Contact
  • Actions all ready taken

Examples of What to Report
  • Compromise of systems privileges
  • Compromise of information protected by law
  • Unauthorized access of IT systems or data
  • Exceeding authorized access
  • Denial of service of major IT resources
  • Malicious destruction or modification of

Examples of What to Report
  • Applicable to students/schools
  • Abuse of professional judgment
  • Coaching students when filling out the FAFSA
  • Altering attendance records

How You Can Help
  • Ensure that staff receive necessary training
  • Review documents thoroughly
  • Question documents/Verify authenticity
  • Request additional information from the vendors
    or administration
  • Compare information on different documents
  • Contact ED-OIG
  • A Guide to Grant Oversight and Best Practices for
    Combating Grant Fraud http//
    cial/s0902a/ final.pdf

Why Report Fraud?
  • Ethical responsibility
  • Statutory and regulatory requirements
  • To deter others from committing fraud and abuse
  • To protect the integrity of the Title IV Programs
  • To avoid being part of a fraud scheme
  • To avoid administrative action
  • To avoid civil penalties
  • To avoid criminal prosecution
  • To protect the childrens future

Dont Try To Investigate Suspicious Activity
Yourself! You may have the missing piece of the
puzzle needed!
FSA Preventing/Deterring Fraud
  • Fraud prevention involves actions taken to
    discourage the commission of fraud and limit
    fraud exposure when it occurs
  • The principal mechanism for preventing fraud is
    to ensure an appropriate control environment
  • Primary responsibility for establishing and
    maintaining internal control should rest with
  • Each of us at FSA has a fiduciary responsibility
    to assist in preventing fraud

Fraud Prevention Education
  • Government workers must be trained in the
    required duties of the position. This helps to
    safeguard the assets of the organization by
    having knowledgeable staff that can spot unusual
    or red flag transactions
  • Administrators must be trained to recognize
    potential fraud by coworkers and to student
  • Students must be trained to keep their
    information secure and to identify when their
    financial information may have been accessed
  • Organizations with anti-fraud training programs
    experience lower losses and shorter durations

Deterrence -Schools/FSA/State/Federal
  • Proactive Fraud Prevention - Audits
  • Proactive internal audit/review policies are
    generated from the top of the operation involved
  • A proactive policy simply means that internal
    auditors/reviewers will aggressively seek out
    inappropriate conduct, instead of waiting for
    instances to come to their attention during
    normal audits (external)

Actions to Defer Fraud
  • Formal policies addressing fraud
  • Targeted Fraud Awareness Training (research shows
    lower losses shorter durations)
  • Effective Internal Controls (as opposed to lack
    of internal controls and the ability to override
    existing controls)
  • Management Review
  • Competent personnel in oversight roles
  • Independent checks/audits
  • Clear lines of authority
  • IT Controls (Access Controls, etc.)
  • Ethics Policy
  • Tone at the Top (employees will be more likely to
    act unethically if management does)
  • Putting controls in place to minimize fraud
    before it can occur

Identity Theft Prevention
  • Properly handle documents
  • Shred sensitive information
  • Use key identifiers instead of the SSN
  • Password protect sensitive information
  • Audit access
  • Review access privileges
  • Verify who you are talking to

Avoiding Identity Theft
  • Dont carry your SSN card with you!
  • Request a drivers license number
  • Shred sensitive information
  • Only carry what you use
  • Photo copy all cards in your wallet
  • Select hard to guess PINs and passwords
  • Dont leave mail sitting in an unprotected box
  • Dont give out private information over the phone
  • Order your credit reports
  • Use caution when providing ANY sensitive
  • Verify your personal computer has strong and
    updated computer anti-virus protection and your
    network provider is secure

FSA Two-Factor Authentication (TFA)
  • Objective prevent unauthorized access which can
    result in stolen information
  • Physical tokens issued to be used with passwords
    to provide two-factor sign on
  • Privileged Users - (schools and financial
    institutions) access PII data on FSA systems
  • Over 57,535 privileged user accounts are TFA
  • The privileged user population includes
  • Department of Education employees and contractors
  • Postsecondary School financial aid staff
  • Guaranty Agencies
  • Servicers, Private Collection Agencies, and
  • Call Center staff
  • Non-Privileged Users - Aid Recipients
  • Next Step
  • Developing migration strategy from key fob token
    to soft tokens, leveragingsmart phone
    technology, will support privileged and
    non-privileged users

OIG Fraud Rings
Since 2010, OIG has highlighted the vulnerability
of distance education programs to fraud and
abuse, including releasing a report on fraud
rings in September 2011.   OIG investigations
into student loan fraud rings have grown
substantially over the last few years. In 2005,
the OIG opened 16 distance education fraud ring
investigations in 2012, that figure grew to
119. To date, more than 300 people have been
indicted for participating in fraud
rings.    "The bottom line is scams like this
steal money from hardworking taxpayers and
legitimate students and that is unacceptable,"
continued Tighe. "OIG is committed to fighting
student financial aid fraud and we will continue
to aggressively pursue those that participate in
these types of crimes."
Office of the Inspector General - OIG
  • Red Flags to Investigators
  • Vices such as substance abuse and gambling.
  • Extravagant purchases or lifestyle.
  • Lack of documents (the big flood destroyed)
  • Common Addresses (mailing, e-mail, and IP)
  • Pin number and password information the same.
  • Personal information that does not fit the norm.
  • Bank information that is the same.

FSA Potential Fraud Ring Identification
  • Statistical model
  • Utilizes a combination of application data
  • Identifies indicators of potential fraud
  • Utilizes weighting for total score
  • Identifying factor examples
  • Utilize e-mail address and IP address information
  • Received Pell Grant funding from multiple
    institutions over short period of time
  • Received Pell Grant funding from more than two
    institutions in same award period

FSA Fraud Ring Identification(cont.)
Uses Fraud Potential Algorithm Based on Fraud
indicators such as times same phone number
used Indicator 1 x assigned weight Indicator
2 x assigned weight Indicator 3 x assigned
weight . Fraud Risk Level Red Orange Yellow
Fraud Ring Identification (cont.)
Identify Fraud patterns Use rule based filter,
set of qualifying determinants Identify those who
meet minimum thresholds for fraud
patterns Distance Education high vulnerability,
all aspects online (administration, aid,
instruction) Easier for criminal to assume
identities, students never present in person at
any time FSA FY13-14 Application process Require
at risk students to present proof of identify in
person or through notary public
Students at Risk for Fraud
  • Identify applicants, based on statistical risk
    model, attempting to obtain student aid funds
    fraudulently or without serious educational
  • Require to
  • Present themselves in person with government ID
  • Execute Statement of Educational Purpose with
    school official or notary public
  • Those with unusual enrollment history
  • Require institution to determine if prior
    academic record support serious academic intent

Perception of Detection
  • Controls with the greatest associated reduction
    in fraud are those credited with increasing the
    perpetrators perception of detection
  • Fraud awareness programs
  • Job rotation and mandatory vacation policies
  • Rewards for whistleblowers
  • Surprise (INTERNAL) audits detected frauds more
    than twice as quickly as organizations lacking
    such controls

Cost for Data Loss
  • Investigations average 300 per user impacted
  • FSA hosts at least 80 million records
  • 1 of those records were leaked
  • Financial exposure would be approximately 240
  • ? reduction in funds for student aid

  • Fraud cannot be totally prevented
  • Fraud prevention is less expensive and more
    effective than detection
  • Fraud prevention starts with being informed!!
  • Fraud prevention, detection, and reporting is
    EVERYONEs responsibility!

Additional Resources
  • Find more information about preventing and
    detecting fraud at the following websites
  • The Association of Certified Fraud Examiners
  • The Federal Bureau of Investigation (
  • The National White Collar Crime Center
  • U.S. Government Accountability Office
  • Internal Revenue Service (
  • Department of Education Office of the Inspector
    General (http//

Cyber Crime Terminology
  • Malware - malicious software used or created to
    disrupt computer operation, gather sensitive
    information, or gain access to private computer
    systems. It can appear in the form of code,
    scripts, active content, and other software.
    'Malware' is a general term used to refer to a
    variety of forms of hostile or intrusive
    software. Malware includes computer viruses,
    worms, trojan horses, spyware, adware, and other
    malicious programs.
  • Computer worm - standalone malware that
    replicates itself in order to spread to other
    computers. Often, it uses a computer network to
    spread itself, relying on security failures on
    the target computer to access it. Unlike a
    computer virus, it does not need to attach itself
    to an existing program. Worms almost always cause
    at least some harm to the network, even if only
    by consuming bandwidth, whereas viruses almost
    always corrupt or modify files on a targeted
  • Trojan horse - a type of malware that masquerades
    as a legitimate file or helpful program but whose
    real purpose is to grant a hacker unauthorized
    access to a computer. Trojans do not attempt to
    inject themselves into other files like a
    computer virus. Trojan horses may steal
    information, or harm their host computer systems.
    Trojans may used downloads or install via online
    games or internet-driven applications in order to
    reach target computers.

Cyber Crime Terminology (cont.)
  • Spyware is a type of malware installed on
    computers that collects information about users
    without their knowledge. The presence of spyware
    is typically hidden from the user and can be
    difficult to detect. Spyware can collect almost
    any type of data, including personal information,
    internet surfing habits, user logins, and bank or
    credit account information.
  • Adware or advertising-supported software -any
    software package which automatically renders
    advertisements. These advertisements can be in
    the form of a pop-up. The object of the Adware is
    to generate revenue for its author. Adware, by
    itself, is harmless.