[House Hearing, 105 Congress]
[From the U.S. Government Publishing Office]



 
``HIGH-RISK'' PROGRAMS WITHIN THE JURISDICTION OF THE COMMITTEE ON WAYS 
                               AND MEANS

=======================================================================

                                HEARING

                               before the

                       SUBCOMMITTEE ON OVERSIGHT

                                 of the

                      COMMITTEE ON WAYS AND MEANS
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED FIFTH CONGRESS

                             FIRST SESSION

                               __________

                             MARCH 4, 1997

                               __________

                             Serial 105-22

                               __________

         Printed for the use of the Committee on Ways and Means


                               


                     U.S. GOVERNMENT PRINTING OFFICE
 49-632 CC                  WASHINGTON : 1998


                      COMMITTEE ON WAYS AND MEANS

                      BILL ARCHER, Texas, Chairman

PHILIP M. CRANE, Illinois            CHARLES B. RANGEL, New York
BILL THOMAS, California              FORTNEY PETE STARK, California
E. CLAY SHAW, Jr., Florida           ROBERT T. MATSUI, California
NANCY L. JOHNSON, Connecticut        BARBARA B. KENNELLY, Connecticut
JIM BUNNING, Kentucky                WILLIAM J. COYNE, Pennsylvania
AMO HOUGHTON, New York               SANDER M. LEVIN, Michigan
WALLY HERGER, California             BENJAMIN L. CARDIN, Maryland
JIM McCRERY, Louisiana               JIM McDERMOTT, Washington
DAVE CAMP, Michigan                  GERALD D. KLECZKA, Wisconsin
JIM RAMSTAD, Minnesota               JOHN LEWIS, Georgia
JIM NUSSLE, Iowa                     RICHARD E. NEAL, Massachusetts
SAM JOHNSON, Texas                   MICHAEL R. McNULTY, New York
JENNIFER DUNN, Washington            WILLIAM J. JEFFERSON, Louisiana
MAC COLLINS, Georgia                 JOHN S. TANNER, Tennessee
ROB PORTMAN, Ohio                    XAVIER BECERRA, California
PHILIP S. ENGLISH, Pennsylvania      KAREN L. THURMAN, Florida
JOHN ENSIGN, Nevada
JON CHRISTENSEN, Nebraska
WES WATKINS, Oklahoma
J.D. HAYWORTH, Arizona
JERRY WELLER, Illinois
KENNY HULSHOF, Missouri

                     A.L. Singleton, Chief of Staff

                  Janice Mays, Minority Chief Counsel

                                 ______

                       Subcommittee on Oversight

                NANCY L. JOHNSON, Connecticut, Chairman

ROB PORTMAN, Ohio                    WILLIAM J. COYNE, Pennsylvania
JIM RAMSTAD, Minnesota               GERALD D. KLECZKA, Wisconsin
JENNIFER DUNN, Washington            MICHAEL R. McNULTY, New York
PHILIP S. ENGLISH, Pennsylvania      JOHN S. TANNER, Tennessee
WES WATKINS, Oklahoma                KAREN L. THURMAN, Florida
JERRY WELLER, Illinois
KENNY HULSHOF, Missouri


Pursuant to clause 2(e)(4) of Rule XI of the Rules of the House, public 
hearing records of the Committee on Ways and Means are also published 
in electronic form. The printed hearing record remains the official 
version. Because electronic submissions are used to prepare both 
printed and electronic versions of the hearing record, the process of 
converting between various electronic formats may introduce 
unintentional errors or omissions. Such occurrences are inherent in the 
current publication process and should diminish as the process is 
further refined.



                            C O N T E N T S

                               __________

                                                                   Page

Advisory of February 13, 1997, announcing the hearing............     2

                               WITNESSES

U.S. General Accounting Office, Gene L. Dodaro, Assistant 
  Comptroller General, Accounting and Information Management 
  Division; accompanied by Dr. Rona Stillman, Chief Scientist, 
  Computers and Telecommunications, and Joel Willemssen, Director     6
U.S. General Accounting Office, Lynda D. Willis, Director, Tax 
  Policy and Administration Issues, General Government Division..    14
U.S. General Accounting Office, Jane L. Ross, Director, Income 
  Security Issues, Health, Education, and Human Services Division    22
U.S. General Accounting Office, Leslie G. Aronovitz, Associate 
  Director, Health Financing and Systems Issues, Health, 
  Education, and Human Services Division.........................    28
U.S. Department of the Treasury, Hon. Valerie Lau, Inspector 
  General; accompanied by Gary Bell, Chief Inspector.............    63
U.S. Department of Labor, Patricia A. Dalton, Deputy Inspector 
  General........................................................    69
U.S. Department of Health and Human Services, Michael F. Mangano, 
  Principal Deputy Inspector General.............................    77

                       SUBMISSIONS FOR THE RECORD

Social Security Administration, John J. Callahan, Acting 
  Commissioner, statement........................................    97

                                 ______

ERISA Industry Committee, Janice M. Gregory, letter and 
  attachment.....................................................   100
Health Industry Distributors Association, Alexandria, VA, 
  statement......................................................   103


``HIGH-RISK'' PROGRAMS WITHIN THE JURISDICTION OF THE COMMITTEE ON WAYS 
                               AND MEANS

                              ----------                              


                         TUESDAY, MARCH 4, 1997

                  House of Representatives,
                       Committee on Ways and Means,
                                 Subcommittee on Oversight,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 10:13 a.m., in 
room 1100, Longworth House Office Building, Hon. Nancy L. 
Johnson (Chairman of the Subcommittee) presiding.
    [The advisory announcing the hearing follows:]

ADVISORY

FROM THE COMMITTEE ON WAYS AND MEANS

                        SUBCOMMITTEE ON OVERSIGHT

 FOR IMMEDIATE RELEASE                             CONTACT: (202) 225-7601
 February 13, 1997
 No. OV-2

                      Johnson Announces Hearing on

             ``High-Risk'' Programs Within the Jurisdiction

                   of the Committee on Ways and Means

     Congresswoman Nancy L. Johnson (R-CT), Chairman, Subcommittee on 
Oversight of the Committee on Ways and Means, today announced that the 
Subcommittee will hold a hearing on ``high-risk'' programs within the 
jurisdiction of the Committee on Ways and Means, along with other 
management issues. The hearing will take place on March 4, 1997, in the 
main committee hearing room, 1100 Longworth House Office Building, 
beginning at 10:00 a.m.
      
     In view of the limited time available to hear witnesses, oral 
testimony at this hearing will be heard from invited witnesses only. 
Witnesses will include the U.S. General Accounting Office (GAO) and the 
inspectors general of several departments and agencies. However, any 
individual or organization not scheduled for an oral appearance may 
submit a written statement for consideration by the Committee and for 
inclusion in the printed record of the hearing.
      

BACKGROUND

      
     The GAO has issued the third in a series of reports on Federal 
programs it has identified as high risk because of vulnerabilities to 
waste, fraud, abuse, and mismanagement. The February 1997 series 
identifies 25 high-risk areas. Several fall within the jurisdiction of 
the Committee on Ways and Means, including Internal Revenue Service 
(IRS) financial management, IRS receivables, filing fraud, IRS Tax 
Systems Modernization, Customs Service financial management, asset 
forfeiture programs, the year 2000 problem, information security, 
Medicare, Supplemental Security Income (SSI), and Superfund program 
management.
      
     In announcing the hearing, Chairman Johnson stated: ``The GAO's 
high-risk work has zeroed in on programs in which there is the greatest 
potential for wasting tax dollars. These reports will be tremendously 
helpful to the Subcommittee in its ongoing oversight of the programs 
within the Committee's jurisdiction.''
      

FOCUS OF THE HEARING

      
     Improving the efficiency and effectiveness of the IRS, Medicare, 
and SSI will be a primary focus. However, all of the programs 
identified by the GAO, as well as the work of the inspectors general, 
will be examined during the hearing.
      

DETAILS FOR SUBMISSION OF WRITTEN COMMENTS

      
     Any person or organization wishing to submit a written statement 
for the printed record of the hearing should submit at least six (6) 
copies of their statement and a 3.5-inch diskette in WordPerfect or 
ASCII format, with their address and date of hearing noted, by the 
close of business, Tuesday, March 18, 1997, to A.L. Singleton, Chief of 
Staff, Committee on Ways and Means, U.S. House of Representatives, 1102 
Longworth House Office Building, Washington, D.C. 20515. If those 
filing written statements wish to have their statements distributed to 
the press and interested public at the hearing, they may deliver 200 
additional copies for this purpose to the Subcommittee on Oversight 
office, room 1136 Longworth House Office Building, at least one hour 
before the hearing begins.
      

FORMATTING REQUIREMENTS

      
     Each statement presented for printing to the Committee by a 
witness, any written statement or exhibit submitted for the printed 
record or any written comments in response to a request for written 
comments must conform to the guidelines listed below. Any statement or 
exhibit not in compliance with these guidelines will not be printed, 
but will be maintained in the Committee files for review and use by the 
Committee.
      
     1. All statements and any accompanying exhibits for printing must 
be typed in single space on legal-size paper and may not exceed a total 
of 10 pages including attachments. At the same time written statements 
are submitted to the Committee, witnesses are now requested to submit 
their statements on a 3.5-inch diskette in WordPerfect or ASCII format.
      
     2. Copies of whole documents submitted as exhibit material will 
not be accepted for printing. Instead, exhibit material should be 
referenced and quoted or paraphrased. All exhibit material not meeting 
these specifications will be maintained in the Committee files for 
review and use by the Committee.
      
     3. A witness appearing at a public hearing, or submitting a 
statement for the record of a public hearing, or submitting written 
comments in response to a published request for comments by the 
Committee, must include on his statement or submission a list of all 
clients, persons, or organizations on whose behalf the witness appears.
      
     4. A supplemental sheet must accompany each statement listing the 
name, full address, a telephone number where the witness or the 
designated representative may be reached and a topical outline or 
summary of the comments and recommendations in the full statement. This 
supplemental sheet will not be included in the printed record.
      
     The above restrictions and limitations apply only to material 
being submitted for printing. Statements and exhibits or supplementary 
material submitted solely for distribution to the Members, the press 
and the public during the course of a public hearing may be submitted 
in other forms.
      

    Note: All Committee advisories and news releases are available on 
the World Wide Web at `HTTP://WWW.HOUSE.GOV/WAYS__MEANS/'.
      

     The Committee seeks to make its facilities accessible to persons 
with disabilities. If you are in need of special accommodations, please 
call 202-225-1721 or 202-225-1904 TTD/TTY in advance of the event (four 
business days notice is requested). Questions with regard to special 
accommodation needs in general (including availability of Committee 
materials in alternative formats) may be directed to the Committee as 
noted above.
      

                                

    Chairman Johnson. Good morning. It is a pleasure to convene 
these hearings on high-risk programs.
    Some say the problem with government is that it tries to 
fix things that are not broken. While this is sometimes true, 
more often we try to fix things that are broken, where the law 
is either badly written or the bureaucracy is performing 
poorly.
    In 1990, the GAO, the General Accounting Office, began a 
series of reviews of Federal programs that are high risk, at 
high risk of mismanagement and fraud, to enable both the 
executive and the legislative branches to focus on key problems 
and to improve the performance of government.
    During the time I have been in the Congress, I have worked 
to turn constituent examples of fraud into legislative and 
administrative reform. But the process is always slow and 
complex, and the results not always satisfying.
    Fortunately, the General Accounting Office and the 
Inspectors General throughout the Federal Government are doing 
the difficult and often thankless task of ferreting out a lot 
of the problems. I am also pleased that this Committee and 
Subcommittee have a strong bipartisan tradition of providing 
constructive oversight of the programs within our jurisdiction.
    In December 1990, the Committee launched a comprehensive 
oversight initiative, holding literally dozens of hearings in 
this Subcommittee. Beth Vance, who is now the Subcommittee's 
minority counsel, played a critical role in developing and 
implementing the oversight initiative, and I very much 
appreciate her good work in helping us to prepare for today's 
hearing.
    It is, however, unsettling to note that one-third of the 25 
high-risk programs identified by the GAO fall within this 
Committee's jurisdiction. While this fact must be put in the 
context of the additional fact that this Committee is 
responsible for nearly all of the government's revenue and 
about half of the government's spending, it nonetheless poses a 
tremendous challenge to this Subcommittee. Our job is to 
understand why certain programs pose a high risk of 
mismanagement and fraud, and change the law to prevent such 
abuse.
    This morning the GAO will provide us with an overview of 
the 10 high-risk areas. Six of them--IRS receivables, filing 
fraud, IRS financial management, tax systems modernization, 
Customs Service financial management, and asset forfeiture 
programs--relate to making sure revenues are collected and 
accounted for.
    Two relate to waste, fraud, and abuse, and mismanagement in 
entitlements--specifically, Medicare, and SSI. And two relate 
to governmentwide technology issues, information security, and 
the so-called year 2000 problem.
    We will also hear from the Inspectors General of the three 
departments with programs that fall within the Committee's 
jurisdiction: Treasury, Labor, and Health and Human Services.
    While today's hearing will focus primarily on the problems 
identified by the GAO and the Inspectors General, in order to 
determine what actions we need to take legislatively, we will 
continue to monitor the departments' progress in addressing the 
issues raised in the high-risk programs.
    Welcome. And I would like to yield to my Ranking Member, 
Mr. Coyne.
    Mr. Coyne. Thank you, Madam Chairwoman, and welcome. We 
have an opportunity today to hear from the experts about many 
of the program areas within the Ways and Means Committee 
jurisdiction. For the next several hours, we will receive very 
important testimony from the U.S. General Accounting Office and 
the Inspectors General of the Departments of the Treasury, 
Health and Human Services, and Labor about high-risk programs 
and related fraud problems facing the Nation.
    It is important that the Oversight Subcommittee routinely 
hold hearings such as the one we are having today, in order to 
provide oversight review of the large and diverse programs for 
which we legislate. Legislating a program is one thing. Making 
sure the program works is quite another.
    I consider it our responsibility to conduct meaningful 
oversight of all Ways and Means programs, to ensure that our 
legislative actions are effective. As we proceed over the next 
several months, I look forward to working with the Members of 
the Subcommittee and other Subcommittees to follow up on the 
recommendations made by the witnesses that are here with us 
today.
    I commend the Chairwoman for agreeing to hold these 
hearings, and appreciate her willingness to include pension 
plan issues as one of the Subcommittee's first orders of 
business.
    Chairman Johnson. Mr. Ramstad, who could not be with us 
today, asked that his statement be submitted for the record, 
and that will be ordered, and the statements of any other 
Members who would like to so submit.
    [The statement of Mr. Ramstad follows:]

Statement of U.S. Rep. Jim Ramstad

    Madame Chairman, thank you for holding this important 
hearing on the ``high risk'' programs under Ways and Means 
Committee jurisdiction that are vulnerable to waste, fraud and 
abuse.
    Reining in the abuses of ``high risk'' programs is a 
continuing struggle, but we are making headway.
    For example, the health insurance reform bill we passed 
last year cracked down hard on the waste, fraud and abuse in 
the Medicare program.
    American taxpayers lose as much as 10% of total health care 
costs to fraud and abuse--$31 billion annually for Medicare and 
Medicaid alone.
    This is why we established the ``Medicare Integrity 
Program'' to increase our ability to prevent payments for 
fraudulent, abusive or erroneous claims in the Medicare system.
    We also required the Health Care Finance Agency to acquire 
state-of-the-art computer software used by private insurers and 
to hire private sector companies with proven track records in 
preventing fraud and abuse. This should result in a net savings 
of almost $2 billion over the next six years, according to CBO.
    Another provision will coordinate federal, state and local 
law enforcement to combat fraud. We also toughened criminal 
laws and provided new civil penalties, as an added deterrent.
    We can find solutions, but we must do more. I hope this 
hearing will move us toward more common sense measures like 
these to crack down on waste, fraud and abuse in our ``high 
risk'' programs.
    Again, Madame Chairman, I commend you for holding this 
hearing.
      

                                

    Chairman Johnson. On the other hand, if any Member would 
like to make a comment at this time, I will recognize them.
    [No response.]
    Chairman Johnson. Thank you. I welcome the first panel this 
morning: Gene Dodaro, Assistant Comptroller General, Accounting 
and Information Management Division, of the U.S. GAO; Lynda 
Willis, the Director of Tax Policy and Administration Issues, 
General Government Division of the GAO; Jane Ross, Director of 
Income Security Issues, Health, Education, and Human Services 
Division of the GAO; and Leslie Aronovitz, Associate Director, 
Health Financing and Systems Issues, Health, Education, and 
Human Services Division of the GAO.
    Mr. Dodaro.

  STATEMENT OF GENE L. DODARO, ASSISTANT COMPTROLLER GENERAL, 
 ACCOUNTING AND INFORMATION MANAGEMENT DIVISION, U.S. GENERAL 
  ACCOUNTING OFFICE; ACCOMPANIED BY DR. RONA STILLMAN, CHIEF 
   SCIENTIST FOR COMPUTERS AND TELECOMMUNICATIONS, AND JOEL 
                      WILLEMSSEN, DIRECTOR

    Mr. Dodaro. Good morning. Madam Chairman, Members of the 
Subcommittee, we are pleased to be here today to discuss GAO's 
high-risk work. In the past, since 1990, we've been issuing 
this list of areas that we feel are vulnerable to waste, fraud, 
and mismanagement, and we have made hundreds of recommendations 
directed at solving these problems.
    Our latest high-risk series, which comes out as a special 
publication of booklets, was issued last month. We are now 
issuing this series at the beginning of each new Congress, to 
help the Committees focus on areas that need attention, as well 
as conveying this information to the administration.
    In this latest series, our overall conclusion is that 
progress is being made in these areas. Agencies are taking 
these problems seriously, working to correct them. Also, some 
of the progress is due and the credit belongs to the Congress 
for conducting oversight hearings in many of these areas, and 
for passing specific legislation directed at some of them: For 
example, the Health Portability and Accountability Act, which 
tightens some of the requirements and controls for the Medicare 
area, which was very important. And there have been some broad-
based management reforms passed by the Congress as well, which 
I am going to talk about in 1 minute.
    All of those areas collectively are creating some progress. 
However, in many areas much remains to be done to implement 
these reforms and to effectively correct these problems and 
remove their high-risk designation.
    In 1 minute, my colleagues are going to talk about the 
specific areas the Subcommittee asked us to focus on this 
morning, which are the IRS problems that are listed in here 
that Lynda will talk about; Jane will talk about the fact that 
we are adding the SSI Program to the list new in 1997; and 
Leslie will report on the progress being made in the Medicare 
area.
    Now, we have taken basically two tacks to try to 
effectively resolve these problems, and our goal is to get 
these areas off the list. The first tack has been specific 
recommendations in each of the individual areas, which the rest 
of the panel will talk about.
    The other tactic that we have tried is to help the Congress 
shape some broad-based management reform legislation that gets 
at the underlying causes, some of the common problems 
underlying these high-risk areas. And there are really three 
main pieces of legislation that I want to talk about this 
morning, because those pieces of legislation are important 
tools that are now available to this Committee to effectively 
help oversee the agencies under its jurisdiction and to help 
resolve these problems.
    The first are a set of management reforms in the 
information technology area that were passed in 1995 through 
the reauthorization of the Paperwork Reduction Act and the 
passage of the Clinger-Cohen Act in 1996.
    This Subcommittee is well aware of some of the problems 
that have occurred in the tax system modernization in IRS. 
Unfortunately, these problems that IRS has experienced are not 
confined to that agency. We also have on our high-risk list the 
FAA air traffic control modernization effort. We have Defense 
Information Systems. And we have problems that we have 
identified in the National Weather Service.
    The Federal Government's track record in bringing online 
information technology projects is poor. And that failure to 
harness technology in one way or another is at the heart of 
many of these high-risk problems.
    So in order to effectively implement this and find out 
solutions, we went to the private sector to learn from leading 
organizations. And we published a guide called ``Best Practices 
in Information Management,'' and we issued 11 different 
practices. And we have been working with the Congress to get 
these embodied in legislation.
    And that is what the Paperwork Reduction Act does and the 
Clinger-Cohen Act. It requires and establishes for the first 
time chief information officers throughout the government. It 
focuses on building technology and information systems in 
modular procurements. It focuses on reengineering before you 
buy technology. It requires system architectures, or 
blueprints, to be put in place to guide system development 
efforts.
    So there is a number of important reforms that have just 
been passed by the Congress that, if effectively implemented, 
can help solve many of these problems and bring the government 
into the modern age of technology.
    Also, the IT areas--information technology--is important to 
solving the two new areas that we identified as governmentwide 
problems. Information security: Basically, we found that the 
Federal Government systems are vulnerable to unauthorized 
access and manipulation, and that great numbers of actions are 
needed in order to fix these problems, both from internal risk 
as well as external risk to the systems.
    Also, the year 2000 problem, which basically is a problem 
created by a two-digit memory and needs to be changed so that 
when the year 2000 comes computers do not read that as the year 
1900: Effectively, we have put out a guide to agencies about 
how to prepare themselves to be ready.
    And if I could call your attention to the white chart here, 
basically, best practices tell you there need to be four phases 
that agencies need to go through to be ready. First, they have 
to be aware of the problem; they need to assess and go through 
an inventory of their systems, focus on some of their key 
vulnerabilities, go through the lines of code; then make the 
changes in the renovation stage; and then keep, basically, 1999 
available for testing. So you basically have that last year 
that needs to be available for perfecting the changes.

[GRAPHIC] [TIFF OMITTED] T9632.003


                                

    We are concerned that many agencies are not moving as fast 
as they need to in the assessment phase; thereby further 
condensing the time available to make the needed changes. And 
in many areas, the government's computer systems are not well 
documented, the Code is old, and there need to be a number of 
changes put in place. And agencies also need to have 
contingency plans. So this is a pressing problem that we are 
calling to the attention of the Congress and the agencies.
    And the second major type of reform is financial 
management. In 1990, the Congress passed the Chief Financial 
Officers Act, which for the first time brought a requirement 
for Federal agencies to have financial audits. It is the same 
type of requirement that was put in place by the private sector 
many years ago, and of State and local governments.
    Implementation of the CFO Act has been at the heart of some 
of the progress that the IRS and Customs have made in fixing 
some of their financial management problems. And also, right 
now the act has been extended to all executive branch agencies, 
effective with audits beginning in fiscal year 1996. So we 
think this Chief Financial Officers Act provides a set of best 
practices, proven practices, to fix some of the underlying 
financial management and control problems.
    The third major reform is the Congress legislating the 
government Performance and Results Act in 1993. That act calls 
for the first time for agencies to produce strategic plans and 
have performance measures. The requirement for that act comes 
to fruition governmentwide this year. By September 1997, 
agencies are required to have strategic plans and performance 
measures.
    I call that to your attention because agencies are required 
to consult with the Congress in preparing these plans, so that 
over the next few months this Subcommittee can play an 
important role in working with the agencies to shape those 
strategic plans and how we measure performance. And measuring 
performance is very, very important to assuring that we have an 
ability to track agencies' progress, in terms of whether making 
meaningful change or not.
    That concludes my remarks. I think that we are working hard 
to try to help solve these problems. These management reforms 
that have been passed by the Congress--none of which were in 
place when we began the high-risk series 7 years ago--we think 
are important and, if collectively used, implemented, and 
encouraged by the Congress through oversight hearings, we think 
will go a long way to bringing some lasting improvements to 
these problems.
    With that, I will turn it over, with your permission, Madam 
Chairman, to Lynda, to talk about the Internal Revenue Service.
    [The prepared statement follows:]

Statement of Gene L. Dodaro, Assistant Comptroller General, Accounting 
and Information Management Division, U.S. General Accounting Office

    Madame Chairman and Members of the Subcommittee:
    We are pleased to be here today to discuss major government 
programs and operations we have identified as high risk because 
of vulnerabilities to waste, fraud, abuse, and mismanagement. 
In 1990, we began a special effort to focus attention on such 
areas, and over the past several years we have made hundreds of 
recommendations to get at the heart of high-risk problems and 
help improve this situation. On February 12, 1997, we issued 
our latest series of high-risk reports.\1\
---------------------------------------------------------------------------
    \1\ The 25 areas that are the current focus of our high-risk 
initiative area listed in attachment I, and the reports in our 1997 
high-risk series are listed in attachment II.
---------------------------------------------------------------------------
    Overall, legislative and agency actions have resulted in 
progress toward fixing these high-risk areas and establishing a 
solid foundation to help ensure greater progress. However, 
because these areas involve long-standing problems which are 
difficult to fix, additional corrective measures are necessary 
to remove the high-risk designation.
    Today, at the Subcommittee's request, we will focus on 
high-risk areas related to the Internal Revenue Service (IRS) 
and the Medicare and Supplemental Security Income (SSI) 
programs. While this statement provides a brief synopsis of 
these areas, more detailed statements on these three topics are 
also being issued today. In addition, this statement will 
discuss other high-risk areas that affect agencies under the 
Subcommittee's jurisdiction, including the Customs Service's 
financial management, information security weaknesses, and the 
possibility of serious computer disruptions in service to the 
public due to the Year 2000 Problem.
    As the key message of this testimony, I would like to 
emphasize the importance of the Subcommittee using recent 
legislative management reforms to help oversee these agencies' 
actions to fully and effectively remedy their high-risk 
problems. These include
    --the 1995 Paperwork Reduction Act and the 1996 Clinger-
Cohen Act, which provide a basis for agencies to better manage 
investments in information technology;
    --the expanded Chief Financial Officers (CFO) Act of 1990, 
which requires agencies to prepare financial statements that 
can pass the test of an independent audit and provide 
decisionmakers more reliable financial information; and
    --the 1993 Government Performance and Results Act (GPRA), 
which requires agencies to measure performance and focus on 
results.

         Ensuring All Revenues are Collected and Accounted for

    In 1995, IRS reported collecting $1.4 trillion from 
taxpayers, disbursing $122 billion in tax refunds, and managing 
an estimated accounts receivable inventory of $113 billion in 
delinquent taxes. The reliability of IRS' financial information 
is critical to effectively manage the collection of revenue to 
fund the government's operations.
    Our audits of IRS' financial statements, however, have 
identified many significant weaknesses in IRS' accounting for 
revenue and accounts receivable, as well as for funds provided 
to carry out IRS' operations. IRS has improved payroll 
processing and accounting for administrative operations and is 
working on solutions to revenue and accounts receivable 
accounting problems. But much remains to be done, and effective 
management follow-through is paramount to achieving fully the 
goals of the CFO Act.
    In addition, IRS is hampered in efficiently and effectively 
managing its huge inventory of accounts receivable due to 
inadequate management information. The root cause here is IRS' 
antiquated information systems and outdated business processes, 
which handle over a billion tax returns and related documents 
annually. IRS has undertaken many initiatives to deal with its 
accounts receivable problems, including correcting errors in 
its tax receivable masterfile and attempting to speed up 
aspects of the collection process. Efforts such as these appear 
to have had some impact on collections and the tax debt 
inventory, but many of the efforts are long-term in nature and 
demonstrable results may not be available for some time.
    Further, while IRS' efforts to reduce filing fraud have 
resulted in some success--especially through more rigid 
screening in the electronic filing program--this continues to 
be a high-risk area. IRS' goal is to increase electronic 
filings, which would strengthen its fraud detection 
capabilities. But to effectively achieve its electronic filing 
goal, IRS must (1) identify those groups of taxpayers who offer 
the greatest opportunity for filing electronically and (2) 
develop strategies focused on alleviating impediments that have 
inhibited those groups from participating in the program.
    In attempting to overhaul its timeworn, paper-intensive 
approach to tax return processing, IRS has spent or obligated 
over $3 billion on its tax systems modernization, which has 
encountered severe difficulties. Currently, funding for tax 
systems modernization has been curtailed, and IRS and the 
Department of the Treasury are taking several steps to address 
modernization problems and implement our recommendations. 
However, much more progress is needed to fully resolve serious 
underlying management and technical weaknesses.
    Behind IRS, the Customs Service is the next highest revenue 
collector. The Customs Service has made considerable progress 
in correcting major management and organizational structure 
weaknesses we pointed to in our 1992 high-risk report. In 1995, 
we reported that Customs had taken several actions to address 
these problems, including revising its planning process, 
improving controls over identification and collection of 
revenues owed, aggressively pursuing delinquent receivables, 
and embarking on an agencywide reorganization plan. As a 
result, we narrowed the scope of our high-risk work at Customs 
to focus only on its financial management problems.
    Since 1995, Customs has continued to take actions to 
address its financial management and internal control 
weaknesses. These include, for example, statistically sampling 
compliance of commercial importations through ports of entry to 
better focus enforcement efforts and to project and report 
duties, taxes, and fees lost due to noncompliance. However, 
Customs still has not fully corrected significant problems in 
these areas. For example, audits of Customs' financial 
statements under the CFO Act disclose that Customs continues to 
lack adequate assurance that all revenue due is collected, has 
weaknesses in readily detecting duplicate and excessive 
drawback payments, and lacks integrated core financial systems. 
These problems diminish Customs' ability to reasonably ensure 
that (1) duties, taxes, and fees on imports are properly 
assessed and collected and refunds of such amounts are valid 
and (2) core financial systems provide reliable information for 
managing operations.
    We have made numerous recommendations to Customs to address 
its financial management weaknesses and have assisted in 
developing corrective actions. It will be important for top 
management at Customs to provide continuing support to ensure 
that the planned financial management improvements are properly 
implemented.

 Controlling Fraud, Waste, Abuse and Mismanagement in Benefit Programs

    Medicare--the nation's second largest social program--is 
inherently vulnerable to and a perpetually attractive target 
for exploitation. The Congress and the President have been 
seeking to introduce changes to Medicare to help control 
program costs, which were $197 billion in fiscal year 1996. At 
the same time, they are concerned that the Medicare program 
loses significant amounts due to persistent fraudulent and 
wasteful claims and abusive billings, which could be from $6 
billion to as much as $20 billion, based on 1996 outlays. The 
Congress passed the Health Insurance Portability and 
Accountability Act of 1996 to add funding for program safeguard 
efforts and make the penalties for Medicare fraud more severe. 
Effective implementation of this legislation and other agency 
actions are key to mitigating many of Medicare's 
vulnerabilities to fraud and abuse.
    Also, the Health Care Financing Administration (HCFA), 
which runs the Medicare program, has begun to acquire a new 
claims processing system--the Medicare Transaction System 
(MTS)--to provide, among other things, better protection from 
fraud and abuse. In the past, we have reported on risks 
associated with this project, including (1) HCFA's plan to 
implement the system in a single stage rather than 
incrementally, (2) difficulty in defining requirements, (3) 
inadequate investment analysis, and (4) significant schedule 
problems. HCFA has responded to these concerns by changing its 
single-stage approach to one under which the system will be 
implemented incrementally and working to resolve other reported 
problems.
    A newly designated high-risk area involves overpayments in 
the SSI program, which provided about $22 billion in federal 
benefits to recipients between January 1, 1996, and October 31, 
1996. SSI overpayments have grown to over $1 billion per year, 
which is about 5 percent of total benefit payments. Also, 
criticisms have been raised regarding the Social Security 
Administration's (SSA) ability to effectively manage SSI 
workloads and internal control weaknesses that leave the 
program susceptible to fraud, waste, and abuse. For example, in 
August 1996, we reported that about 3,000 current and former 
prisoners in 13 county and local jail systems had been 
erroneously paid $5 million in SSI benefits, primarily because 
SSA lacked timely and complete information.
    One root cause of SSI overpayments is SSA's difficulty in 
corroborating financial eligibility information that program 
beneficiaries self report and that affects their benefit 
levels. In addition, determining whether an impairment 
qualifies a claimant for disability benefits can often be 
difficult, especially in cases involving applicants with mental 
impairments and other hard-to-diagnose conditions.

        Addressing Governmentwide Information Technology Issues

    In addition to the difficulties agencies have in managing 
large computer systems modernization efforts, our high-risk 
effort identified two governmentwide information technology 
issues that affect agencies under the Committee's purview: 
information security and the Year 2000 Problem.

Information Security

    Information systems security weaknesses pose high risk of 
unauthorized access and disclosure of sensitive data. Many 
federal operations that rely on computer networks are 
attractive targets for individuals or organizations with 
malicious intentions. Examples of such operations include law 
enforcement, import entry processing, and various financial 
transactions.
    Since June 1993, we have issued over 30 reports describing 
serious information security weaknesses at major federal 
agencies. For example, our financial audits at IRS and the 
Customs Service have identified poor computer controls. IRS 
cannot ensure that the confidentiality and accuracy of taxpayer 
data are protected and that the data are not manipulated for 
purposes of individual gain. The Customs Service continues to 
have problems that diminish its ability to reasonably ensure 
that sensitive data maintained in automated systems are 
adequately protected from unauthorized access and modification.
    In September 1996, we reported that during the previous 2 
years, serious information security control weaknesses had been 
reported for 10 of the 15 largest federal agencies. We have 
made dozens of recommendations for improvement to individual 
agencies, and they have started acting on many of them.
    In addition, we have recommended ways for the Office of 
Management and Budget (OMB) to enhance its ability to oversee 
and improve federal information security programs. We suggested 
steps that OMB can take to (1) effectively use opportunities to 
aid in overseeing and improving agency information security 
programs--such as annual financial audits and the newly created 
Chief Information Officers Council, and (2) increase the 
expertise of its staff in information security management 
issues.

The Year 2000 Problem

    The Year 2000 Problem poses the high risk that computer 
systems throughout government will fail to run or malfunction 
because computer equipment and software were not designed to 
accommodate the change of date at the new millennium. For 
example, IRS' tax systems could be unable to process returns, 
which in turn could jeopardize the collection of revenue and 
the entire tax processing system. Or SSA's disability insurance 
process could experience major disruptions if the interface 
with various state systems failed, thereby causing delays and 
interruptions in disability payments to citizens.
    We recently issued a guide, Year 2000 Computing Crisis: An 
Assessment Guide (GAO/AIMD-10.1.14, exposure draft), to provide 
agencies a framework and a checklist for assessing their 
readiness to achieve year 2000 compliance. It provides 
information on the scope of the challenge, and offers a 
structured approach for reviewing the adequacy of agency 
planning and management of the year 2000 program.

  Continuing Congressional Oversight Using New Management Tools is Key

    Continued congressional oversight, such as this hearing by 
the Subcommittee, will add essential impetus to make 
improvements and ensure more progress in addressing the high-
risk areas just discussed and, thus, to achieve greater 
benefits. Effective and sustained follow-through by agency 
managers is necessary to resolve specific high-risk problems 
and implement broader management reforms, which the Congress 
has established to achieve better financial and information 
management and measure the results of program operations.
    The Subcommittee can focus on agencies' progress in fixing 
specific high-risk problems and implementing this legislative 
framework through the following three efforts.
     Apply a framework of modern technology management, 
as required by the 1995 Paperwork Reduction Act and the 
Clinger-Cohen Act of 1996.
    This framework is based on practices followed by leading 
public and private sector organizations that have successfully 
used technology to dramatically improve performance and meet 
strategic goals. These laws fundamentally revamp and modernize 
federal information management practices by emphasizing the 
involvement of senior executives in information management 
decisions, establishing senior-level Chief Information 
Officers, tightening controls over technology spending, 
redesigning inefficient work processes, and using performance 
measures to assess technology's contribution to achieving 
mission results. These management practices provide agencies--
such as IRS for tax systems modernization--a proven, practical 
means of addressing the federal government's information 
problems, maximizing benefits from technology spending, and 
controlling the risks of systems development efforts.
     Improve financial reporting and make other 
financial management improvements, as called for by the 
expanded Chief Financial Officers Act.
    The landmark CFO Act spelled out a long overdue and 
ambitious agenda to help resolve financial management problems. 
This act has prompted many improvements at IRS, the Customs 
Service, and other agencies to provide reliable financial 
information for managing government programs. Fully and 
effectively implementing the CFO Act is critical to achieving 
full accountability and providing relevant information on the 
government's true financial status.
    In addition, improved reporting and internal controls, as 
called for by the CFO Act, can produce substantial savings in 
high-risk areas. For example, better data and controls can help 
reduce the billions of dollars now lost annually in the 
Medicare program due to fraudulent and abusive claims and help 
decrease the $1 billion in overpayments that the SSI program 
experiences each year.
     Use the Government Performance and Results Act to 
measure performance and focus on results, which can help to 
pinpoint opportunities for improved performance and increased 
accountability.
    GPRA requires agencies to set goals, measure performance, 
and report on their accomplishments. Under GPRA, every major 
federal agency must now ask itself basic questions about 
performance to be measured and how performance information can 
be used to make improvements. For instance, performance 
measures would be useful for (1) reaching agreement with the 
Congress on and monitoring acceptable levels of errors in 
benefit programs (errors which may never be totally eliminated 
but can be much better controlled) and (2) assessing the 
results of tax enforcement initiatives, delinquent tax 
collection activities, and filing fraud reduction efforts.
    Without additional attention to resolving problems in the 
high-risk areas that we have discussed today, the government 
will continue to miss important opportunities to ensure 
effective revenue collection operations, have well controlled 
and operated information systems, and save billions of dollars. 
We will continue to identify other ways for agencies to more 
effectively manage and control these and other high-risk areas 
and to make recommendations for improvements that can be 
implemented to overcome the root causes of these problems.
    Madame Chairman, this concludes my statement. I will be 
happy to respond to any questions.

Attachment I

Areas Designated High Risk

 Providing for Accountability and Cost-Effective Management of Defense 
                                Programs

    Financial management (1995)
     Contract management (1992)
     Inventory management (1990)
     Weapon systems acquisition (1990)
     Defense infrastructure (1997)

         Ensuring All Revenues Are Collected and Accounted for

    IRS financial management (1995)
     IRS receivables (1990)
     Filing fraud (1995)
     Tax Systems Modernization (1995)
     Customs Service financial management (1991)
     Asset forfeiture programs (1990)

  Obtaining an Adequate Return on Multibillion Dollar Investments in 
                         Information Technology

    Tax Systems Modernization (1995)
     Air traffic control modernization (1995)
     Defense's Corporate Information Management initiative 
(1995)
     National Weather Service modernization (1995)
     Information security (1997)
     The Year 2000 Problem (1997)

        Controlling Fraud, Waste, and Abuse in Benefit Programs

    Medicare (1990)
     Supplemental Security Income (1997)

                     Minimizing Loan Program Losses

    HUD (1994)
     Farm loan programs (1990)
     Student financial aid programs (1990)

     Improving Management of Federal Contracts at Civilian Agencies

    Department of Energy (1990)
     NASA (1990)
     Superfund (1990)
    Also, planning for the 2000 Decennial Census was designated 
high risk in February 1997.

Attachment II

1997 High-Risk Series

    An Overview (GAO/HR-97-1)
    Quick Reference Guide (GAO/HR-97-2)
    Defense Financial Management (GAO/HR-97-3)
    Defense Contract Management (GAO/HR-97-4)
    Defense Inventory Management (GAO/HR-97-5)
    Defense Weapon Systems Acquisition (GAO/HR-97-6)
    Defense Infrastructure (GAO/HR-97-7)
    IRS Management (GAO/HR-97-8)
    Information Management and Technology (GAO/HR-97-9)
    Medicare (GAO/HR-97-10)
    Student Financial Aid (GAO/HR-97-11)
    Department of Housing and Urban Development (GAO/HR-97-12)
    Department of Energy Contract Management (GAO/HR-97-13)
    Superfund Program Management (GAO/HR-97-14)
    The entire series of 14 high-risk reports is numbered GAO/
HR-97-20SET.
      

                                

    Chairman Johnson. Thank you.
    Ms. Willis.

    STATEMENT OF LYNDA D. WILLIS, DIRECTOR, TAX POLICY AND 
   ADMINISTRATION ISSUES, GENERAL GOVERNMENT DIVISION, U.S. 
                   GENERAL ACCOUNTING OFFICE

    Ms. Willis. Good morning. It is good to be here again with 
you today, as we continue our efforts to improve the operations 
of the Internal Revenue Service.
    A key factor in understanding IRS' ongoing difficulties in 
the high-risk areas is the realization that its major processes 
and systems were developed and implemented decades ago, and 
were not designed to address the critical needs and 
vulnerabilities that confront IRS in the nineties.
    In addition, the problems that IRS faces in eliminating its 
high-risk vulnerabilities are compounded by their 
interdependencies. IRS' success in addressing the weaknesses in 
its program areas is clearly linked to its success in 
modernizing its systems. However, this understanding does not 
mitigate our concern over IRS' progress in developing a 
comprehensive business strategy or plan for modernizing its 
processes and systems.
    For years we have chronicled IRS' struggle to manage its 
operations, and have made scores of recommendations to improve 
IRS' systems, processes, and procedures. In order to achieve 
its stated goals of reducing the volume of paper returns, 
improving customer service, and enhancing voluntary compliance 
with the tax system, IRS needs to ensure that its new and 
revised processes drive its systems development and 
implementation.
    Solving problems in the high-risk areas is not an 
insurmountable task, but it requires sustained management 
commitment, accurate information systems, and reliable 
performance measures to track IRS' progress and to provide the 
data necessary to make sound management decisions.
    There are four longstanding high-risk areas at IRS: Tax 
systems modernization, financial management, accounts 
receivable, and filing fraud. In addition, two of the new 
governmentwide high-risk areas also directly affect IRS 
operations: Information security, and the year 2000 problem or 
century date change.
    Turning to each of these areas, I would like to briefly 
discuss the progress IRS has made and the measures IRS must 
take to solve them. For tax systems modernization, in July 1995 
we reported that IRS did not have a comprehensive business 
strategy to effectively reduce paper tax return filings; had 
not yet fully developed and put in place the requisite 
management software development and technical infrastructure 
necessary to successfully implement its ambitious world class 
modernization; and lacked an overall systems architecture, or 
blueprint, to guide the modernization's development and 
evolution.
    At that time, we made over a dozen recommendations to the 
Commissioner to address these weaknesses. In 1996, we reported 
that IRS had initiated many activities to improve its 
modernization efforts, but had not yet fully implemented any of 
our recommendations.
    Since then, IRS has taken additional steps. For example, a 
new Chief Information Officer has been hired, as well as 
additional technical expertise. IRS also created an investment 
review board that has reevaluated and terminated several 
modernization development projects that were found not to be 
cost effective. IRS is also updating its systems development 
life cycle methodology, and is developing a systems 
architecture and project sequencing plan for the modernization.
    While we recognize the IRS' actions, we remain concerned 
because much remains to be done to fully implement essential 
improvements and successfully modernize the IRS. It will take 
both management commitment and technical expertise for IRS to 
accomplish these tasks.
    Our audits of IRS' financial statements have outlined the 
substantial improvements needed in IRS' accounting and 
reporting in order to comply fully with the requirements of the 
CFO Act. IRS has made progress in addressing these areas, and 
has been working to position itself to have more reliable 
financial statements for fiscal year 1997 and thereafter.
    To accomplish this, especially in accounting for revenue 
and related accounts receivable, IRS will need to institute 
long-term solutions involving reprogramming software for its 
antiquated systems and developing new systems. Followthrough to 
complete corrective actions is essential if IRS is to solve the 
financial management problems it faces.
    Turning to accounts receivable, IRS' ability to effectively 
address its accounts receivable problems is seriously hampered 
by outdated equipment and processes, incomplete information to 
better target its collection efforts, and the absence of a 
comprehensive strategy and detailed plan to address the 
systemic nature of the underlying problems. IRS' collection 
efforts have also been hampered by the age of the delinquent 
tax accounts.
    In the last 2 years, IRS has undertaken several initiatives 
to overcome its deficiencies. Specifically, it has efforts 
underway to correct errors in its master file records of tax 
receivables, develop profiles of delinquent taxpayers, and 
study the effectiveness of various collection techniques.
    It has also streamlined its collection process, placed 
additional emphasis on contacting repeat delinquents, made its 
collection notices more readable, and targeted compliance-
generated delinquencies for earlier intervention.
    Despite these positive results, IRS needs to continue the 
development of the information databases and performance 
measures its managers need to determine which actions or 
improvements generate the desired changes in IRS programs and 
operations.
    This is not a short-term commitment. It will be some time 
before the full results of the new initiatives are realized. 
IRS must take deliberate action to ensure that its problem-
solving efforts are on the right track. It needs to implement a 
comprehensive strategy that involves all aspects of IRS 
operations and that sets priorities, accelerates the 
modernization of outdated equipment and processes, and 
establishes realistic goals, specific time tables, and a system 
to measure progress.
    When we first identified filing fraud as a high-risk area 
in 1995, the amount of filing fraud being detected by IRS was 
on an upward spiral. Since then, IRS has introduced new 
controls and expanded existing controls in an attempt to reduce 
its exposure. These controls are directed toward either 
preventing the filing of fraudulent returns or identifying 
questionable returns after they have been filed.
    IRS' efforts have produced some positive results. For 
example, IRS efforts to validate Social Security numbers on 
paper returns produced over $800 million in reduced refunds or 
additional taxes.
    IRS was less successful in identifying fraudulent returns, 
identifying over 65 percent fewer fraudulent returns in 1996 
than during a comparable period in 1995. IRS believes this 
decrease is attributable to a 31-percent reduction in its fraud 
detection staff and the resulting underutilization of its 
electronic fraud detection system which enhances the 
identification of fraudulent returns. However, IRS does not 
have the information it needs to verify that the decline was 
the result of staff reductions, or by a general decline in the 
incidence of fraud.
    Given the decrease in fraud detection staff, it is 
critically important for IRS to optimize the electronic 
controls that are intended to prevent the filing of fraudulent 
returns, and to maximize the effectiveness of available staff. 
Modernization is the key to achieving these objectives.
    Turning now to two new governmentwide high-risk areas, IRS 
is vulnerable to problems in both. Related to information 
security, as the result of our recent work at IRS, we believe 
that the vulnerabilities of IRS computer systems may affect the 
confidentiality and accuracy of taxpayer data and may allow 
unauthorized access, modification, or destruction of taxpayer 
information. IRS does not have a proactive information security 
group that systematically reviews the adequacy and consistency 
of security over IRS computer operations.
    The year 2000 problem at IRS is such that it could create a 
disruption of functions and services that could jeopardize 
almost all of IRS' tax processing systems. It could effectively 
halt the processing of tax returns and related return 
information, the maintenance of taxpayer accounts, the 
assessment and collection of taxes, the recording of 
obligations and expenditures, and the disbursement of refunds.
    To avoid the crippling effects of a multitude of computer 
systems simultaneously producing inaccurate and unreliable 
information, IRS must assign management and oversight 
responsibility within its senior executive corps to find the 
potential impact of such systems failure and develop 
appropriate renovation strategies and contingency plans for its 
critical systems.
    Madam Chairman, Members of the Subcommittee, in summary, 
for years IRS has struggled to collect the Nation's tax 
revenues using outdated processes and technology. To address 
its high-risk problem areas, IRS needs an implementation 
strategy for modernizing its systems and processes that 
includes developing cost-benefit analyses and reasonable 
estimates of timeframes and resources required. Above all, IRS 
management needs to sustain an agencywide commitment to solving 
these problems.
    [The prepared statement follows:]

Statement of Lynda D. Willis, Director, Tax Policy and Administration 
Issues, General Government Division, U.S. General Accounting Office

    Madam Chairman and Members of the Subcommittee:
    We are pleased to be here today to assist the Subcommittee 
in its review of the Internal Revenue Service's (IRS) efforts 
to improve the efficiency and effectiveness of its program 
areas that we have identified as high risk because of their 
vulnerability to waste, fraud, abuse, and mismanagement. A key 
factor in understanding IRS' ongoing difficulties in the high-
risk areas is the realization that its major processes and 
systems were developed and implemented decades ago and were not 
designed to address the critical needs and vulnerabilities that 
confront IRS in the 1990s. In addition, the problems IRS faces 
in attempting to eliminate its high-risk vulnerabilities are 
compounded by the interdependency of the high-risk areas. For 
example, IRS' success in addressing the weaknesses in its 
program areas is clearly linked to its success in modernizing 
its information systems. However, this understanding of the 
difficulties IRS faces does not mitigate our concern over IRS' 
progress in developing a comprehensive strategy or detailed 
business plan to modernize its outdated processes and systems. 
Without successfully modernizing its processes and systems, IRS 
cannot hope to resolve the problems in its high-risk areas.

                                Overview

    In February 1997, we issued our third series of reports on 
the status of high-risk areas across the government.\1\ One 
report in the series discussed the four long-standing high-risk 
areas at IRS: (1) tax systems modernization--IRS' development 
of the business and management strategies, software acquisition 
and development capabilities, and technical infrastructure and 
systems architecture needed to modernize its systems and 
processes; (2) financial management--IRS' efforts to properly 
account for its tax revenues, obligations, and disbursements; 
(3) accounts receivable--IRS' initiatives to better understand 
the composition of its tax debt inventory and to devise 
effective collection strategies and reliable programs to 
prevent future delinquencies; and (4) filing fraud--IRS' 
efforts to gather sufficient information to determine the 
effectiveness of its attempts to deter the filing of fraudulent 
returns.\2\
---------------------------------------------------------------------------
    \1\ GAO/HR-97-20SET.
    \2\ GAO/HR-97-8.
---------------------------------------------------------------------------
    Our 1997 high-risk report series also designated five new 
high-risk areas, two of which have government-wide implications 
and directly affect IRS' operations.\3\ One area is information 
security--IRS' initiatives to better protect the 
confidentiality and accuracy of taxpayer data from unauthorized 
access and manipulation. The other area is the year 2000 
problem--IRS' plans to protect itself from the operational and 
financial impacts that could affect tax processing and revenue 
collection systems if its computer systems cannot accommodate 
the change of date to the year 2000.
---------------------------------------------------------------------------
    \3\ GAO/HR-97-9.
---------------------------------------------------------------------------
    Today, we will briefly discuss the problems IRS faces in 
these six high-risk areas, the progress IRS has made since our 
last series of high-risk reports in 1995, and the measures IRS 
must take to resolve the problems in its high-risk areas. This 
testimony is based on our prior reports and recent information 
obtained from IRS.

                          IRS' High-Risk Areas

    For years we have chronicled IRS' struggle to modernize and 
manage its operations, especially in the high-risk areas, and 
have made scores of recommendations to improve IRS' systems, 
processes, and procedures. It is clear that in order to achieve 
its stated goals of reducing the volume of paper tax returns, 
providing better customer service, and improving compliance 
with the nation's tax laws, IRS must successfully modernize its 
systems and operations. To accomplish this modernization, 
however, IRS needs to develop comprehensive business strategies 
to ensure that its new and revised processes drive systems 
development and acquisition. Solving the problems in the high-
risk areas is not an insurmountable task, but it requires 
sustained management commitment, accurate information systems, 
and reliable performance measures to track IRS' progress and 
provide the data necessary to make informed management 
decisions.

Tax Systems Modernization

    Over the last decade, IRS has been attempting to overhaul 
its timeworn, paper-intensive approach to tax return 
processing. At stake is the over $3 billion that IRS has spent 
or obligated on this modernization since 1986, as well as any 
additional funds that IRS plans to spend on the modernization.
    In July 1995, we reported that IRS (1) did not have a 
comprehensive business strategy to cost-effectively reduce 
paper tax return filings; (2) had not yet fully developed and 
put in place the requisite management, software development, 
and technical infrastructure necessary to successfully 
implement its ambitious, world-class modernization; and (3) 
lacked an overall systems architecture, or blueprint, to guide 
the modernization's development and evolution.\4\ At that time, 
we made over a dozen recommendations to the IRS Commissioner to 
address these weaknesses.
---------------------------------------------------------------------------
    \4\ Tax Systems Modernization: Management and Technical Weaknesses 
Must Be Corrected If Modernization Is to Succeed (GAO/AIMD-95-156, July 
26, 1995).
---------------------------------------------------------------------------
    Pursuant to subsequent congressional direction, we assessed 
IRS' actions to correct its management and technical 
weaknesses. We reported in June and September 1996 that IRS had 
initiated many activities to improve its modernization efforts 
but had not yet fully implemented any of our 
recommendations.\5\ We also suggested to Congress that it 
consider limiting modernization funding exclusively to cost-
effective efforts that (1) support ongoing operations and 
maintenance; (2) correct IRS' pervasive management and 
technical weaknesses; (3) are small, represent low technical 
risk, and can be delivered quickly; and (4) involve deploying 
already developed and fully tested systems that have proven 
business value and are not premature given the lack of a 
completed architecture.
---------------------------------------------------------------------------
    \5\ Tax Systems Modernization: Actions Underway But IRS Has Not Yet 
Corrected Management and Technical Weaknesses (GAO/AIMD-96-106, June 7, 
1996) and Tax Systems Modernization: Actions Underway But Management 
and Technical Weaknesses Not Yet Corrected (GAO/T-AIMD-95-165, Sept. 
10, 1996).
---------------------------------------------------------------------------
    IRS has taken steps to address our recommendations and 
respond to congressional direction. For example, IRS hired a 
new Chief Information Officer. It also created an investment 
review board to select, control, and evaluate its information 
technology investments. Thus far, the board has reevaluated and 
terminated several major modernization development projects 
that were not found to be cost-effective. In addition, IRS 
provided a report to Congress in November 1996 that set forth 
IRS' strategic plan and its schedule for shifting modernization 
development and deployment to contractors.
     IRS is also finalizing a comprehensive strategy to 
maximize electronic filing that is currently scheduled for 
completion in May 1997. It is also updating its system 
development life cycle methodology and is working across 
various IRS organizations to define disciplined processes for 
software requirements management, quality assurance, 
configuration management, and project planning and tracking. 
Additionally, IRS is developing a systems architecture and 
project sequencing plan for the modernization and intends to 
provide this to Congress by May 15, 1997.
    While we recognize IRS' actions, we remain concerned 
because much remains to be done to fully implement essential 
improvements. Increasing the use of contractors, for example, 
will not automatically increase the likelihood of successful 
modernization because IRS does not have the technical 
capability needed to manage all of its current contractors. To 
be successful, IRS must also continue to make a concerted, 
sustained effort to fully implement our recommendations and 
respond effectively to the requirements outlined by Congress. 
It will take both management commitment and technical 
discipline for IRS to accomplish these tasks.

Financial Management

    Our audits of IRS' financial statements have outlined the 
substantial improvements needed in IRS' accounting and 
reporting in order to comply fully with the requirements of the 
Chief Financial Officers Act of 1990 (CFO Act). The audits for 
fiscal years 1992 through 1995 have described IRS' difficulties 
in (1) properly accounting for its tax revenues, in total and 
by reported type of tax; (2) reliably determining the amount of 
accounts receivable owed for unpaid taxes; (3) regularly 
reconciling its Fund Balance With Treasury accounts; and (4) 
either routinely providing support for receipt of the goods and 
services it purchases or, where supported, accurately recording 
the purchased item in the proper period.
    IRS has made progress in addressing problems in these areas 
and has developed an action plan, with specific timetables and 
deliverables, to address the issues our financial statement 
audits have identified. In the administrative accounting area, 
for example, IRS reported that it has identified substantially 
all of the reconciling items for its Fund Balance With Treasury 
accounts, except for certain amounts IRS has deemed not to be 
cost-beneficial to research further. It also has successfully 
transferred its payroll processing to the Department of 
Agriculture's National Finance Center and has begun designing 
both a short-term and a long-term strategy to fix the problems 
that contribute to its nonpayroll expenses being unsupported or 
reported in the wrong period.
    In the revenue accounting area, IRS' problems are 
especially affected and complicated by automated data 
processing systems that were implemented many years ago and 
thus not designed to support the new financial reporting 
requirements imposed by the CFO Act. Therefore, IRS has 
designed an interim solution to capture the detailed support 
for revenue and accounts receivable until longer-term solutions 
can be identified and implemented. Some of the longer-term 
actions include (1) implementing software, hardware, and 
procedural changes needed to create reliable subsidiary 
accounts receivable and revenue records that are fully 
integrated with the general ledger; and (2) implementing 
software changes that allow the detailed taxes reported to be 
maintained separately from the results of compliance efforts 
that would not be valid financial reporting transactions in the 
masterfile, other related revenue accounting feeder systems, 
and the general ledger.
    Over the past 4 years, we have made numerous 
recommendations to improve IRS' financial management systems 
and reporting, and IRS has been working to position itself to 
have more reliable financial statements for fiscal year 1997 
and thereafter. To accomplish this, especially in accounting 
for revenue and the related accounts receivables, IRS will need 
to institute long-term solutions involving reprogramming 
software for IRS' antiquated systems and developing new systems 
as required.
    Follow-through to complete necessary corrective measures is 
essential if IRS is to ensure that its corrective actions are 
carried out and effectively solve its financial management 
problems. Solving these problems is fundamental to providing 
reliable financial information and ensuring taxpayers that the 
government can properly account for their federal tax dollars. 
The accuracy of IRS' financial statements is vital to both IRS 
and Congress for (1) ensuring adequate accountability for IRS 
programs; (2) assessing the impact of tax policies; and (3) 
measuring IRS' performance and cost effectiveness in carrying 
out its numerous tax enforcement, customer service, and 
collection activities.

Accounts Receivable

    IRS routinely collects over a trillion dollars annually in 
taxes, but many taxpayers are unable or unwilling to pay their 
taxes when due. As a result, IRS estimates that its accounts 
receivable amounts to tens of billions of dollars. 
Unfortunately, IRS' ability to effectively address its accounts 
receivable problems is seriously hampered by its outdated 
equipment and processes, incomplete information needed to 
better target collection efforts, and the absence of a 
comprehensive strategy and detailed plan to address the 
systemic nature of the underlying problems.
    IRS' collection efforts have also been hampered by the age 
of the delinquent tax accounts. Because of the outdated 
equipment and processes used to match tax returns and related 
information documents, it can take IRS several years to 
identify potential delinquencies and then initiate collection 
actions. In addition, according to IRS, the 10-year statutory 
collection period generally precludes it from writing off 
uncollectible receivables until that period has expired. As a 
result, the receivables inventory includes many relatively old 
accounts that will never be collected because the taxpayers are 
deceased or the companies defunct.
    This is not to say, however, that IRS has not been trying 
to overcome its deficiencies. In the last 2 years, IRS has 
undertaken initiatives to correct errors in its masterfile 
records of tax receivables, develop profiles of delinquent 
taxpayers, and study the effectiveness of various collection 
techniques. It has also streamlined its collection process, 
placed additional emphasis on contacting repeat delinquents, 
made its collection notices more readable, and targeted 
compliance-generated delinquencies for earlier intervention.
    IRS reported that, as a result of taking these actions, its 
collection employees took in more money than they classified as 
``currently not collectible'' and that the amount of money 
collected immediately following the revision of its collection 
notices increased by almost 25 percent over a comparable period 
in 1995. In addition, IRS reported collecting more in 
delinquent taxes in fiscal year 1996 than it ever has, almost 
$30 billion.
    Despite these positive results, IRS needs to continue the 
development of information databases and performance measures 
to afford its managers the data needed to determine which 
actions or improvements generate the desired changes in IRS' 
programs and operations. And, this should not be looked upon as 
a short-term commitment. It will still take a number of years 
to identify the root causes of delinquencies and to develop, 
test, and implement courses of action to deal with the causes. 
Furthermore, once the analyses and planning are completed, it 
will still be some time before full results of the new 
initiatives are realized.
    Therefore, IRS must take deliberate action to ensure that 
its problem-solving efforts are on the right track. 
Specifically, it needs to implement a comprehensive strategy 
that involves all aspects of IRS' operations and that sets 
priorities; accelerates the modernization of outdated equipment 
and processes; and establishes realistic goals, specific 
timetables, and a system to measure progress.

Filing Fraud

    When we first identified filing fraud as a high-risk area 
in February 1995, the amount of filing fraud being detected by 
IRS was on an upward spiral. Since then, IRS has introduced new 
controls and expanded existing controls in an attempt to reduce 
its exposure to filing fraud. Those controls are directed 
toward either (1) preventing the filing of fraudulent returns 
or (2) identifying questionable returns after they have been 
filed.
    To deter the filing of fraudulent returns, IRS (1) expanded 
the number of up-front filters in the electronic filing system 
designed to screen electronic submissions for selected problems 
in order to prevent returns with those problems from being 
filed electronically and (2) strengthened the process for 
checking the suitability of persons applying to participate in 
the electronic filing program as return preparers or 
transmitters by requiring fingerprint and credit checks.
    To better identify fraudulent returns once they have been 
filed, IRS placed an increased emphasis in 1995 on validating 
social security numbers (SSN) on filed paper returns and 
delayed any related refunds to allow time to do those 
validations and to check for possible fraud. IRS also revised 
the computerized formulas it used to score all tax returns as 
to their fraud potential and upgraded the research capabilities 
of its fraud detection staff.
    IRS' efforts produced some positive results. For example, 
the number of SSN problems identified by the electronic filing 
filters quadrupled between 1994 and 1995, and about 350 persons 
who applied to participate in the electronic filing program for 
1995 were rejected because they failed the new fingerprint and 
credit checks. IRS' efforts to validate SSNs on paper returns 
produced over $800 million in reduced refunds or additional 
taxes. Unfortunately, IRS identified many more SSN problems 
than it was able to deal with and released about 2 million 
refunds without resolving the problems.
    IRS was less successful in identifying fraudulent returns, 
identifying over 65 percent fewer fraudulent returns in 1996 
than during a comparable period in 1995. IRS believes this 
decrease is attributable to a 31-percent reduction in its fraud 
detection staff and the resulting underutilization of its 
Electronic Fraud Detection System, which enhances the 
identification of fraudulent returns and lessens the 
probability of improperly deleting accurate refunds. However, 
IRS does not have the information it needs to verify that the 
decline was the result of staff reductions or to determine the 
extent to which the downward trend may have been affected by 
changes in the program's operating and reporting procedures or 
by a general decline in the incidence of fraud.
    Given the decrease in fraud detection staff, it is 
critically important for IRS to (1) optimize the electronic 
controls that are intended to prevent the filing of fraudulent 
returns and (2) maximize the effectiveness of available staff. 
Modernization is the key to achieving these objectives, and 
electronic filing is the cornerstone of that modernization. One 
solution, then, is to increase the percentage of returns filed 
electronically. To achieve this goal, IRS must first identify 
those groups of taxpayers who offer the greatest opportunity to 
reduce IRS' paper-processing workload and operating costs if 
they were to file electronically. IRS must then develop 
strategies that focus its resources on eliminating or lessening 
impediments that inhibit those groups from participating in the 
program.

Information Security

    Malicious attacks on computer systems are an increasing 
threat to our national welfare. The federal government now 
relies heavily on interconnected systems to control critical 
functions which, if compromised, place billions of dollars 
worth of assets at risk of loss and vast amounts of sensitive 
data at risk of unauthorized disclosure. Increasing reliance on 
networked systems and electronic records has elevated our 
concerns about the possibility of serious disruption to 
critical federal operations.
    As a result of our recent work at IRS, we believe that the 
vulnerabilities of IRS' computer systems may affect the 
confidentiality and accuracy of taxpayer data and may allow 
unauthorized access, modification, or destruction of taxpayer 
information. The overriding problem at IRS is that information 
security issues are addressed on a reactive basis. IRS does not 
have a proactive, independent information security group that 
systematically reviews the adequacy and consistency of security 
over IRS' computer operations. In addition, computer security 
management has not completed a formal risk assessment of its 
systems to determine system sensitivity and vulnerability. As a 
result, IRS cannot effectively prevent or detect unauthorized 
browsing of taxpayer information and cannot ensure that 
taxpayer data is not being improperly manipulated for personal 
gain.
    IRS needs to address its information security weaknesses on 
a continuing basis. More specifically, IRS needs to impress 
upon its senior managers the need to conduct regular systematic 
security reviews and risk assessments of IRS' computer systems 
and operations. The weaknesses identified by these reviews and 
assessments then need to be corrected expeditiously by 
personnel who have the technical expertise to effectively 
implement, manage, and monitor the necessary security controls 
and measures.

The Year 2000 Problem

    For the past several decades, computer systems have used 
two digits to represent the year, such as ``97'' for 1997, in 
order to conserve electronic data storage and reduce operating 
costs. In this format, however, the year 2000 is 
indistinguishable from the year 1900 because both are 
represented as ``00.'' As a result, if not modified, computer 
systems and applications that use dates or perform date- or 
time-sensitive calculations may generate incorrect results 
beyond 1999.
    For IRS, such a disruption of functions and services could 
jeopardize all of its tax processing systems and 
administration. It could effectively halt the processing of tax 
return and return-related information, the maintenance of 
taxpayer account information, the assessment and collection of 
taxes, the recording of obligations and expenditures, and the 
disbursement of refunds. At the very least, IRS' core business 
functions and mission-critical processes are at risk of 
failure, as is numerous other administrative and management 
processes.
    To avoid the crippling effects of a multitude of computer 
systems simultaneously producing inaccurate and unreliable 
information, IRS must assign management and oversight 
responsibility within its senior executive corps, define the 
potential impact of such a systems failure, and develop 
appropriate renovation strategies and contingency plans for its 
critical systems. Modifying IRS' critical computer systems is a 
massive undertaking whose success or failure will, in large 
part, be determined by the quality of IRS' executive leadership 
and program management.

                            Summary Outlook

    For years, IRS has struggled to collect the nation's tax 
revenue using outdated processes and technology. The result has 
often been inefficient and ineffective programs and operations 
that are vulnerable to waste, fraud, abuse, and mismanagement. 
Of particular concern to us have been IRS' efforts to modernize 
its tax systems, manage its administrative and revenue 
accounting systems, identify and collect taxes owed the 
government, detect and prevent the filing of fraudulent tax 
returns, protect the confidentiality of taxpayer information, 
and prevent the future disruption of tax services due to 
computer malfunctions.
    These areas of concern share common characteristics that 
IRS must address in the very near future. At a minimum, IRS 
needs an implementation strategy that includes both performing 
cost-benefit analyses and developing reasonable estimates of 
the extent, time frames, and resources required to correct its 
high-risk vulnerabilities. IRS also needs to (1) better define, 
prioritize, implement, and manage new information systems; (2) 
ensure that its administrative and revenue accounting systems 
fully comply with government accounting standards; (3) design 
and implement both administrative and electronic controls to 
protect taxpayer data from unauthorized access; and (4) develop 
performance measures that will allow its managers, Congress, 
and us to track its progress. And, above all, IRS management 
needs to sustain an agencywide commitment to solving the 
agency's high-risk problems.
    Madam Chairman, this concludes my prepared statement. We 
will be glad to answer any questions that you or the Members of 
the Subcommittee may have.
      

                                

    Chairman Johnson. Thank you, Ms. Willis.
    Ms. Ross.

 STATEMENT OF JANE L. ROSS, DIRECTOR, INCOME SECURITY ISSUES, 
 HEALTH, EDUCATION, AND HUMAN SERVICES DIVISION, U.S. GENERAL 
                       ACCOUNTING OFFICE

    Ms. Ross. Good morning. I am pleased to be here to discuss 
the Supplemental Security Income Program and our decision to 
designate it as one of our high-risk areas. As you know, the 
SSI Program provides means tested income support payments to 
eligible aged, blind, and disabled persons.
    Before I discuss SSI's vulnerabilities, let me give you a 
little background on the program. SSI was enacted in 1974. It 
is almost entirely financed by Federal taxes, and it is run by 
the Social Security Administration. SSI now has about 6.6 
million recipients who receive benefits totaling over $27 
billion a year, virtually all of which are Federal dollars.
    While you may not hear as much about SSI as other welfare 
programs such as AFDC or food stamps, the dollars spent on SSI 
are larger than those spent on AFDC, and are about the same as 
those spent on food stamps. In other words, SSI is a major 
Federal welfare program.
    There are several longstanding problems in SSI that caused 
us to designate the program as high risk. These problems 
involve the methods SSA uses to verify recipients' initial and 
continuing eligibility for SSI benefits, and the Agency's 
efforts to get SSI recipients into the work force.
    These deficiencies have placed the program at considerable 
risk and contributed to significant annual increases in 
overpayments. During 1996, SSA had $2.3 billion in SSI 
overpayments that was owed to them, including almost $900 
million in newly detected overpayments during the year. The 
Agency was successful in recovering only 15 percent of the 
amount they were owed.
    This morning I want to give you a better understanding of 
why we consider SSI a high-risk program, by discussing just one 
area of vulnerability: The way in which SSA determines whether 
individuals are financially eligible for the program.
    Individuals cannot have income greater than $484 a month, 
nor have resources worth more than $2,000, in order to qualify. 
Applicants have to tell all about their income sources, as well 
as information on assets, marital status, living arrangements, 
and any changes in those things, including whether you become 
incarcerated or become a resident in a nursing home.
    To verify that the information provided by recipients is 
accurate, SSA generally relies on matching data from other 
Federal and State agencies, such as VA benefits data and State 
unemployment data. SSA needs accurate and timely information 
because it is much easier to prevent overpayments than to 
recover them later.
    However, we have found that the data from computer matches 
is often quite old and incomplete. For example, computer 
matches in the employment and earned income area are from 6 to 
21 months old, so that overpayments accrue for at least that 
long before collection actions can begin.
    Another weakness in this process is that SSA does not 
conduct some matches which actually might detect overpayments. 
For example, SSA has not matched its data with AFDC records to 
detect SSI recipients who may be receiving benefits from that 
source.
    Our work in the last few years suggests that recipients do 
not always report required information when they should, and 
may not report it at all. For example, last year we reported 
that about 3,000 current and former prisoners in 13 of the 
Nation's largest county and local jails had been erroneously 
paid millions of dollars in SSI benefits, mainly because SSA 
lacked timely and complete information on their incarceration.
    Also, some recipients may be making false reports. SSA 
staff have indicated that reports of changes in living 
arrangements are frequently subject to abuse. One common 
scenario involves recipients who become eligible for SSI 
benefits and shortly thereafter report to SSA that they have 
separated from their spouse and are living in separate 
residences. SSA field staff suspects that these reported 
changes occur as recipients become aware that separate living 
arrangements will substantially increase their monthly 
benefits.
    To obtain more timely and accurate recipient data, SSA is 
currently testing the use of online access to State databases 
to supplement the information it already receives. Online 
access provides direct connections between SSA's computers and 
the computers maintained by certain State agencies. Data can be 
obtained by SSA staff as soon as it is requested and used to 
verify the amount of AFDC or other benefit income.
    We believe that nationwide use of online access to State 
computerized income data could prevent or more quickly detect 
about $130 million in overpayments each year. Although some 
States can currently provide online access to their data 
inexpensively and easily, SSA has moved too slowly in this 
area.
    In addition to State data, online access to other Federal 
agencies' data may also greatly help SSA, but SSA has moved 
slowly in this area, as well. Overall, SSA is not sufficiently 
alert to current problems in verifying data related to 
financial eligibility, nor sufficiently active in pursuing new 
techniques to mitigate these problems.
    Let me conclude at this point. The problems we have 
identified in the SSI Program are long standing and have 
contributed to billions of tax dollars being overpaid to 
recipients. They have also served to compromise the integrity 
of the program and reinforce public perceptions that the SSI 
Program pays benefits to too many people for too long.
    Although many of the changes recently enacted by the 
Congress or implemented by SSA may result in improvements, the 
underlying problems still exist. In light of welfare reform, 
the importance of having tight controls on SSI is even greater. 
As time limits and work requirements begin to be felt, it is 
likely that both individuals and States will look for 
opportunities to move people onto the SSI roles.
    Our work has shown that SSI's vulnerability is due both to 
problems in program design and inadequate SSA management 
attention to the program. Revising SSA's approach to managing 
the program will require sustained attention and direction at 
the highest levels of the Agency.
    One challenge for the new SSA Commissioner will be to focus 
greater Agency attention on management of SSI and the future 
viability and integrity of the program. This completes my 
statement.
    [The prepared statement follows:]

Statement of Jane L. Ross, Director, Income Security Issues, Health, 
Education, and Human Services Division, U.S. General Accounting Office

    Madame Chairman and Members of the Subcommittee:
    I am pleased to be here to discuss the Social Security 
Administration's (SSA) Supplemental Security Income (SSI) 
program and our decision to designate the program one of our 
high-risk areas. As you know, the SSI program provides means-
tested income support payments to eligible aged, blind, or 
disabled people. Since the program's inception in 1974, the 
number of individuals receiving SSI cash benefits has grown 
significantly. About 6.6 million recipients now receive roughly 
$22 billion in federal benefits. In the past several years, a 
major reason for growth in the SSI rolls has been an increasing 
number of younger recipients with mental impairments who have 
limited work histories. Rapid growth in the number of children 
receiving SSI benefits has further contributed to changes in 
the program's character. The increased number and diversity of 
SSI recipients has spurred criticism that the SSI program is 
increasingly susceptible to fraud, waste, and abuse. Through 
our work, we have also demonstrated that the SSI program has 
been adversely affected by internal control weaknesses, complex 
policies, and insufficient management attention. (A list of 
related GAO products dealing with SSI program vulnerabilities 
appears at the end of this statement).
    Today, I would like to discuss several long-standing 
problems in SSI that have caused us to designate the program as 
high risk. These problems involve the methods SSA uses to 
verify recipients' initial and continuing eligibility for SSI 
benefits and the agency's efforts to get SSI recipients into 
the workforce. These deficiencies have placed the program at 
considerable risk and contributed to significant annual 
increases in overpayments to SSI recipients. Overpayments 
include payments to people ineligible for the program, as well 
as to those receiving higher benefit payments than their income 
and assets warrant. During 1996, SSA had $2.3 billion in 
overpayments that was owed to the agency, including $895 
million in newly detected overpayments during the year. In that 
year, the agency was successful in recovering only $357 million 
of the total outstanding debt.
    To briefly summarize our findings, the SSI program has had 
significant problems in determining initial and continuing 
financial eligibility because of the agency's reliance on 
individuals' own reports of their income and resources and 
failure to thoroughly check this information. Moreover, the 
judgmental nature of SSA's disability determination process and 
SSA's past failure to adequately review SSI recipients to 
determine whether they remain disabled have also exposed the 
program to fraud, waste, and abuse. Finally, SSA is at risk of 
paying some SSI recipients benefits for too long because it has 
not adequately addressed their special vocational 
rehabilitation needs nor developed an agencywide strategy for 
helping recipients who can enter the workforce. The Congress 
has recently made several changes that address program 
eligibility issues and increase the frequency of SSA's 
continuing eligibility reviews. SSA has also begun addressing 
its program vulnerabilities and has made the prevention of 
fraud and abuse a part of its plan for rebuilding public 
confidence in the agency. However, our concerns about 
underlying SSI program vulnerabilities and the level of 
management attention devoted to these vulnerabilities continue. 
As part of our high-risk work, we are continuing to evaluate 
the underlying causes of long-standing SSI problems and the 
actions necessary to address them.

                               Background

    SSI provides cash benefits to low-income aged, blind, or 
disabled people. Currently, the aged SSI population is roughly 
1.4 million and the blind and disabled population more than 5.2 
million. Those who are applying for benefits on the basis of 
age must be age 65 or older and be financially eligible for 
benefits; those who are applying for disability benefits must 
qualify on the basis of two criteria: financial and disability 
eligibility. To qualify for benefits financially, individuals 
may not have income greater than the current maximum monthly 
SSI benefit level of $484 ($727 for a couple) or have resources 
worth more than $2,000 ($3,000 for a couple). To be qualified 
as disabled, applicants must be unable to engage in any 
substantial gainful activity because of an impairment expected 
to result in death or last at least 12 months.
    The process SSA uses to determine an applicant's financial 
eligibility for SSI benefits involves an initial determination 
when someone first applies and periodic reviews to determine 
whether the recipient remains eligible. SSI recipients are 
required to report significant events that may affect their 
financial eligibility for benefits, including changes in 
income, resources, marital status, or living arrangements, such 
as incarceration or residence in a nursing home. To verify that 
the information provided by a recipient is accurate, SSA 
generally relies on matching data from other federal and state 
agencies, including the Internal Revenue Service form 1099 
information, Department of Veterans Affairs benefits data, and 
state-maintained earnings and unemployment benefits data. When 
SSA staff find discrepancies between income and assets claimed 
by a recipient and the data from other agencies, they send 
notices to SSA field offices to investigate further.
    To determine a person's qualifications for SSI as a 
disabled person, SSA must determine the individual's capacity 
to work as well as his or her financial eligibility. To 
determine whether an applicant's impairment qualifies him or 
her for SSI benefits, SSA uses state Disability Determination 
Services (DDS) to make the initial assessment. Once a recipient 
begins receiving benefits, SSA is required to periodically 
conduct Continuing Disability Reviews (CDR) to determine 
whether a recipient's condition remains disabling.
    Regarding returning recipients to work, the Social Security 
Act states that to the maximum extent possible, individuals 
applying for disability benefits should be rehabilitated into 
productive activity. To this end, SSA is required to refer SSI 
recipients to state vocational rehabilitation agencies for 
services intended to prepare them for returning to work. The 
act also provides various work incentives to safeguard cash and 
medical benefits while a recipient tries to return to work.

   SSA Pays Inadequate Attention to Verifying Recipients' Financial 
                              Eligibility

    To correctly determine an individual's initial and 
continuing financial eligibility, SSA needs accurate and timely 
information because it is much easier to prevent overpayments 
than to recover them. SSA tries to get this information 
directly from applicants and recipients but also supplements 
this data through the use of computer matches with other 
federal and state agencies. To do this, SSA compares federal 
and state data with information claimed by SSI applicants. In 
many instances, these matches allow SSA to detect information 
that SSI recipients fail to report; in other cases, they 
provide more accurate information. However, our prior reviews 
have found that data from computer matches are often quite old 
and sometimes incomplete. For example, computer matches for 
earned income rely on data that are from 6 to 21 months old, 
allowing overpayments to accrue for this entire period before 
collection actions can begin. This puts SSI at risk because it 
collects only about 15 percent of outstanding overpayments. 
Another weakness in this process is that SSA does not conduct 
some matches that could help to detect additional overpayments. 
For example, SSA has not matched data from Aid to Families With 
Dependent Children (AFDC) to detect SSI recipients who may be 
receiving benefits from this program.
    Our work in the last few years suggests that recipients do 
not always report required information when they should and may 
not report it at all. For example, last year we reported that 
about 3,000 current and former prisoners in 13 county and local 
jails had been erroneously paid $5 million in SSI benefits, 
mainly because SSA lacked timely and complete information on 
their incarceration. Recipients or their representative payees 
did not report the incarceration to SSA as required, and SSA 
had not arranged for localities to report such information. SSA 
told us that it has begun a program to identify SSI recipients 
in jails who should no longer be receiving benefits.
    Our ongoing SSI work is identifying similar program 
problems and weaknesses as those noted in prior reports. For 
example, SSA staff have indicated that recipients' reporting of 
changes in living arrangements is frequently subject to abuse. 
One common scenario involves recipients who become eligible for 
SSI benefits and shortly thereafter report to SSA that they 
have separated from their spouse and are living in separate 
residences. SSA field staff suspect that these reported changes 
in living arrangements take place because recipients become 
aware that separate living arrangements will substantially 
increase their monthly benefits. Another ongoing study of SSI 
recipients admitted to nursing homes has found that despite SSA 
procedures and recent legislation to encourage reporting such 
living arrangement changes, thousands of SSI recipients in 
nursing homes continue to receive full benefits, resulting in 
millions of dollars in overpayments each year. This happens 
because recipients and nursing homes do not report changes in 
living arrangements and because computer matches with 
participating states to detect nursing home admissions are not 
done in a timely manner and are often incomplete. Consequently, 
these admissions and the resulting overpayments are likely to 
go undetected for long time periods.
    In a final area related to financial eligibility, we 
recently reported that between 1990 and 1994, approximately 
3,500 SSI recipients transferred ownership of resources, such 
as cash, houses, land, and other items valued at an estimated 
$74 million to qualify for SSI benefits. This figure represents 
only transfers of resources that recipients actually told SSA 
about. Although these transfers are legal, using them to 
qualify for SSI benefits raises serious questions about SSA's 
ability to protect taxpayer dollars from waste and abuse and 
may undermine the public's confidence in the program. SSA has 
acknowledged and supports the need to work with the Congress to 
develop legislation to address this problem.
    To obtain more timely and accurate recipient data, SSA is 
currently testing the use of online access to state databases 
to supplement the information it receives. Online access 
provides direct connections between SSA's computers and the 
databases maintained by certain state agencies. Data can be 
obtained immediately by SSA staff as soon as requested and used 
for a variety of purposes, including verifying the amount of 
AFDC or other benefit income a client reports. After reviewing 
this SSA initiative, we concluded that nationwide use of online 
access to state computerized data could prevent or more quickly 
detect about $130 million in overpayments due to unreported or 
underreported income in one 12-month period. Online access 
could save program dollars by controlling overpayments and 
reducing the administrative expense of trying to recover them. 
In responding to our review, SSA noted that it was exploring 
options for expanding online access and was examining the cost-
effectiveness of doing so. Although some states can currently 
provide online access to their data inexpensively and easily, 
SSA has moved slowly in this area. In addition to state data, 
online access to other federal agencies' data may help SSA save 
program dollars. SSA has also moved slowly in this area, 
however.

  Program Vulnerabilities Are Associated with Determining Disability 
                              Eligibility

    In addition to financial eligibility, for those who apply 
for disability benefits, SSA must also determine their 
disability eligibility or their capacity to work. SSA's lengthy 
and complicated disability decision-making process results in 
untimely and inconsistent decisions. Adjudicators at all levels 
of this process have to make decisions about recipients' work 
capacity on the basis of complex and often judgmental 
disability criteria. Determining disability eligibility became 
increasingly difficult in the early 1990s as younger 
individuals with mental impairments began to apply for benefits 
in greater numbers. Generally, mental impairments are difficult 
to evaluate, and the rates of award are higher for these 
impairments than for physical impairments.
    SSA's processes and procedures for determining disability 
have placed the SSI program at particular risk for fraud, 
waste, and abuse. For example, in 1995, we reported that SSA's 
ability to ensure reasonable consistency in administering the 
program for children with behavioral and learning disorders had 
been limited by the subjectivity of certain disability 
criteria. To address these problems, recent welfare reform 
legislation included provisions to tighten the eligibility 
rules for childhood disability and remove children from the 
rolls who have qualified for SSI on the basis of less 
restrictive criteria. It is too early, however, to tell what 
impact the new legislation will ultimately have on SSI benefit 
payments and SSA's ability to apply consistent disability 
policies to this population.
    In addition, we reported in 1995 that middlemen were 
facilitating fraudulent SSI claims by providing translation 
services to non-English-speaking individuals who were applying 
for SSI. These middlemen were coaching SSI claimants on 
appearing mentally disabled, using dishonest health care 
providers to submit false medical evidence to those determining 
eligibility for benefits, and providing false medical 
information on claimants' medical and family history. In one 
state alone, a middleman arrested for fraud had helped at least 
240 people obtain $7 million in SSI benefits. SSI's 
vulnerability to fraudulent applications involving middlemen 
was the result of the lack of a comprehensive strategy for 
keeping ineligible applicants off the SSI rolls, according to 
our review. SSA told us that half of all SSI field office 
recent hires are bilingual, a step that it believes will reduce 
the involvement of fraudulent middlemen.
    In light of the difficulty of determining disability and 
SSI's demonstrated vulnerability to fraud and manipulation, 
periodic reviews are essential to ensure that recipients are 
disabled. Our work has shown, however, that SSA has not placed 
adequate emphasis on CDRs of SSI cases. In 1996, we reported 
that many recipients received benefits for years without having 
any contact with SSA about their disability. We also noted that 
SSA performed relatively few SSI CDRs until the Congress 
mandated in 1994 that it conduct such reviews. Furthermore, 
SSA's processes for identifying and reviewing cases for 
continuing eligibility did not adequately target recipients 
with the greatest likelihood for medical improvement.
    Currently, SSA is implementing new review requirements in 
the welfare reform law. In addition, SSA had about 2\1/2\ 
million required CDRs due or overdue in the Disability 
Insurance (DI) program and 118,000 SSI CDRs due or overdue as 
of 1996. Despite the importance of CDRs for ensuring SSI 
program integrity, competing workloads from implementing 
welfare reform legislation will challenge SSA in completing the 
required number of SSI CDRs.

  SSA Has not Emphasized Return to Work and Vocational Rehabilitation

    As mentioned previously, the Social Security Act states 
that as many people as possible who are applying for disability 
benefits should be rehabilitated into productive activity. We 
have found, however, that SSA places little priority on helping 
recipients move off the SSI rolls by obtaining employment. Yet, 
if only a small proportion of recipients were to leave the SSI 
rolls by returning to work, the savings in lifetime cash 
benefits would be significant.
    Technological and societal changes in the last decade have 
raised the possibility of more SSI recipients returning to 
work. For example, technological advances, such as standing 
wheelchairs and synthetic voice systems, have made it easier 
for people with disabilities to enter the workplace. 
Legislative changes, such as the Americans With Disabilities 
Act, and social changes, such as an increased awareness of the 
economic contributions of individuals with disabilities, have 
also enhanced the likelihood of these individuals finding jobs. 
During the past decade, the proportion of middle-aged SSI 
recipients has steadily increased. Specifically, the number of 
SSI recipients between the ages of 30 and 49 has increased from 
36 percent in 1986 to about 46 percent in 1995 to about 1.6 
million people. Thus, many SSI recipients have many productive 
years in which to contribute to the workforce.
    Despite these factors, SSA has missed opportunities to 
promote work among disabled SSI recipients. In 1972, the 
Congress created the plan for achieving self-support (PASS) to 
help low-income individuals with disabilities return to work. 
The program allows SSI recipients to receive higher monthly 
benefits by excluding from their SSI eligibility and benefit 
calculations any income or resources used to pursue a work 
goal. SSA pays about $30 million in additional cash benefits 
annually to PASS program participants. Despite these cash 
outlays, almost none of the participants leave the rolls by 
returning to work.
    SSA has poorly implemented and managed the PASS program. In 
particular, SSA has developed neither a standardized 
application containing essential information on the applicant's 
disability, education, and skills nor ways to measure program 
effectiveness. We have recommended that SSA act on several 
fronts to control waste and abuse and evaluate the effect of 
PASS on recipients' returning to work. In general, SSA has 
agreed with our recommendations and taken some steps to more 
consistently administer the PASS program.
     In the past several months, however, several efforts have 
begun to place a greater emphasis on returning disabled people 
to work. The administration is seeking statutory authority to 
create a voucher system that recipients could voluntarily use 
to get rehabilitation and employment services from public or 
private providers and is also seeking legislation to extend 
medical coverage for recipients who return to work. The 
Congress has also put forth several proposals in these areas.

                               Conclusion

    The problems we have identified in the SSI program are 
long-standing and have contributed to billions of tax dollars 
being overpaid to recipients. They have also served to 
compromise the integrity of the program and reinforce public 
perceptions that the SSI program pays benefits to too many 
people for too long. Although many of the changes recently 
enacted by the Congress or implemented by SSA may result in 
improvements, the underlying problems still exist.
    Our work has shown that SSI's vulnerability is due both to 
problems in program design and inadequate SSA management 
attention to the program. Revising SSA's approach to managing 
the program will require sustained attention and direction at 
the highest levels of the agency as well as actively seeking 
the cooperation of the Congress in improving the program's 
operations and eligibility rules. One challenge for the new SSA 
Commissioner will be to focus greater agency attention on 
management of SSI and the future viability and integrity of 
this program.
    This concludes my prepared statement. I will be happy to 
respond to any questions you or other members of the 
Subcommittee may have.

For more information on this testimony, please call Jane Ross 
on (202) 512-7230 or Roland Miller, Assistant Director, on 
(202) 512-7246.

                          Related GAO Products

    Social Security Disability: Improvements Needed to Continuing 
Disability Review Process (GAO/HEHS-97-1, Oct. 16, 1996).
    Supplemental Security Income: SSA Efforts Fall Short in Correcting 
Erroneous Payments to Prisoners (GAO/HEHS-96-152, Aug. 30, 1996).
    Supplemental Security Income: Administrative and Program Savings 
Possible by Directly Accessing State Data (GAO/HEHS-96-163, Aug. 29, 
1996).
    SSA Disability: Return-to-Work Strategies From Other Systems May 
Improve Federal Programs (GAO/HEHS-96-133, July 11, 1996).
    Social Security: Disability Programs Lag in Promoting Return to 
Work (GAO/T-HEHS-96-147, June 5, 1996).
    SSA Disability: Program Redesign Necessary to Encourage Return to 
Work (GAO/HEHS-96-62, Apr. 24, 1996).
    Supplemental Security Income: Some Recipients Transfer Valuable 
Resources to Qualify for Benefits (GAO/HEHS-96-79, Apr. 30, 1996).
    PASS Program: SSA Work Incentive for Disabled Beneficiaries Poorly 
Managed (GAO/HEHS-96-51, Feb. 28, 1996).
    Supplemental Security Income: Disability Program Vulnerable to 
Applicant Fraud When Middlemen Are Used (GAO/HEHS-95-116, Aug. 31, 
1995).
    Social Security: New Functional Assessments for Children Raise 
Eligibility Questions (GAO/HEHS-95-66, Mar. 10, 1995).
      

                                

    Chairman Johnson. Thank you very much.
    Ms. Aronovitz.

 STATEMENT OF LESLIE G. ARONOVITZ, ASSOCIATE DIRECTOR, HEALTH 
  FINANCING AND SYSTEMS ISSUES, HEALTH, EDUCATION, AND HUMAN 
       SERVICES DIVISION, U.S. GENERAL ACCOUNTING OFFICE

    Ms. Aronovitz. Thank you. Good morning, Chairman Johnson, 
and Members of the Subcommittee. We are pleased to be here 
today to discuss efforts to fight fraud and abuse in the 
Medicare Program. As you know, while changes to Medicare are 
being sought to help control program costs, the Congress is 
concerned that billions of dollars are lost to fraudulent and 
wasteful claims.
    Today I would like to address Medicare's fee-for-service 
and managed care programs, their problems, recent initiatives 
to address them, and several remaining concerns.
    First, in Medicare's fee-for-service program, HCFA and its 
claims processing contractors have struggled to carry out 
critical claims review and provider audit activities with a 
declining budget. Claims have climbed 70 percent over the last 
7-year period, while the amount contractors could spend on 
claims review shrank, in today's dollars, from 74 cents per 
claim to 38 cents per claim.
    The effect of inadequate funding on contractors' reviews of 
claims has been felt. Take home health, for instance. In 1986 
and 1987, contractors reviewed 62 percent of home health claims 
processed. By 1989, however, HCFA lowered the contractors' 
claims review target to 3.2 percent.
    In 1996, the Health Insurance Portability and 
Accountability Act, also known as HIPAA, infused badly needed 
funds into Medicare's antifraud and abuse activities. In fiscal 
year 1997, the act gradually boosts the contractors' budget for 
program safeguard activities each year until the year 2003, 
after which it remains constant.
    These additional funds, however, essentially stabilize per-
claim safeguard activities and expenditures at about 1996's 
level, and will still be only half of what was spent in 1989, 
in real dollars.
    Another important fraud fighting effort is the 2-year 
multiagency project called Operation Restore Trust, which I 
could discuss in greater detail, if you would like, later. 
Notwithstanding funding issues, HCFA could improve oversight 
aspects of its antifraud and abuse activities.
    In addition to better coordinating contractors' reviews of 
claims before the checks are cut, HCFA needs to be vigilant 
over its information management efforts. This includes its 
acquisition of MTS, Medicare's big new claims processing 
system. But even before MTS is completed, HCFA must manage 
several types of system conversions, one involving the 
consolidation of several part A and part B systems currently 
operating into a single system for each part; and another 
involving the mechanics of making digit changes in computer 
systems to accommodate the year 2000.
    I would now like to talk a bit about Medicare's managed 
care and its own set of risks for taxpayers and beneficiaries. 
As we recently testified before the Ways and Means Subcommittee 
on Health, a methodological flaw in HCFA's approach to paying 
HMOs has produced excess payments for some plans. We are 
proposing a modification to HCFA's method that would improve 
the accuracy of the basic county rate on which the HMO payment 
is based. That could save hundreds of millions of dollars 
annually in Medicare expenditures.
    A second problem is that HCFA has been lax in enforcing HMO 
compliance with program standards. And finally, HCFA currently 
does not provide beneficiaries any of the comparative 
information on benefits and premiums that FEHBP and many 
employers routinely provide their retirees. HCFA also collects 
a wealth of information on HMO performance that it does not 
package for public consumption.
    HCFA acknowledges these problems, and is working to address 
them. The HIPAA legislation gives HCFA more flexible sanction 
authority, such as suspending an HMO's right to enroll Medicare 
beneficiaries until deficiencies are corrected.
    Also, HCFA is developing several consumer information 
efforts that are a small first step in helping beneficiaries 
compare features of competing HMOs in their areas. We have some 
suggestions to improve those efforts, also.
    In summary, many of Medicare's vulnerabilities are inherent 
in its size and mission, making it a perpetually attractive 
target for exploitation. HCFA needs to make judicious use of 
HIPAA funding for program safeguards, mitigate MTS acquisition 
risks, and oversee information management transitions.
    Also, HCFA must work to ensure that payments to HMOs better 
reflect the cost of beneficiaries' care, that the Agency's 
expanded authority to enforce HMO compliance with Federal 
standards is used, and that beneficiaries receive information 
about HMOs sufficient to make informed choices. To adequately 
protect taxpayers' dollars, as well as beneficiaries, HCFA 
needs to meet these important challenges promptly.
    Thank you. This concludes my statement, and I believe we 
will all be very happy to answer any questions you may have.
    [The prepared statement follows:]

Statement of Leslie G. Aronovitz, Associate Director, Health Financing 
and Systems Issues, Health, Education, and Human Services Division, 
U.S. General Accounting Office

    Mr. Chairman and Members of the Subcommittee:
    We are pleased to be here today to discuss efforts to fight 
fraud and abuse in the Medicare program, one of the largest 
entitlement programs in the federal budget. In fiscal year 
1996, federal spending for Medicare was $197 billion. Program 
expenditures have been growing at about 9 percent per year. 
Moreover, the trust fund that pays for hospital and other 
institutional services is projected to be depleted within 5 
years. As you know, while changes to Medicare are being sought 
to help control program costs, the Congress is concerned that 
billions of dollars of these costs are lost to fraudulent and 
wasteful claims.
    Today, I would like to address Medicare's fee-for-service 
and managed care programs. More specifically, with regard to 
these two programs, I'd like to highlight the problems bearing 
on protecting taxpayer and beneficiary interests in Medicare, 
initiatives recently taken by the Congress and federal agencies 
addressing these problems, and several remaining concerns.
    In summary, it is not surprising that because of the 
program's size, complexity, and rapid growth, Medicare is a 
charter member of our high risk series. (See the list of 
related GAO products at the end of this statement.) In this 
year's report on Medicare, we are pleased to note that both the 
Congress and the Health Care Financing Administration (HCFA), 
the Department of Health and Human Services' (HHS) agency 
responsible for running Medicare, have made important 
legislative and administrative changes addressing chronic 
payment safeguard problems that we and others have identified. 
However, because of the significant amount of money at stake, 
we believe that the government will need to exercise constant 
vigilance and effective management to keep the program 
protected from financial exploitation.

                               Background

    In 1996, Medicare's fee-for-service program covered almost 
90 percent, or 33 million, of Medicare's beneficiaries. 
Physicians, hospitals, and other providers submit claims to 
Medicare to receive reimbursement. HCFA administers Medicare's 
fee-for-service program largely through an administrative 
structure of claims processing contractors. In 1965, when the 
Medicare program was enacted, the law called for insurance 
companies--like Blue Cross and Blue Shield, Travelers, and 
Aetna--to process and pay claims because of their expertise in 
performing these functions. As Medicare contractors, these 
companies use federal funds to pay health care providers and 
beneficiaries and are reimbursed for their administrative 
expenses incurred in performing the work. Over the years, HCFA 
has consolidated some of Medicare's operations, and the number 
of contractors has fallen from a peak of about 130 to about 70 
in 1996. Generally, intermediaries are the contractors that 
handle part A claims submitted by ``institutional providers'' 
(hospitals, skilled nursing facilities, hospices, and home 
health agencies); carriers are those handling part B claims 
submitted by physicians, laboratories, equipment suppliers, and 
other practitioners.
    HCFA's efforts to guard against inappropriate payments have 
been largely contractor-managed operations, leaving the fiscal 
intermediaries and carriers broad discretion over how to 
protect Medicare program dollars. As a result, there are 
significant variations in contractors' implementation of 
Medicare's payment safeguard policies.
    Medicare's managed care program covers a growing number of 
beneficiaries--nearly 5 million in 1996--who have chosen to 
enroll in a health maintenance organization (HMO) to receive 
their medical care rather than purchasing services from 
individual providers. The managed care program, which is funded 
from both the part A and part B trust funds, consists mostly of 
risk contract HMOs and enrolled about 4 million Medicare 
beneficiaries in 1996.\1\ The HMOs are paid a monthly amount, 
fixed in advance, by Medicare for each beneficiary enrolled. In 
this sense, the HMO has a ``risk'' contract because regardless 
of what it spends for each enrollee's care, the HMO assumes the 
financial risk of providing health care within a fixed budget. 
HMOs profit if their cost of providing services is lower than 
the predetermined payment but lose if their cost is higher than 
the payment.
---------------------------------------------------------------------------
    \1\ Other Medicare HMOs include cost contract HMOs and health care 
prepayment plans. Cost contract HMOs allow beneficiaries to chhose 
health services from their HO network or outside providers. Health care 
prepayment plans may cover onlyl part B services. Together, both types 
of plans enroll fewer than 2 percent of the Medicare population.
---------------------------------------------------------------------------

 Recent Funding, Other Initiatives Revitalize Waning Efforts to Review 
                          Claims, Deter Abuse

    Over the last 7 years, HCFA and its claims processing 
contractors have struggled to carry out critical claims review 
and provider audit activities with a budget that, on a per-
claim basis, was seriously declining. For example, between 1989 
and 1996, the number of Medicare claims climbed 70 percent to 
822 million, while during that same period, claims review 
resources grew less than 11 percent. Adjusting for inflation 
and claims growth, the amount contractors could spend on review 
shrank from 74 cents to 38 cents per claim.

Implications of Reduced Funding for Payment Safeguards

    Consider the effect of inadequate funding on reviewing home 
health claims. After legislation in 1985 more than doubled 
claims review funding, contractors did medical necessity 
reviews for 62 percent of the home health claims processed in 
1986 and 1987. By 1989, however, contractors' claims review 
target had been lowered to 3.2 percent. One HCFA official noted 
that home health agencies are aware that their Medicare 
intermediary reviews only a small number of claims and, 
therefore, they can take chances billing for noncovered 
services.
    The plunge in the number of cost report audits has also 
weakened Medicare's efforts to avoid paying excessive costs. 
Providers subject to these audits are those paid under 
Medicare's cost-based reimbursement systems--such as hospital 
outpatient departments, skilled nursing facilities, and home 
health agencies. These providers are reimbursed on the basis of 
the actual costs of providing services, rather than on charges. 
Each year, cost-based providers submit reports that detail 
their operating costs throughout the preceding year and specify 
the share related to the provision of Medicare services. Using 
this information, the intermediaries determine how much 
Medicare should reimburse the provider institutions, some of 
which have received interim Medicare payments throughout the 
year based on estimates of expected costs. Without an audit of 
the provider's cost report, however, the intermediary can only 
reconcile the figures provided and cannot determine the 
appropriateness of the costs reported. In practice, only a 
fraction of providers is subject to audits. Between 1991 and 
1996, the chances, on average, that an institutional provider 
would be audited fell from about 1 in 6 to about 1 in 13.

The Impact of Recent Legislation and Other Initiatives 

    With the passage of the Health Insurance Portability and 
Accountability Act of 1996 (HIPAA), the cycle of declining 
funding for anti-fraud-and-abuse activities has been broken. 
For fiscal year 1997, the act boosts the contractors' budget 
for program safeguard activities to 10 percent higher than it 
was in 1996; by 2003, the level will be 80 percent higher than 
in 1996, after which it remains constant. These additional 
amounts, however, essentially stabilize per-claim safeguard 
expenditures at about 1996's level. For example, we project 
that payment safeguard spending for 2003 will be just over one-
half the level of 1989 spending after adjusting for inflation.
    In addition to funding, the act has several other 
provisions to improve vigilance over Medicare benefit dollars, 
including specifying the flexibility to use contractors other 
than those processing claims to perform utilization review, 
provider audit, and other safeguard activities; establishing a 
program run jointly by the Department of Justice and HHS to 
coordinate federal, state, and local law enforcement efforts 
against fraud in Medicare and other health care payers; 
establishing a national health care fraud data collection 
program; and enhancing penalties and establishing health care 
fraud as a separate criminal offense.
    Another important fraud-fighting effort is the 2-year, 
multiagency project called Operation Restore Trust. 
Participating agencies include the HHS Inspector General, HCFA, 
and the Administration on Aging, as well as the Department of 
Justice and various state and local agencies. The project 
targets Medicare abuse and misuse in the areas of home health, 
nursing homes, and medical equipment and supplies. In its first 
year, Operation Restore Trust reported recovering $42.3 million 
in inappropriate payments: $38.6 million were returned to the 
Medicare trust fund and $3.7 million to the Treasury as a 
result of these efforts. It also resulted in 46 convictions, 
imposed 42 fines, and excluded 119 fraudulent providers from 
program participation. In addition, many of the targeted home 
health agencies were decertified. Operation Restore Trust is 
scheduled to be closed out as a demonstration project in May 
1997. This effort, as well as HCFA's progress in adopting fraud 
and abuse detection software and its development of a national 
provider tracking system, is discussed further in our high risk 
report.

Management Problems Also Affect Medicare Payments and 
Operations

    Notwithstanding funding increases, several problems 
independent of adequate funding and related to HCFA's oversight 
of Medicare have implications for curbing unnecessary spending 
and conducting program operations effectively. One chronic 
problem is that HCFA has not coordinated contractors' payment 
safeguard activities. For example, as was anticipated when the 
program was set up, part B carriers establish their own medical 
policies and screens, which are the criteria used to identify 
claims that may not be eligible for payment. Certain policies 
and the screens used to enforce them have been highly effective 
in helping some Medicare carriers avoid making unnecessary or 
inappropriate payments. However, the potential savings from 
having these policies and screens used by all carriers have 
been lost, as HCFA has not adequately coordinated their use 
among carriers. For example, for just six of Medicare's top 200 
most costly services in 1994, the use of certain carriers' 
medical policy screens by all of Medicare's carriers could have 
saved in the millions to hundreds of millions of dollars 
annually. However, HCFA's leadership has been absent in this 
area, resulting in the loss of opportunity to avoid significant 
Medicare expenditures.
    In addition, several technical and management problems have 
hampered HCFA's acquisition of the Medicare Transaction System 
(MTS), a major claims processing system that aims at 
consolidating the nine different claims processing systems 
Medicare currently uses. First, HCFA had not completely defined 
its requirements 2 years after awarding a systems development 
contract. Second, HCFA's MTS development schedule has had 
significant overlap among the various system-development 
phases, increasing the risk that incompatibilities and delays 
will occur. Finally, HCFA has conducted the MTS project without 
adequate information about the system's costs and benefits.
    Before MTS is completed, HCFA must oversee several 
essential information management transitions in the Medicare 
claims processing environment. One involves the shifting of 
claims processing workloads from contractors who leave the 
program to other remaining contractors. Similar workload shifts 
in the past have produced serious disruptions in processing 
claims promptly and accurately, delays in paying physicians, 
and the mishandling of some payment controls. A second issue 
involves HCFA's plan to consolidate Medicare's three part A and 
six part B systems into a single system for each part. This 
plan will require several major software conversions. A third 
issue involves the ``millennium'' problem--revising 
computerized systems to accommodate the year-digit change to 
2000. HCFA does not yet have plans for monitoring contractors' 
progress in making their systems ``millennium compliant.''

              Medicare Managed Care Incurs Separate Risks

    Risk contract HMOs, Medicare's principal managed care 
option, bear their own set of risks for taxpayers and 
beneficiaries. These plans currently enroll about 10 percent of 
Medicare's population and have shown rapid enrollment growth in 
recent years. Because HMOs have helped private sector payers 
contain health care costs and limit the excess utilization 
encouraged by fee-for-service reimbursement, these HMOs have 
cost-control appeal for Medicare, while offering potential 
advantages to beneficiaries.
    However, as we recently testified, a methodological flaw in 
HCFA's approach to paying HMOs has produced excess payments for 
some plans. Moreover, because higher HMO enrollment produces 
higher excess payments, enrolling more beneficiaries in managed 
care could increase rather than lower Medicare spending unless 
the method of setting HMO rates is revised.
    A second problem, of particular concern to beneficiaries, 
is that HCFA has been lax in enforcing HMO compliance with 
program standards, while not keeping beneficiaries adequately 
informed of the benefits, costs, and performance of competing 
HMOs. In 1995, we reported that, despite efforts to improve its 
HMO monitoring, HCFA conducted only paper reviews of HMOs' 
quality assurance plans, examining only the description rather 
than the implementation of HMOs' quality assurance processes. 
Moreover, the agency was reluctant to take action against 
noncompliant HMOs, even when there was a history of abusive 
sales practices, delays in processing beneficiaries' appeals of 
HMO decisions to deny coverage, or patterns of poor quality 
care.
    HCFA also misses the opportunity to supplement its HMO 
regulatory efforts by not keeping the Medicare beneficiary 
population well-informed about competing HMOs. As we reported 
in 1996, HCFA has a wealth of data, collected for program 
administration and contract oversight purposes, that it does 
not package or disseminate for consumer use. For example, HCFA 
does not provide beneficiaries with any of the comparative 
consumer guides that the federal government and other employer-
based health insurance programs routinely distribute to their 
employees and retirees. Instead, HCFA collects information only 
for its internal use--records of each HMO's premium 
requirements and benefit offerings, enrollment and 
disenrollment data (monthly reports specifying for each HMO the 
number of beneficiaries that joined and left that month), 
records of enrollees' complaints, and results of certification 
visits to HMOs. By not publishing disenrollment rates or other 
comparative performance measures, HCFA misses an opportunity to 
show beneficiaries which plans have a good record and hinders 
HMOs' efforts to benchmark their own performance.

Initiatives Intended to Address Risk Contract Program Problems 

    HCFA acknowledges the problems we identified in Medicare's 
risk contract program. To tackle the difficulties in setting 
HMO payment rates, HCFA has been conducting several 
demonstration projects that examine ways to modify or replace 
the current method of determining HMO payment rates. In 
addition, HIPAA gives HCFA more flexible sanction authority, 
such as suspending an HMO's right to enroll Medicare 
beneficiaries until deficiencies are corrected, while providing 
HMOs the statutory right to develop and implement a corrective 
action plan before HCFA imposes a sanction.
    Finally, HCFA is developing several consumer information 
efforts, including plans to make HMO comparison charts 
available on the Internet. Providing the information in an 
electronic format rather than in print, however, may make it 
less accessible to the very individuals who would find it 
useful. The information, according to HCFA, will have to be 
``downloaded and customized for local consumption.'' HCFA 
expects the primary users of this information to be beneficiary 
advocates and Medicare insurance counselors. HCFA is also 
planning a survey to obtain beneficiaries' perceptions of their 
managed care plans and does not expect preliminary results 
before the end of 1997. In another key initiative, HCFA is 
helping to develop a new version of the Health Plan Employer 
Data and Information Set (HEDIS 3.0) that will incorporate 
measures relevant to the elderly population. The measures will 
enable comparisons to be made among plans of the enrollees' use 
of such prevention and screening services as flu shots, 
mammography, and eye exams for diabetics. As of January 1997, 
Medicare HMOs are required, from the time they renew their 
contract, to report on HEDIS 3.0 clinical effectiveness 
measures. HCFA intends to summarize the results and include 
them in comparability charts currently being developed.

                               Conclusion

    Many of Medicare's vulnerabilities are inherent in its size 
and mission, making it a perpetually attractive target for 
exploitation. That wrongdoers continue to find ways to dodge 
safeguards illustrates the dynamic nature of fraud and abuse 
and the need for constant vigilance and increasingly 
sophisticated ways to protect against gaming the system. 
Judicious changes in Medicare's day-to-day operations involving 
HCFA's improved oversight and leadership, its appropriate 
application of new anti-fraud-and-abuse funds, and the 
mitigation of MTS acquisition risks are necessary ingredients 
to reduce substantial future losses. Moreover, as Medicare's 
managed care enrollment grows, HCFA must work to ensure that 
payments to HMOs better reflect the cost of beneficiaries' 
care, that beneficiaries receive information about HMOs 
sufficient to make informed choices, and that the agency's 
expanded authority to enforce HMO compliance with federal 
standards is used. To adequately safeguard the Medicare 
program, HCFA needs to meet these important challenges 
promptly.
    This concludes my statement. I am happy to take your 
questions.

For more information on this testimony, please call Donald C. 
Snyder, Assistant Director, on (202) 512-7204. Other major 
contributors to this statement included Thomas Dowdal and 
Hannah F. Fein.

                          Related GAO Products

High Risk Series Reports on Medicare

    Medicare (GAO/HR-97-10)
    Medicare Claims (GAO/HR-95-8)
    Medicare Claims (GAO/HR-93-6)

Medicare Fee-For-Service

    Medicare: Home Health Utilization Expands While Program Controls 
Deteriorate
    (GAO/HEHS-96-16, Mar. 27, 1996).
    Medicare: Millions Can Be Saved by Screening Claims for Overused 
Services (GAO/HEHS-
    96-49, Jan. 30, 1996).
    Medicare Transaction System: Strengthened Management and Sound 
Development
    Approach Critical to Success (GAO/T-AIMD-96-12, Nov. 16, 1995).
    Medicare: Allegations Against ABC Home Health Care (GAO/OSI-95-17, 
July 19, 1995).
    Medicare: Commercial Technology Could Save Billions Lost to Billing 
Abuse
    (GAO/AIMD-95-135, May 5, 1995).
    Medicare: New Claims Processing System Benefits and Acquisition 
Risks
    (GAO/HEHS/AIMD-94-79, Jan. 25, 1994).

Medicare Managed Care

    Medicare HMOs: HCFA could Promptly Reduce Excess Payments by 
Improving Accuracy
    of County Payment Rates (GAO/T-HEHS-97-78, Feb. 25, 1997).
    Medicare: HCFA Should Release Data to Aid Consumers, Prompt Better 
HMO
    Performance (GAO/HEHS-97-23, Oct. 22, 1996).
      

                                

    Chairman Johnson. I thank the panel for your very 
interesting testimony. And there are lots of questions that 
each of you have raised. So we will take one round of questions 
and then probably come back.
    Let me ask a kind of general question first that sounds 
simplistic, but does concern me. Since December 1992, GAO has 
been tracking 20 high-risk areas. This series adds five more. 
Should we be concerned about the list growing, and particularly 
about our inability to get agencies off the list? Does this 
mean that government is performing less effectively, or does it 
simply reflect a more aggressive policy on the part of GAO?
    Mr. Dodaro. I think the answer to that question is a little 
bit different for each of the areas that we have been tracking. 
But I think overall, to answer your question, I would be more 
concerned than I am had there not been some progress made in 
the past several years.
    I think, as I pointed out in my opening statement, the 
Congress has really put in place some real critical management 
reforms. The question is, can those reforms be translated into 
concrete improvements and day-to-day management practices of 
the agencies? And I think that's a very important question. And 
the answer to that will go a long way to determining whether or 
not we are improving the effectiveness.
    There is no question, however, right now that at the 
Federal level we are needlessly losing billions of dollars and 
missing huge opportunities to improve services to the public by 
not correcting these high-risk areas. And until we do, we 
cannot rest and be assured that we are going to have effective 
operations.
    Adding some of the additional areas is our way of signaling 
in neon lights to the Congress that we need to pay attention to 
some of these problems coming up. Some of them are unique, such 
as the year 2000 problem. We also had concerns about the 
upcoming decennial census, which was another area that we added 
among the five.
    Chairman Johnson. Of your 11 recommendations, how many did 
the new legislation of the last session address?
    Mr. Dodaro. The new legislation of the last session--I 
would have to get you the specifics on that, but I know in the 
Medicare area it did. There was the Agriculture Improvement Act 
that that addressed, and the Farmers Home, which is another 
area that we have. There were some efforts made in the SSI area 
which Jane mentioned. So I would say of these 11, there are 
probably at least one-third of them that there was specific 
legislation for that particular program.
    Now, with all of these areas, the broad-based management 
reforms are important. I think it is important to point out, 
too, that the CFO Act, for example, requiring financial 
statements and independent audits does not become 
governmentwide implementation until this year. Even though the 
act was passed in 1990, it had a phased production schedule, 
which it unfolded in some pilot projects. IRS and Customs were 
two of the pilots, which was one of the reasons they have had 
financial statements and audits more than many other parts of 
the Federal Government.
    So I think there have been some specific legislative 
initiatives in these areas. All of these areas are impacted by 
these broad management reforms, however. The information 
technology reforms that I talked about were the first time in 
over a decade that the Congress has modernized the government's 
information management practices. And we all know what has 
transpired in that arena over the last 10 years.
    Those reforms largely became effective in August 1996. So 
this first year is a real critical year for agencies to begin 
implementing those acts. And our experience has been with 
management reforms historically that unless the Congress shows 
a lot of oversight and follows up with the agencies, they will 
be slow to implement some of these reforms. And we cannot 
afford to wait any longer.
    Chairman Johnson. Well, that does very much concern me. I 
am pleased about the legislation. That certainly is a dramatic 
step forward. And I think the last Congress was far more 
reform-focused than it has been given credit for. But it is 
critical that these be implemented.
    A lot of the things that you talk about in the IRS--the 
lack of a comprehensive implementation strategy and detailed 
business plan for modernization--you have been saying for over 
5 years, ever since the modernization of its technology project 
was undertaken.
    Do you consider the failure to have moved more aggressively 
to address that kind of base problem the result of lack of 
leadership, or incompetence, or low bidder rules? I mean, how 
do you explain the fact that recommendations of that substance, 
which now of course are key, and we have seen now billions of 
dollars lost because the recommendations were not taken 
earlier--why does this keep happening? Is it bureaucratic 
incompetence, lack of leadership? Is it low bidder rules? What 
are we up against?
    Mr. Dodaro. I think in the tax system modernization 
effort--and I am going to ask Dr. Rona Stillman, who is our 
Chief Scientist for Computers and Telecommunications. She has 
been in charge of our work at IRS and also the air traffic 
control system in FAA. I will just make a few comments on why I 
think it is important, and I am sure Rona will elaborate.
    Number one, it has not always received enough top attention 
by agency executives. And we do not have a well-defined 
business reason for pursuing the technology. So there is no 
link between exactly what we are doing in implementing hardware 
and software changes, and how that is going to accomplish the 
goal.
    At IRS, for example, how the strategy would actually 
produce electronic filing was unclear to us. In fact, their 
strategy called for only having about 40 million returns 
electronically filed in a few years out. And it did not seem to 
make sense to us that you would spend that amount of money and 
only have that percent of those returns as a percentage of 220 
million returns filed a year.
    Second, agencies have not followed good software 
development processes. We find agencies that are not developing 
the software themselves. Oftentimes, we find ad hoc and chaotic 
software development; also, in the disciplined areas of 
developing requirements. Even if you are going to contract out 
in a number of cases, agencies are not following the 
disciplined practices in order to do that.
    And it has been a problem in the private sector, as well, 
but they have managed the risk better and cut projects' funding 
earlier in the phases. And that is what we have made 
recommendations to IRS, in order to do that, as well. So 
business strategies, disciplined processes--all of these areas 
are pretty much addressed by the new technology reforms, but 
they need to be implemented.
    Rona.
    Ms. Stillman. Gene has answered the question thoroughly, I 
think. But just to sum up, IRS has lacked the technical 
discipline in areas of systems design and systems acquisition. 
The Agency does not have disciplined processes in place, and 
management has not been committed to instituting this 
discipline.
    Part of the reason for this is that until very recently 
there has been no direct linkage between IRS' budgets and the 
results that they achieve, either in systems or in other 
expenditures, but in particular in systems. Their budgets for 
the next year have not reflected how effective they have been 
in accruing benefits from previous IT investments.
    Until they are held responsible consistently for producing 
results, it is unclear how optimistic we can be that they will 
expeditiously institute change.
    Mr. Dodaro. I think, as it relates specifically to the IRS, 
I have been encouraged recently by the fact that, first of all, 
they have agreed with all of the recommendations that we have 
made to them over time. Second, we have begun to curtail bad 
investments in the system. They have actually stopped some of 
the projects which we had recommended and hoped they had done 
earlier. But they are finally coming around there.
    They have also embarked upon developing a new electronic 
filing business strategy, which I think has to be something 
that the Congress and others agree to. And this relates to the 
performance measurements and strategic plans that are being 
developed under the government Performance and Results Act, as 
well.
    We all need to agree on where we want to go and how we want 
to have the returns filed and what our goals are and are they 
realistic. So I think IRS has finally gotten the message in 
many of these areas and is beginning to take action. 
Unfortunately, some of the areas, particularly those that 
require instituting disciplined software development 
techniques, take many years to make improvements. And that is 
why we have recommended that the funding be given to IRS 
commensurate with their technical ability to develop projects; 
and until they can develop the ability to take on high-risk 
development projects, whether they are doing it themselves or 
through contractors, that the funding be controlled until they 
can prove that they can bring these things online in a repeated 
fashion--which is what we are after, is repeatability.
    Chairman Johnson. In other words, that they have a 
disciplined process for developing either the system, 
themselves, or guidance to contractors, and that it be related 
to their strategic business goals.
    Mr. Dodaro. Right. That is clear, Madam Chairman. I mean, I 
think until the Congress understands exactly what we are going 
to get out of the investment that we are putting in there, in 
terms of improved service delivery to the public--and that was 
a problem, I think, with TSM.
    Chairman Johnson. Right.
    Mr. Dodaro. The articulation of exactly what it was going 
to achieve was never clear. And in that case, I think that that 
begins to wave a yellow, if not red, flag to pay attention to 
those types of projects.
    Chairman Johnson. But I do think the advisory board is 
already paying off. The elimination of the cyberfile 
development system, in which we put $17 million for no effect, 
clearly was the result of effective oversight by the review 
board.
    Let me just ask one other question, and then turn it over 
to my colleagues. And later on I would like to come back to 
specific questions to the rest of you. But one of the general 
problems with the IRS is that they have this enormous amount of 
money that we call uncollectible.
    It has always concerned me that what is described by us 
publicly as uncollectible--that is, by the government, or 
actually, accounts receivable--a lot of it is uncollectible. I 
think it is a mistake not to take whatever actions are 
necessary to assure that when you use the words ``collectible'' 
the public is getting accurate information.
    Do you think that the 10-year statutory collection period 
prevents the IRS from writing off uncollectible receivables for 
that period, and therefore is part of the problem in misleading 
the public about the real nature of how much tax revenue we 
truly are failing to collect; as opposed to how much tax 
revenue we did not collect because part of it becomes 
uncollectible?
    Mr. Dodaro. Lynda, do you want to take that?
    Ms. Willis. Madam Chairman, I do not think the issue is so 
much with the 10-year statutory period. I think the problem is 
being able to differentiate within the accounts receivable 
inventory how much of that is because of the extension of the 
statute, how much we know about which of the accounts are 
collectible or are not collectible.
    This 10-year statute does generally require that IRS 
continue to carry these accounts on the books, and some of 
those accounts are collected over that period of time through 
refund offset or other means.
    What we need is better understanding of the makeup of the 
inventory of accounts receivable, so that when we come to the 
Congress we can report, of the money that is in the accounts 
receivable inventory, how much of it are financial receivables; 
how much of it relates to compliance actions that have been 
taken by IRS, essentially place markers for what could be 
receivables but may not be if the taxpayer gets back to the IRS 
with additional information, and how much of the money within 
the financial receivables we believe is collectible.
    All of those are very important pieces of information, in 
terms of us understanding how much of the money that is out 
there we can reasonably expect to collect in any period of 
time. But I do not think the 10-year period, while it is a 
constraint in terms of the total amount that is on the books, 
is an insurmountable problem, in terms of identifying how much 
money we actually can collect.
    Chairman Johnson. Well, I am concerned about the big 
difference between the total number, which is $216 billion, and 
the financial receivables that are estimated to be $113 
billion. And where we have that disparity, we may want to 
develop an approach that involves two different accounts: One 
of financial receivables, where we expect really to get the tax 
payments made; and some other category, where we expect, 
because of bankruptcy and death, that we will not.
    Now, maybe at least where the entity has died, the person 
has died, we might be able to deal with those differently. But 
I think it is important not to leave out there the impression 
that we simply fail to collect $216 billion. That is just an 
enormous amount of money. And we need to be more realistic.
    Mr. Dodaro. Right.
    Chairman Johnson. And if you could provide us with 
suggestions about how we might reform this portion of the law 
to more honestly reflect the true status of the receivables, I 
would appreciate it.
    Mr. Dodaro. Well, I think, Madam Chairman, you are pointing 
out a very important area. This is one of the reasons why we 
have been unable to give an opinion on IRS' financial 
statements. On their financial statements they should show the 
amount of valid accounts receivable, and of that how much is 
actually collectible.
    We have been working with them over the past few years to 
come up with a methodology for financial reporting purposes, of 
a point in time of coming up with an accurate estimate of that, 
which was a subset, as you are saying, of the gross amount that 
is in the accounts receivable inventory. So the reporting 
requirements under the Chief Financial Officer Act will provide 
the information that you are talking about, and will be 
independently audited.
    We have been unable to come to a comfort level with those 
estimates of IRS, because there have been some errors that have 
been made in data input into the IRS area, which needs to be 
taken into account. For example, now we have reached agreement 
with them that all accounts receivable over $10 million, they 
will check the accuracy of the information, so when we take a 
statistical sample we can go in and verify that information.
    But the answer to your basic question is already being 
addressed through the implementation of the financial reporting 
requirements under the CFO Act. We just need to get it 
implemented. And part of that is for IRS to have a detailed 
subsidiary record of their accounts receivable, which they do 
not have right now. All of the information is in the individual 
tax files, the master files; but there is not a ready inventory 
of tax debts that you would expect to see in a corporation.
    But they are moving in that direction, and we are making 
additional specific recommendations to make it happen.
    Chairman Johnson. Well, as they do review what is in their 
files and record it more accurately, or describe it more 
accurately, I think we all need to think about whether there is 
also some need to change the law so that we do not misdescribe 
dollars and leave the general public to believe that the 
bureaucracy is doing a worse job than it is.
    Mr. Dodaro. We will take a look at that issue.
    Chairman Johnson. It does have problems, but it also has 
strengths, and we do not want to obscure the one with the 
other.
    Mr. Dodaro. Yes. Well, the other thing we are trying to do 
that I think will help address your question is to make IRS 
more swift to take action to collect the receivables.
    Chairman Johnson. Right, without question.
    Mr. Dodaro. Because unless they move quickly, it becomes 
very doubtful that they can collect a lot of these in the 
future years.
    Chairman Johnson. Actually, we do need to get back to that, 
and to your comments on the private sector testing, a 
collectible demonstration project.
    But let me yield to my colleague, Mr. Coyne, at this point.
    Mr. Coyne. Thank you, Madam Chairwoman.
    Mr. Dodaro, can we take from your testimony here today that 
in no way have the reductions in the budget of the IRS been 
responsible for the failure to implement some of the reforms 
and changes that you have recommended?
    Mr. Dodaro. Basically, the changes we have recommended, 
particularly in the TSM area, have been to constrain the 
spending in that area. So that some of the actions taken by the 
Congress have been consistent with the recommendations that we 
have made.
    I think as IRS demonstrates the ability to handle 
additional spending in the tax system modernization or other 
modernization initiatives that they might pursue, the Congress 
should look to see that those justifications are well supported 
and documented by data.
    But in most of the actions that have been underway, they 
were underway prior to this year's budget reductions. And we 
think if they can sustain the attention of it, they should be 
able to fix these problems with some of the current resources 
that they have.
    Mr. Coyne. Ms. Ross, the legislation that was enacted last 
year relative to overpayments by SSI, do you think it is too 
soon to make a judgment about what the impact of that might be?
    Ms. Ross. I think it will take a little more time to 
understand exactly what happens. And let me explain why. You 
looked at groups that were particularly high-growth groups and 
groups with significant vulnerabilities. But for example, in 
the case of SSI children, the Social Security Administration 
has just within the past few weeks issued regulations about how 
they will now evaluate children. And I think it remains to be 
seen what happens when they have this new set of regulations 
implemented.
    Our concern before was that the way the regulations were 
being implemented did not assure you that only children with 
really severe disabilities went on the rolls. It will take time 
to see whether the new regulations do as well as we hope.
    The same thing applies to other cases of implementation, 
but that is the reason I think there is a little time that 
needs to go by before a final assessment can be given.
    Mr. Coyne. So would the same thing hold true for the recent 
SSA administrative reforms? Are you contending that it is a 
little too early to judge what impact that might have on SSI 
overpayments?
    Ms. Ross. They have told us about things they are planning 
to do. I think we want to make sure that they follow through 
and that it has the desired results. So I think it is too early 
to make a final conclusion.
    They certainly have talked about some things which would 
make improvements. We just want to make sure they get done.
    Mr. Coyne. I wonder what exactly would GAO recommend be 
done, both in the short term and the long term, to address the 
SSI overpayments? Does it take more legislation or more 
administrative reforms? What is your recommendation on exactly 
what ought to be done relative to the overpayments?
    Ms. Ross. Well, first of all, we have just put SSI as a 
high risk, and so we do not have a lengthy list of 
recommendations. But we have worked on this program for some 
years, so we are ready to give you some initial suggestions.
    The most important thing that could happen is that the 
Social Security Administration place higher priority on running 
this program. If that happened, a lot of other things probably 
would fall into place.
    Now, once they pay more attention, there are some 
administrative practices that need to be changed, and I suspect 
there are also some pieces of legislation, additional 
legislation, that will need to be passed.
    But things that are already within their control are: 
Moving more quickly in online access, that I talked about 
earlier; moving more quickly to implement other methods for 
verification to assure the public that there is integrity in 
this program by doing as many continuing disability reviews as 
are required, and possibly more; and also, moving more of the 
SSI population through vocational rehabilitation and into the 
work force. So I think there are a lot of very specific things 
that are already available to be done.
    Mr. Coyne. When you become aware of what legislative 
recommendations might be helpful, would you be in a position to 
come to this Subcommittee and recommend what they might be?
    Ms. Ross. Yes, sir. We already made one or a couple of 
recommendations about things that we think would improve the 
integrity of this program. They have not been on SSA's 
legislative agenda as yet, but we would be glad to make sure 
you know about those and others as we make them.
    Mr. Coyne. Thank you.
    Chairman Johnson. Let's see. Ms. Dunn is no longer with us.
    Mr. Hulshof.
    Mr. Hulshof. Thank you, Madam Chair.
    Ms. Willis, let me go to you. You do not need to go to your 
particular statement, but I will paraphrase. You mentioned 
that, regarding fraud detection, modernization is the key. And 
yet I am hearing through several of your testimonies that the 
IRS does not have the commitment, the management commitment, 
nor the technical expertise.
    It seems that we are in a catch-22. What can you tell us in 
that regard, Ms. Willis?
    Ms. Willis. Sir, I think that the first thing that the IRS 
needs to start with in that regard is their electronic filing, 
or what they are now calling their electronic commerce 
strategy. The key to addressing a lot of the issues that are 
associated with filing fraud is being able to identify up 
front, before the return is filed, or at least before the 
refund goes out, whether there is a problem with a particular 
return.
     That is made a whole lot easier if that return is filed in 
an electronic format. So in addition to reducing the amount of 
paper and enhancing the quality of the data throughout the 
system that electronic filing brings, having returns 
electronically filed makes it a great deal easier for us to 
identify potentially fraudulent returns.
    Once we have an electronic filing strategy and we 
understand how we are going to reengineer our processes to 
accommodate and support the strategy, we then will have a 
better sense of what the technical solutions are to addressing 
the issue.
    And in doing that, there are a variety of places that we 
can look to, including the private sector, contractors, and 
internally to IRS. But it is going to take a sustained 
commitment to developing that electronic filing strategy and 
then successfully building the technology to support it.
    Mr. Hulshof. Let me follow up on that question. Because in 
a recent statement by Treasury Deputy Secretary Lawrence 
Summers about the $4 billion--with a ``B''--$4 billion of our 
tax moneys that have gone to the tax system's modernization 
effort--mentioning that of course that money was not entirely 
wasted, but at the same time adding that more problems could 
surface.
    And we are talking about another half billion dollars being 
requested by the administration for this TSM project. And that 
is of concern to me. Is that of some concern to GAO?
    Ms. Willis. The amount of money that we spend to modernize 
IRS is of concern to GAO. And I think, looking to the future, 
we are very concerned that IRS develop the technical 
disciplined processes that Dr. Stillman discussed in order to 
assure the Congress and the taxpayers that the money we provide 
is not only going to be well spent, but is going to deliver the 
benefits that the public has every right to expect.
    Mr. Dodaro. Congressman, if I might add to that, one of the 
things that the Congress did last year when they passed the 
appropriations bill for IRS was to require IRS to issue a 
schedule for implementing GAO's recommendations by October of 
this year. We have just been briefed by the IRS on their plans, 
and we are going to be evaluating their progress.
    I guess my feeling would be that they need to address the 
underlying, as we pointed out, management and technical 
weaknesses, to be in a better position to spend effectively 
additional funding in that area. We are going to be evaluating 
that and providing the Congress our periodic assessments.
    They are doing, or planning to do, many of the right 
things. But one thing we have learned about our high-risk 
initiative over the last 7 years is that plans and good 
intentions do not often come to fruition and, really, 
followthrough is the key. So that is why we are going to stay 
very closely to assessing IRS' ability to be able to do this.
    In fact, we are going to be also starting an initiative to 
assess their technical ability to manage contractors. And 
Congress is urging them to go in that direction. So we are 
going to be watching that very closely, and we are concerned.
    Mr. Hulshof. One final question. Since Treasury and IRS 
took this ``sharp turn approach'' to TSM, is it true that over 
1 billion dollars' worth of contracts involving 26 projects 
have been canceled during the last 12 months?
    Mr. Dodaro. I will ask Dr. Stillman to address that.
    Ms. Stillman. We have not validated the precise numbers, 
but it is true that they have canceled some significant 
contracts. They canceled the DPS contract, after expending $280 
million on it. They have canceled cyberfile. They have canceled 
some contracts. We have not verified the exact number.
    Mr. Dodaro. Our basic concern there is that the tools are 
now available to stop those types of projects much earlier in 
the process. And that is what our goal, IRS' goal, and the 
Federal Government's goal needs to be, is to not go forward 
with these multiyear projects. They need to go in incremental 
stages. And these are the best practices that we have learned 
from leading organizations that we are trying to get the 
Federal Government to implement.
    At some organizations, like Xerox, any investment over 
$100,000 in technology is considered high risk. In the Federal 
Government it is a rounding figure. So I think we need to 
really make sure that those investment criteria are put in 
place. The IRS is trying to do that, and we are making sure 
they use good data to know in advance whether we are making 
good decisions, not several years down the road.
    Mr. Hulshof. As a final comment, Madam Chair, perhaps, 
rather than continuing to make these massive investments of our 
tax money, perhaps tax simplification might be something we 
should consider. Thank you, Madam Chair.
    Chairman Johnson. Mr. Tanner.
    Mr. Tanner. Yes, thank you very much, Madam Chairman. And 
thank you all for being here this morning. The testimony is 
very interesting. Let me ask Mr. Dodaro and Ms. Aronovitz, you 
all mentioned in your testimony that the fraudulent, wasteful 
claims and abusive billings and so on in the area of Medicare 
could be from $6 to $20 billion a year, based on 1996 outlays. 
What was your methodology in arriving at that number? And is 
that as close as you can come to the right number?
    Ms. Aronovitz. That is a very, very difficult question to 
answer, because so much of fraud and abuse, first of all, is 
not detected. To detect fraud and abuse requires putting in 
systems that would then avoid unnecessary costs in the future, 
and that is very difficult to quantify.
    Also, it is very difficult to quantify the different types 
of fraud and figure out what portion of an overall percentage 
estimate would be attributable to each type. However, studies 
and the work that we have done over the years have generally 
estimated fraud to be somewhere between 3 and 10 percent. And 
that is about as close as we really could come to giving any 
hard numbers in that area.
    Mr. Dodaro. One of the things, Congressman, that we are in 
the process of doing and supporting, the Inspector General at 
the Health and Human Services is conducting the first financial 
audit of the Department of Health and Human Services, under the 
expanded requirements of the CFO Act.
    We have taken, along with them, a nationwide sample of 
Medicare claims, and we are now testing that sample, which is 
statistically projectable, to determine to what extent there 
would be errors in there. And we are hoping that the financial 
audit requirements will shed some more light on this 
information.
    It is also important in some of these programs that we 
reach agreement between the Congress and the administration on 
what is the appropriate level, and how well are we doing in 
bringing that level down, which goes to the setting of good 
performance measures to track progress. Right now the best we 
have is this range of estimates, but we are hoping to perfect 
them as we can implement some of these reforms.
    Mr. Tanner. Your answer anticipated my next question. That 
is, how do we do a performance-based measurement of reducing 
waste, fraud, and abuse, if we don't know where we are starting 
from? And any work you all could do and provide us on that 
issue would be very much appreciated.
    Mr. Dodaro. I think that the results of this financial 
audit will be available this summer. And I think at that point 
we can be able to be in a position--again, we are supporting 
the HHS IG on this--to be able to share that with the 
Committee.
    Mr. Tanner. Well, there is a lot of political rhetoric 
around waste, fraud, and abuse as it relates to the government. 
And it seems to me the better definition we can come up with in 
that area, the more enlightened the public will be about what 
we are talking about; so that the notion that, if we could just 
take waste, fraud, and abuse out of the government, we could 
magically balance the budget overnight would be somewhat 
refuted.
    Let me ask in this connection, what are your concerns, or 
what concerns did you find, with respect to the program in the 
HMOs that are in vogue now?
    Ms. Aronovitz. I think the two biggest concerns we have 
right now--one has been talked about very, very much, and that 
has to do with underutilization, or the assurance that people 
who are in HMOs are getting all the services they need, within 
the framework of the services they are entitled to.
    There is another issue that has to do with giving 
beneficiaries all the information that they possibly can have 
to compare HMOs in a particular market. We found that HCFA 
collects very interesting data on the premiums and the benefits 
of risk contract plans within a certain market. However, not 
unlike FEHBP and even employers, they do not share that 
information with beneficiaries.
    So if you are a beneficiary, let's say, in Miami, and you 
want to join an HMO, you have to call, number one, a toll-free 
number to identify the names of all the plans that would be in 
Miami. Then you have to call each plan individually, obtain 
their brochures. Once you receive those brochures, you have to 
pore over them, to try to get comparable information about 
their benefits and premiums. And HCFA already has this 
information.
    Now, HCFA says that it is going to start sharing this 
electronically on the Internet. But we feel that that is just a 
very small step, because, clearly, my mother and your parents 
typically are not that able to access the Internet to get their 
information.
    We think that HCFA assumes that that information will 
mostly be used by State and local governments, advocacy groups, 
and maybe insurance counselors. But we think that information, 
along with other types of performance measures--like 
disenrollment data, which right now we think is an immediate 
proxy for beneficiary satisfaction--HCFA has that type of 
information and should be able to disseminate it to its 
beneficiaries. Those are the areas that we think are the most 
critical right now.
    Mr. Tanner. May I ask Ms. Ross a question, Madam Chair?
    Chairman Johnson. We are going to come back for a second 
round.
    Mr. Tanner. OK.
    Chairman Johnson. But you can do it briefly, if you have to 
leave.
    Mr. Tanner. Well, I just wanted to ask you, very briefly, 
you mentioned in your testimony, Ms. Ross, that online access 
is one possible solution to the overpayment problem in the SSI 
Program. We have, I think, as you know, a pilot project ongoing 
in my State of Tennessee. And I was wondering if you had 
reviewed the progress being made there. And what is your 
understanding of the success, relatively speaking, of the 
program so far in Tennessee?
    Ms. Ross. Yes, the program in Tennessee was the basis for 
our work on using State data and linking it with SSA. And on 
the basis of the information we collected in Tennessee, we were 
able to do some estimate of some national cost savings. So it 
sounds very promising, from what happened in Tennessee. And 
while SSA is moving forward, we just do not think they are 
moving expeditiously enough.
    Mr. Tanner. But the realtime match ups of the dates that 
are important in the SSI Program are being done in Tennessee 
more expeditiously, may I say, than they are nationally? Is 
that correct?
    Ms. Ross. Tennessee is the leader. There are other States 
that are now beginning to put up these systems, but Tennessee 
was the first and it is the most complete.
    Mr. Tanner. Thank you. Thank you, Madam Chairman.
    Chairman Johnson. Thank you. Mr. Weller.
    Mr. Weller. Thank you, Madam Chair. And I would like to 
direct my questioning to Ms. Aronovitz. Over the last couple of 
years, with the impending bankruptcy of Medicare, I have had 
extensive conversations with many seniors in my district. I 
have had over 80 meetings, town meetings, or Medicare town 
meetings, and even talked with my own parents about Medicare. 
And of course, it always seems that the meeting usually, unless 
you really control the subject--most seniors want to talk about 
the examples of waste and fraud which they feel they have 
personally experienced in Medicare.
    And you were discussing with Mr. Tanner the estimated $6 to 
$20 billion that the GAO estimates this past year was waste and 
fraud in Medicare. And I guess, to start with, I was wondering 
what areas in Medicare do you see where there are the greatest 
examples of waste and fraud? What are some examples that you 
have found?
    Ms. Aronovitz. I think some of the areas are ones that are 
benefits of the program that have grown the fastest, and that 
is areas of home health and skilled nursing facilities and 
others. There are several areas where there is so much 
vulnerability because of the volume of Medicare beneficiaries 
in one location. And it is very important to make sure that 
claims are reviewed, both at a prepayment and a postpayment 
stage.
    One of the biggest problems we have had was that HCFA has 
really lost the funding for program safeguards. And what we 
mean by that is reviewing claims before checks are cut, and 
even afterward, has really declined substantially over the last 
7 to 10 years. HIPAA restores a lot of that money. And we think 
that, with hiring a lot more investigators and auditors and 
being able to perform what we call focused medical review--that 
is, to look at national statistics and then try to identify 
those contractors that are paying benefits that are out of the 
norm for that area--it starts giving HCFA an opportunity, or 
the contractors an opportunity, to focus in on aberrant 
providers or certain conditions in an area that could 
potentially be a problem of fraud or abuse. So a lot of it has 
to do with having the money to spend on better oversight and to 
do better focused medical review on claims that are being paid.
    For instance, let me give you one example in home health. 
The home health claims have increased substantially over the 
last several years, since 1989 when the benefit became a little 
bit less restrictive and the number of home health agencies 
have really increased.
    It used to be, in 1984 and 1985, where HCFA was being able 
before they paid a claim to review almost over 50 percent, 
probably around 62 percent of all home health claims. Now they 
are lucky to be able to review 3 percent of those claims. And 
when physicians are not very involved in the plans of care--
they sign off on the plans of care but they are not really that 
involved in overseeing what the home health agency is actually 
doing for the beneficiary--very often we find in that 
particular program that there is a lot of overutilization. Or 
in fact, sometimes the beneficiaries do not even qualify 
because they are not actually homebound. And with limited funds 
it was very difficult for the home health agencies and HCFA to 
assure that the beneficiaries met the qualifications. But there 
are a lot of different types of problems.
    Mr. Weller. Well, this past year, with the Health Insurance 
Portability and Accountability Act----
    Ms. Aronovitz. Right.
    Mr. Weller [continuing]. Of course, we increase the 
opportunity for HCFA to contract with utilization review firms.
    Ms. Aronovitz. Utilization.
    Mr. Weller. And of course, that legislation was signed into 
law in August. But have we had time to see whether or not that 
initiative has been working, now that that is being 
implemented?
    Ms. Aronovitz. We have indications that the OIG is going 
forward in that regard. And we are very hopeful that 
utilization review companies that specialize in focused medical 
review and in performing comprehensive medical reviews will in 
fact increase their effectiveness. And also, these companies 
use advanced technologies and software that is on the market 
that could substantially help them identify areas of abuse and 
fraud. So we are very hopeful, but it is still very early.
    Mr. Weller. Well, you have indicated you have seen, if you 
look back over the last 10 years, a reduction in the review of 
the claims. And of course, with the initiative that we passed 
last year, there is an increased opportunity. What percent of 
claims do you project will be now reviewed as compared to last 
year, as a result of this?
    Ms. Aronovitz. We are not sure yet. We think that there are 
a lot of different activities that could be done much more 
frequently. For instance, cost reports which are submitted by 
institutional-type providers in part A are an area where HCFA 
or the contractors, the intermediaries, have really, really 
held back, because they have not had enough money to audit 
these institutional providers. They will be able to do that to 
a much greater extent.
    The actual number of claims that will be audited at this 
point we are not sure of. But there will be entities that will 
be able to have their cost reports audited much more fervently. 
And also, focused medical review, where you could have more 
money to identify outliers, for particular providers that are 
outliers, is very, very important; probably more so than just 
reviewing claims as they come through. You want to try to 
identify those that look like they potentially could be 
problems. And HCFA will be able to concentrate more on doing 
those types of reviews
    Mr. Weller. Thank you, Madam Chair. I see my time has 
expired.
    Chairman Johnson. Thank you. I think it is important to 
note that, as we press down the length of stay in hospitals, we 
expected the number of home care cases to increase and the 
length of home care to extend. So some of this is positive in 
reducing overall costs.
    Second, I think it is very important to recall that there 
was a court case, a judicial decision, I think it was 1989----
    Ms. Aronovitz. Yes.
    Chairman Johnson [continuing]. That took off all the 
constraints on home health services that the government to that 
point had been enforcing. I mean, the law was very clear when 
you were and when you were not able or eligible for home health 
care services. And that judicial decision really prevented 
government from exercising a lot of commonsense constraints 
that it had been exercising.
    The Health Subcommittee of Ways and Means is working on how 
to constrain growth in this area through reforms in the payment 
system that will put the onus and the burden, and also the 
financial risk, on the agency, so that they do not get rewarded 
for providing unnecessary services. But it is a difficult issue 
because some of what we see happening is desirable, and it is a 
response that we provoked through other payment policies to 
reduce the cost of Medicare. So I just wanted to make sure----
    Ms. Aronovitz. Absolutely.
    Chairman Johnson [continuing]. To put your words in 
context. Thank you.
    Ms. Thurman.
    Ms. Thurman. Thank you, Madam Chairman. To reiterate, I 
remember that debate. In fact, we thought that that would 
reduce the cost for payment. Nonetheless, certainly need to see 
numbers.
    But let me ask this question. It is my understanding that 
some of this information has been going out to doctors, and 
they have been reviewing some of the overutilization. What 
results have we seen from that? Would GAO recommend that all 
doctors receive that information?
    Ms. Aronovitz. Yes. We think that is a very positive step. 
One of the problems in home health care is that the physicians 
have not traditionally or typically been that involved in the 
plan of care. Clearly, they have signed off on it, but they are 
sometimes surprised to hear of the level of services that are 
being provided to their patients.
    So, yes, with making them more aware of what services are 
being provided, we believe they would be much more careful 
about what types of services they are actually prescribing.
    Ms. Thurman. In that context, too, now that more people are 
getting into the home health care business, particularly 
hospitals and other places that are just moving, do we see a 
concern there? Or are there some safeguards in place so that 
these numbers will not escalate again? I mean, are we putting 
any kind of restraints on what they can or cannot do, or are we 
looking at the kinds of things they are offering?
    Ms. Aronovitz. Yes, I think we are very concerned about 
these costs rising. I think what you are referring to is that 
the proprietary home health agencies have shown higher 
utilization per beneficiary than either voluntary or government 
types of home health agencies.
    The one proposal that the Subcommittee on Health is 
considering is the prospective payment system approach to home 
health agencies. There are two concerns there that we probably 
feel should be entered into the debate about that, and one 
would be to define the unit of care properly so that home 
health agencies are reimbursed for their fair amount of 
expenses and, at the same time, they do not have a windfall by 
having a visit end up being 10 or 15 minutes when the unit of 
care would be defined as an hour, let's say.
    The other concern about that would be to make sure that 
HCFA's database that includes the home health payments that are 
going to be used to calculate the payment rate is accurate. 
Because that payment database right now has a lot of 
inaccuracies, or payments that they have made that would 
probably have been denied had those claims been reviewed. But 
we think this is definitely a very important consideration and 
proposal, and an approach to look at.
    Ms. Thurman. In your opening remarks, you talked about how 
HCFA ought to better target their managed care dollars to 
reflect the cost in different geographic areas. Is this an 
issue of particular interest, and can you explain the GAO's 
recommendation? I have to tell you, this is a major issue in 
Florida because it affects the beneficiaries simply because of 
where they live, and also the effect of having doctors 
participate.
    Ms. Aronovitz. Sure. This is quite complex. I will try to 
give a pretty simple explanation, if I can. The risk contract 
program requires HCFA to figure out how much to pay health 
plans based on the fee-for-service beneficiaries' experience. 
So right now, if you have people in an HMO, their experience 
does not count when you try to figure out how much to pay a 
plan; it is the fee-for-service people.
    Studies have shown that there is about 10 percent of 
Medicare beneficiaries now that are in risk contract programs. 
That 10 percent seems to be, on the whole, more healthy than 
those that remain in fee-for-service. So therefore, it is the 
90 percent ``more sick'' people that would be the basis on 
which you would then pay an HMO.
    We have found that in some locations, in many cases, the 
HMO therefore has what we say is excess payments. They are 
getting more money or a higher capitation payment than they 
really need to support that particular beneficiary. We have 
made a recommendation regarding the county rate. It does not 
address the risk adjusters, which are basically sex, age, 
whether you are in an institution or not, whether you are 
working or not. But they are very gross types of adjusters.
    Until a long-term risk adjuster can be developed--and it is 
a very, very difficult challenge, and one that HCFA has been 
working on for many, many years--we suggest that you include--
we have a methodology where you can include the people who are 
currently in the HMO as part of the overall beneficiaries when 
you calculate the county rate. In other words, the healthy 
people in an HMO, in addition to the people in fee-for-service, 
would all be counted. So it would help reduce excess payments a 
little bit.
    Ms. Thurman. I see my time is up.
    Chairman Johnson. Yes.
    Ms. Thurman. Thank you, Madam Chairman.
    Chairman Johnson. Actually, because two members have 
pursued relatively the same issue, let me ask you a historical 
question that I think pertains to this. In the eighties, HCFA 
allowed--because you make the comment that the Health Insurance 
Portability and Accountability Act gave HCFA additional 
flexibility to contract with utilization review firms. Now, in 
the eighties, they gave their fiscal intermediaries, the 
directors--those are the people who pay all the bills, so there 
will be an intermediary that covers a whole State. Some of the 
big States may have two intermediaries, but it's rare. Usually, 
at least in New England, there is one that covers most of New 
England. And HCFA gave them the directive to better screen for 
utilization.
    I am aware of an instance in which, in one State in a 12-
month period, $18 million was saved through better utilization. 
Now, that was no more money, and no more people; just screening 
for utilization. Well, needless to say, some of the providers 
did not like the new screen. And finally, because this was in 
the eighties and things were a little different and we had not 
had some of the experience we have had since, the screens were 
withdrawn.
    But why do we not look at the cost effectiveness of that 
experience in the eighties, particularly when we have given 
them more people? We need people to look at managed care, to 
look at the issue of access and timeliness. Those are the kinds 
of intense medical reviews that only a person can do. But why 
do we not go back to giving fiscal intermediaries more 
responsibility for utilization of review screens, especially 
since the whole science of that is far more advanced than it 
was in the eighties?
    Could you comment on why they dumped that and whether that 
was wise? And do you think we should use that approach?
    Ms. Aronovitz. We could not agree with you more. Back in 
the eighties the contractors and the intermediaries would say 
that they had a lot more money; that to develop medical policy, 
which is the basis for then screening claims to decide whether 
or not you are going to pay them, takes money and it takes a 
lot of time on the part of the intermediaries. And they need to 
be reimbursed for that.
    And the way the funding to intermediaries and carriers 
worked, or contractors, was that the amount of money that HCFA 
had to process claims was one pile of money, let's say. It was 
not earmarked for individual activities, like claims processing 
and then a certain amount for program integrity. It was all 
one. So of course, HCFA had very strict rules on how fast 
claims must be processed. So that was their first and highest 
priority, and you wouldn't blame them for that. But then after 
that, whatever money was left then they could divide that out 
among program safeguard activities, and other activities like 
that.
    Back even in the early nineties, and actually in the last 2 
or 3 years, we have issued several reports showing that there 
is commercial software out there that does things like 
artificial intelligence, fuzzy logic. We issued a report that 
looked at the flexibility that carriers could have if they have 
a little bit more money. And we showed that they could collect 
an extraordinarily large amount, or not pay inappropriately a 
large amount of money, with just a few extra cents per claim in 
their budget.
    So that is why for the last several years we have been 
trying to see if we could restore, or have Congress restore, 
some of the money for safeguard. And now it is being earmarked 
for this purpose, which we think is a very positive step.
    Chairman Johnson. Thank you. If you would get me that 
report, I would appreciate it.
    Mr. English.
    Mr. English. Thank you, Madam Chair.
    Ms. Aronovitz, I was curious, in your report you noted 
HCFA's failure to package or disseminate the information it has 
at its disposal about HMOs for consumer use. This is a very 
serious issue in my area, because we do not have a lot of 
experience with managed care, many of the communities in my 
district. And seniors, when I go out among them, ask me about 
the latest products that they have received information about. 
What do we need to do to provide seniors with better 
information about HMOs?
    Ms. Aronovitz. You know, it is very interesting. There is a 
lot of information that HCFA has already. It is just not 
packaged. It is used internally, but it is not really packaged 
for public consumption. And it is not set up in a way that 
would make it user-friendly for beneficiaries; nor is it 
distributed to them.
    For instance, if we could just get HCFA to consolidate 
information for a particular market on the premiums and the 
benefits provided by each plan, then seniors or beneficiaries 
could look at one piece of paper and compare what they need, 
just like we do in FEHBP or in other programs. You could choose 
a plan much more readily, if you understand better what the 
premiums and benefits are.
    But way further than that, a proxy for beneficiary 
satisfaction really is disenrollment rates. And in a particular 
market, we found--for instance, in Miami we found that the 
disenrollment rate among plans could range anywhere from 5 
percent a year to 30 percent a year, or even in 3 months. So if 
in the first 3 months the beneficiaries are leaving at the rate 
of one-third, then clearly something is wrong with their 
satisfaction in that particular plan. And someone else who 
knows that might think twice about joining that plan.
    There is one other thing that HCFA is doing, and that is 
that they are developing part of the HEDIS, the employer 
performance measurement information system. They are going to 
have, starting with plans that renew or sign up in January of 
this year, a Medicare component that will have some process 
measurements, like how many screenings for certain kinds of 
conditions, and preventive care activities that different plans 
have. And they could disseminate that, also.
    Mr. English. Thank you very much.
    Ms. Thurman. Mr. English, if you will yield for 1 second?
    Mr. English. Certainly.
    Ms. Thurman. In Florida, at the end of next year, they are 
actually going to put out a report card, so that all consumers 
will have in place a comparison analogy of all of the plans 
that are within those areas. And I will be glad to share that 
with you.
    Mr. English. I would be delighted. And I am also glad to be 
reassured that Florida is such a progressive State in this 
regard.
    Let me say, Ms. Willis, I was curious, in the report on 
accounts receivable there is an indication that the IRS has 
taken the position that the 10-year statutory collection period 
generally precludes them from writing off uncollectible 
receivables until that period has expired.
    Now, I am an old green eyeshade type. I used to be a city 
finance officer. I think that is an interesting position. Do 
you concur with it? And I was wondering if you can offer us any 
notion of how much the accounts receivable inventory is made up 
of old accounts that will never be collected?
    Ms. Willis. Let me answer the last part of your question 
first. At one point IRS used to attempt to segregate out how 
much of the current accounts receivable inventory was a result 
of extending the statute to 10 years. They no longer do that, 
so we do not have that number.
    The numbers that we do have are on things that are 
currently not collectible as IRS defines them, and that could 
include hardship cases that may change over time. So it is very 
difficult to say of the total inventory what part of it we 
would never expect to collect, given potentially changing 
circumstances.
    In terms of the 10-year statutory rule, you are correct. 
IRS generally interprets that they must keep those accounts on 
the books until the statute expires. I do not believe GAO has 
taken an official position on that. But as we discussed 
earlier, part of the issue here is not what is on the books, as 
much as how it is reported and the fact that if the information 
is reported within acceptable accounting standards you will be 
able to see how much of that falls into each of the various 
categories of the accounts receivable.
    Mr. English. Thank you. That is most helpful. Thank you, 
Madam Chair.
    Chairman Johnson. Mr. Watkins.
    Mr. Watkins. Thank you, Madam Chair.
    Mr. Dodaro, I have been interested in a lot of testimony 
here, but I would like to shift just a little bit. Do you have 
oversight of the Bureau of Indian Affairs?
    Mr. Dodaro. GAO has the ability to review the BIA, yes.
    Mr. Watkins. Could you give me a current status? I know 1 
or 2 years ago, a couple of years or so ago, they came up with 
about a $2 or a $2\1/2\ billion or so shortfall. They were in 
disarray; couldn't put it together. You can give me a report, 
to my office or to the Subcommittee here, too, but could you 
give me a status of that?
    Mr. Dodaro. I am sorry. I----
    Mr. Watkins. A shortfall of about $2 billion or so over at 
the Bureau of Indian Affairs.
    Mr. Dodaro. OK. This is for their current operating funds, 
or for settlement? I am not that familiar with it.
    Mr. Watkins. A big report that came out in the papers just 
about maybe a couple of years ago, that there was a shortfall.
    Mr. Dodaro. That related to the trust fund activities?
    Mr. Watkins. Yes.
    Mr. Dodaro. We have been doing a lot of monitoring of that. 
I was not prepared to talk about that today. I will give you 
some information on it. We have monitored the settlement 
process--or not the settlement process; the reconciliation 
process for the trust funds, and in the past have recommended 
that they move to a settlement type of an arrangement. But I 
can give you some information for your record.
    Mr. Watkins. I would appreciate your providing that for the 
Subcommittee, if Madam Chair would like that, and also for me 
at my office, if you could. I appreciate that very much.
    Mr. Dodaro. Sure.
    Mr. Watkins. Let me ask you, my understanding is that one 
of the difficulties you found is that your office does not have 
any jurisdiction on doing an auditing on Indian tribes, Federal 
funds that go to Indian tribes. Is that correct?
    Mr. Dodaro. I would have to go back and research that a 
little bit. But I think we have the ability to go wherever the 
Federal moneys go. I mean, we do not normally do auditing of 
individual tribes, though. We pretty much leave that up to the 
Department of Interior.
    Mr. Watkins. I have not seen any actions or any footprints 
of GAO with the tribes. I have been told that GAO basically 
does not have jurisdiction or the power to do audits of the 
Indian tribes that consider themselves sovereign nations, and 
so forth. But I would appreciate having that.
    Mr. Dodaro. I will give you that information, along with 
the package of information we have been doing on BIA.
    Mr. Watkins. Yes, let me know the status of that and what 
you might have found in some of those areas of fraud and abuse, 
so to speak, or the disarray they have had over there.
    And Madam Chair, in the break throughout my district I 
spent over 3 hours meeting with home health care people. I have 
been a believer in home health care, but I have seen and been 
quite concerned about the explosion of the number of home 
health cares in some of these communities, small communities, 
14 to 15. All the downtown offices and buildings that were 
empty are now filled with home health groups fighting over 
patients.
    And so I met with them. I said they really, truly are 
abusing and jeopardizing a good program, an excellent program 
that I am for, and trying to keep our parents and grandparents 
and all there.
    Madam Chair, the number one thing they said is, ``We want, 
if at all possible, to get investigation money for fraud and 
abuse.'' I was extremely pleased with the professionalism of 
two or three of the people that I had there. They feel like, 
for every dollar spent on investigation and fraud abuse, they 
could probably make $10 to $15 from such activities.
    So they had a lot of other suggestions, but one of those is 
to definitely get more investigative power in there, because I 
would like to see us keep that program. I think it is a great 
program. I am alarmed about the cost. I know there are various 
factors that go in there. But when you see a shed where a sign 
is put up, ``Home Health Care, A-Z,'' whatever it may be, you 
think, well, are we getting the kind of services that we have 
got to have? Are we professional? And I hope we can remedy that 
in some way.
    So I was pleased that they asked, though, for more 
investigation on fraud and abuse dealing with home health care. 
They want to get it established as a professional group. So 
thank you, Madam Chair.
    Chairman Johnson. Thank you very much. It certainly has 
been my experience--and I work closely with the home health 
care industry--that the responsible providers in the home 
health care industry have been as interested as any single 
group in our doing something, because they see the fraud first 
hand. And by the time they report it to us and we get the 
Inspector General out there, the fly by nighters close up and 
move on someplace else, and go back into the same fraudulent 
delivery system.
    So it is a very big problem, and I would certainly hope 
those new investigators will be focused on home care, and not 
on the intermediary activity, because we have some good ways we 
can go in that area that we actually have experience in.
    There are just a couple of questions that I want to ask, 
and I will give other people a chance. First of all, Ms. 
Willis, your testimony in regard to information security in the 
IRS is starkly damaging. The fact that the IRS cannot 
effectively prevent--and you make this statement in your 
testimony--cannot effectively prevent or detect unauthorized 
browsing of taxpayer information, and cannot ensure that 
taxpayer data is not being improperly manipulated for personal 
gain, is astounding.
    Now, we have had some cases of this reported in the last 
few years, of inappropriate browsing. But why, at this time in 
its history--why cannot the IRS detect unauthorized browsing of 
taxpayer information and ensure that taxpayer data cannot be 
manipulated for personal gain?
    Ms. Willis. Madam Chairman, let me turn this question over 
to Dr. Stillman, who has been the lead on that work, and I 
think she will be able to answer your questions.
    Chairman Johnson. All right.
    Ms. Stillman. There is a pair of reasons. One is a 
fundamental shortcoming, as we talked about before, in the 
technical discipline that IRS uses in building and fielding its 
systems. One of the things that IRS lacks is a security 
architecture.
    And what that means is that they do not have in explicit 
fashion a statement of their security requirements and a 
mapping of those requirements onto the security features of the 
system. They cannot tell you from top to bottom what security 
they need and how the individual systems will provide that. It 
does not exist.
    Chairman Johnson. And when did you first ask them this? 
When did you first point this out to them? How many years ago?
    Ms. Stillman. Several.
    Mr. Dodaro. Part of this surfaced as a result of our first 
financial audit done under the CFO Act, which was back in 1992, 
that timeframe. And we have issued a number of reports on this.
    We have kept most of those reports restricted, limited to 
official use only. We have given them to key congressional 
committees, and so forth, but we did not want to publicize too 
broadly some of the vulnerabilities. And I think this is an 
area that, if the Subcommittee wants to get into it in a closed 
session, I would recommend it.
    We have just issued another report just recently, and this 
is an area that Senator Glenn on the Senate side has had us--
you know, he has been the champion of the CFO Act on the 
Senate, and he has had us follow this for a number of years 
now. And we look at it every year, as part of our financial 
audit responsibilities, as well.
    It has been a continuing problem. They have tried to take 
action. But one of the reasons we put information security on 
the list for governmentwide purposes is because it does not get 
the attention that it needs. Everybody is interested in giving 
access out broadly, and security is often not thought about in 
the process. And as a result, a lot of our information systems 
across the government, unfortunately, are in a very vulnerable 
state right now.
    We have also made recommendations to OMB that they act, in 
addition to recommendations we have made at individual 
agencies. Part of the Clinger-Cohen Act was to establish a 
chief information officer council across the government. We 
have urged OMB to make information security a top priority of 
that council, so that they can move forward.
    But there are many things IRS could do. We have had many 
recommendations. And I think some impetus from this 
Subcommittee to have them be accountable would be a good idea.
    Chairman Johnson. Thank you. And we will arrange that 
briefing. Is there anything else? Because I did interrupt you. 
I just wanted to get in context your comments in the historical 
perspective of GAO action, because I knew that this is not the 
first time you had brought this forward.
    Ms. Stillman. I think it's been fairly well covered. The 
only additional statement that I was going to make, the only 
additional consideration, is that in cases where IRS does make 
an effort to institute security, those efforts have an ad hoc 
nature to them, and they tend to be incomplete. So that whereas 
IRS has a system to monitor and attempt to detect browsing on 
some of its access systems--on one of its access systems--it 
does not on the others. And so what they do tends to be 
incomplete and ad hoc.
    Chairman Johnson. Thank you.
    Ms. Aronovitz, let me just ask you briefly a couple of 
other questions. HCFA is about to implement a Medicare 
transaction system to try to reduce fraud. You comment that 
there are three major management and technical risks associated 
with that system. Would you just briefly describe those risks 
and their potential to prevent the Medicare transaction system 
from achieving its goals? Or whoever would like to answer.
    Mr. Dodaro. Yes, Madam Chairman, I have Joel Willemssen, 
who is our Director, looking at information technology systems 
at HHS. And Joel has been tracking the Medicare transaction 
system. I would ask him to respond.
    Chairman Johnson. All right. That will be fine.
    Mr. Willemssen. Madam Chair, the risk can be pretty much 
broken down into three areas. First, HCFA has historically had 
trouble with the contractor finalizing its requirements for the 
Medicare transaction system.
    Second, we have historically had a lot of concern with 
HCFA's cost-benefit analysis for the system, and we have 
continued to push for that analysis to be complete. The third 
risk that continues to exist that we still have concerns about 
is that there are overlapping development bills within the MTS 
schedule. And given this, there is a lot more risk that the 
system will not be developed on time and provide the needed 
improvements that are necessary.
    Mr. Dodaro. Yes, we are currently continuing to monitor the 
MTS implementation. HCFA has responded to some of these 
concerns, is trying to make adjustments. But we will be issuing 
further reports on this topic.
    Most of the areas--or, indeed, all of the areas that Joel 
mentioned, in terms of requirements, cost-benefit analysis, and 
so forth, are what this new information technology reform 
legislation is designed to fix. That requirements area, in 
particular, is one where a lot of agencies have gone awry. This 
was a critical problem in FAA's failed efforts to modernize air 
traffic control systems.
    So we are very concerned about that, and also the cost-
benefit analysis. I mean, they need to demonstrate up front 
that this is going to be beneficial in terms of reducing fraud, 
providing better service, enabling them to better have 
financial reporting under the CFO Act, and so forth, and it is 
going to be worth the benefit. And a lot of times, that type of 
analysis has not been done properly, and that is why you have 
in the case of some of the IRS tax system management projects, 
after 7 years people say, Well, it is not worth it. And so we 
are watching that very closely in MTS.
    Chairman Johnson. Thank you.
    Mr. Willemssen. Madam Chair, if I may add, one other 
associated risk is that full implementation of the new Medicare 
transaction system will now not occur until after the year 
2000, and therefore----
    Chairman Johnson. After the year 2000?
    Mr. Dodaro. Right.
    Mr. Willemssen. That is correct.
    Chairman Johnson. When we are conscious of the volume of 
fraud in this program? That is remarkable.
    Mr. Willemssen. Yes. And the concern that we have, and the 
risk that we have to monitor, is the fact that the existing 
``A'' and ``B'' systems therefore will need to continue to run 
past the millennium, and we need to therefore make sure that 
they are millennium-compliant and that they will be able to 
handle claims appropriately past that date.
    Mr. Dodaro. One of the other things we have suggested is 
that they test the use of commercial off-the-shelf technology 
that other carriers use to better detect fraud up front. And we 
are at least encouraged they are testing that now. And they 
have also engaged Los Alamos Laboratories in helping develop 
better fraud-detection technology. So we think those are two 
good efforts, but it took a couple of years for us to get them 
to agree to do that.
    Chairman Johnson. Ms. Ross, in your testimony you note that 
thousands of SSI recipients in nursing homes continue to 
receive full benefits, resulting in millions of dollars of 
overpayments each year. Could you comment on that?
    And could you comment on the further information you 
provide: That many recipients live in households where the 
median income is $40,000; 25 percent where the incomes are 
$64,000; and very few actually live below the poverty 
threshold, only 7 percent?
    Now, since SSI is an income-related program, these 
statistics surprise me, and the fact that money is continuing 
to flow to people who are in nursing homes, which Medicaid is 
paying for. If they are, presumably, SSI-eligible, they are 
Medicaid-eligible. This concerns me.
    Now, these are remarkable facts you bring out in your 
testimony.
    Ms. Ross. I can expand a little bit on the nursing homes 
information. When people move into nursing homes, SSI ought to 
be notified of that fact so that the payment can be curtailed.
    Chairman Johnson. Just stop there 1 minute. You know, we 
pay half of the Medicaid bills. I mean, cross-checking does not 
take a rocket scientist to think up. If we do not have the 
names on the half of the money that we pay, the State certainly 
has the names. I mean, I just cannot imagine that so much of 
this is going on, when the data is terribly available.
    Ms. Ross. You know, we should have come to you and asked 
you about this before we did our whole study, because we are 
going to come out with a recommendation of exactly what you 
said; that the State Medicare data ought to be matched with the 
information from SSI.
    Chairman Johnson. Are you going to come out with that early 
enough so it could be in action this session?
    Ms. Ross. Yes. It should be out in 2 to 3 months--2 months. 
But we can tell you all the information any time you wish.
    Chairman Johnson. And what about this business of SSI 
recipients who actually live in a household of some affluence? 
I mean, we went through this with home health services in a 
pilot project in the seventies. We did not look at the 
household income, and we were providing enormous services to 
people who were living in the homes of their doctor-son. I 
mean, so is there any consideration of household income under 
SSI? And if so, why is it not implemented?
    Ms. Ross. There are considerations for the household in 
which you live, but there is not sufficient checking of the 
assertions that individuals make. That is one of the most 
difficult areas for SSA to check on, but one that they clearly 
need to spend more time on.
    Chairman Johnson. So the law does require it; it is not 
being done.
    Ms. Ross. That is right.
    Chairman Johnson. That is really appalling. OK. I do not 
want to take too much time, just one little last question that 
I hope can be answered very briefly.
    Ms. Willis, you point out that the independent contractor 
sector is a sector in which there is low compliance in regard 
to tax obligations. We have discussed and we have held hearings 
on this subject. The executive branch is making some proposals. 
We hope to come back.
    Would brighter lines help? We see very high compliance in 
the independent contractor sector where 1099s are involved. 
There are more situations in which we could require 1099s. We 
could also define independent contractor considerably more 
clearly. Would those kinds of things help with compliance?
    Ms. Willis. Better defining independent contractors would 
definitely help compliance, and would also ease the burden for 
employers, in terms of how to classify the people who work for 
them.
    But changing how you define an independent contractor does 
not address the issues related to withholding or information 
reporting. And those are the two features of the system, when 
someone is an employee, that tend to enhance their compliance.
    When you have withholding on wages, you have a compliance 
rate up above 95, 96, even to 99 percent. It drops 
significantly if you don't have withholding. If you have 
information reporting on different types of income, that also 
enhances compliance.
    So if we could design better systems for making the income 
that independent contractors earn more apparent to the IRS, it 
would enhance compliance.
    Chairman Johnson. Yes. We do not require now that 
corporations provide 1099s to their independent contractors.
    Ms. Willis. Right.
    Chairman Johnson. And those are the kinds of things I think 
we could quite easily do.
    Ms. Willis. Right.
    Chairman Johnson. Thank you.
    Mr. Coyne.
    Mr. Coyne. No questions, Madam Chairwoman.
    Chairman Johnson. Mr. Tanner.
    Mr. Tanner. Thank you very much, Madam Chair.
    May I come back to Ms. Ross for just a moment? Getting back 
to Tennessee's experience with the online transfers of 
information with respect to the overpayment problem in the SSI 
Program, it is my understanding that some States have been 
reluctant to make that information, or that data, available to 
the Social Security Administration. Do you know anything about 
that ongoing situation?
    Ms. Ross. I think a lot of States have been reluctant to do 
it online. Most of the information gets sent sooner or later to 
SSA in these sometimes rather dated computer matches. But they 
are somewhat uncomfortable, or they talk about their 
discomfort, with online access. And I think that is a matter of 
education.
    Obviously, there are some security issues here. And we have 
had people from our systems group look at some of the security 
issues related to online access. But once the State is assured 
of that, I am not sure what other issues remain.
    Mr. Tanner. Well, my point is that if we had better 
coordination, it seems, we could get more real time with the 
recipient of an SSI check returning to work. As I understand it 
now, sometimes that can go on for 10 months.
    Ms. Ross. Right.
    Mr. Tanner. I guess, theoretically, 11 months and 29 days, 
before the systems that are in place here could catch that 
overpayment if the check is otherwise sent out. And the more we 
compress that real time, through quarterly reports on 
unemployment figures or however, it seems to me, the better we 
can gain the efficiencies of the system for which it was 
intended.
    And if there is a reluctance in the marketplace of States 
to participate in a more efficient way of doing things, it 
seems to me we might come up with some incentives or otherwise 
fine tune the systems to try to gain that realtime match. Am I 
making sense?
    Ms. Ross. Well, I agree. First of all, I certainly agree 
that it has a tremendous potential for preventing overpayments, 
which is the goal; not to try and figure out ways to collect 
them once they have occurred. We have not looked at the issue 
of incentives; nor have we talked with a large number of States 
about the basis for their reluctance. But as we do that, I 
would be glad to keep in touch with you, to talk to you about 
it.
    Mr. Tanner. Well, getting back to my original point to Mr. 
Dodaro about setting a baseline from which we can judge 
ourselves as to how we are doing with respect to this whole 
question of waste, fraud, and abuse, that is very important; 
not only, I think, from just doing our jobs well, but it is 
also important from the perceptual standpoint with the citizens 
of this country who understandably get a little bit perturbed 
when they see or perceive waste, fraud, and abuse going 
unaddressed. So any suggestions you can make along that line 
would be most welcome.
    Ms. Willis, you said in your testimony, and following up on 
the Chairlady's observation, that computer security management 
at the IRS is an ongoing problem. You state that there is not a 
proactive program in place down there to monitor, anticipate, 
and otherwise address this issue. What steps, if any, have you 
discussed with them about putting a positive constructive 
program in place, rather than simply being reactive, as your 
testimony suggests to me?
    Ms. Stillman. We have indeed, and IRS does recognize the 
importance of security. They have said they are committed to 
putting a proactive program in place, and we will monitor them 
as they try to do that.
    Mr. Dodaro. We have spelled out, Congressman, some of the 
specific things that IRS needs to do.
    Mr. Tanner. So you have?
    Mr. Dodaro. We have done--they need to do risk assessment, 
have disaster recovery plans, limit access to only people that 
really need access to particular systems. So we have spelled 
out in pretty good detail----
    Mr. Tanner. So this is more than just an observation with 
no----
    Mr. Dodaro. Yes.
    Mr. Tanner. OK.
    Mr. Dodaro. Right. I mean, we have made this recommendation 
in great specificity. And plus, there are already well spelled 
out in some of the Federal regulations what the necessary 
requirements would be for a security system. This is not a 
complicated issue. The techniques are well known.
    Mr. Tanner. And they are onboard with this?
    Mr. Dodaro. They have agreed with the recommendation. It is 
a matter, like many things that we find at the IRS, of lack of 
followthrough and implementation. That is all that is required 
here.
    Mr. Tanner. Is there anything we need to do here to assist 
in that effort? If you have any suggestion along that line, 
that would be welcome.
    Mr. Dodaro. We do. And I think the basic recommendation I 
would have now would be to have them up here to report to you, 
to this Subcommittee, what they are doing to fix this problem. 
And we can provide some assistance. But I think some interest 
on the part of Congress will do a lot to spur them forward. 
Thank you.
    Mr. Tanner. Thank you.
    Mr. Hulshof [presiding]. Ms. Thurman.
    Ms. Thurman. Thank you, Mr. Chairman.
    In Florida, we really have done some interesting things 
over the last couple of years. In Florida, the legislature and 
the Governor put into place an antifraud program to target 
areas of the greatest abuses in the Medicaid Program. Some of 
these included home health, durable medical equipment, and 
transportation services. Additionally, they required a $50,000 
surety bond by new providers.
    They also required all current noninstitutional providers 
to reenroll with the State Medicaid office, which actually 
demanded more detailed information from the providers as well 
as background checks conducted in cooperation with the Florida 
Department of Law Enforcement.
    Actually, the results have been pretty interesting. We have 
seen a large reduction in DME providers, from 4,146 to 1,565, 
which is a pretty good decrease. Interestingly it has not 
broken any of the services to the beneficiaries.
    We have also been working with Representative Stark on this 
issue. I would like to know if you all support these ideas, or 
if you are looking at ideas similar to what Florida has done in 
any other cases coming up this next year?
    Ms. Aronovitz. In the Medicaid Program we have found that 
Florida is very progressive in trying to curb a lot of the 
fraud and abuse in Medicaid. And I think a lot of the 
principles and a lot of the initiatives that have occurred in 
Florida in those areas are very responsive to some of the 
problems we find in Medicare.
    For instance, a few years ago we looked at the problem of 
pill mills. And in Florida there were a lot of problems with 
pharmacists----
    Ms. Thurman. Right.
    Ms. Aronovitz [continuing]. Distributing pills and 
whatever. And Florida was very progressive in its initiatives 
to develop a strike force, and also to put in a lot of controls 
in that program. It's those kinds of initiatives that HCFA 
needs to think about in its Medicare Program.
    And again, the way that program is managed through the 
contractors, and the way that contractors are reimbursed for 
their efforts to curb fraud and abuse, is very different. So 
the principles themselves are very, very coherent and very 
important for us to consider in Medicare, and I think some of 
those are now being addressed at the Federal level.
    Ms. Thurman. Are you familiar with Operation Restore Trust?
    Ms. Aronovitz. Yes, I am.
    Ms. Thurman. Could you give this Subcommittee an idea of 
the program? Because as we go forward in looking at fraud and 
abuse, you may be able to give some examples of what happened 
in Florida. Also, would you recommend this to be something that 
we could extend over the rest of the country?
    Ms. Aronovitz. Yes. There was a lot of discussion, a lot of 
concern, about fraud and abuse in the Medicare Program, 
especially in some of the high-growth type benefits. That was 
durable medical equipment, home health, and also some of the 
concerns about the skilled nursing facilities.
    Congress established a 2-year demonstration program that 
really coordinated the efforts of three HHS agencies. That was 
HCFA, the OIG, and the Administration on Aging, that has a very 
good local beneficiary network; also, the Department of Justice 
and various State and local agencies. They combined and 
coordinated their efforts and resources.
    They spent about $4 million in training and travel, which 
is very insignificant compared to some of the benefits they 
received. And they focused on five States that accounted for 
about one-third of all Medicare beneficiaries. And that was 
Florida, California, Illinois, New York, and Texas.
    And their focus was on those three areas that I told you 
about, and they really gave it a full-court press. They used a 
lot of the OIG resources, and they coordinated very heavily on 
a lot of the tools that the local law enforcement agencies had, 
in addition to the Department of Justice.
    And they have some very impressive findings.
    Now, the demonstration project is supposed to end--the 2-
year demonstration will be completed in May of this year. And 
then they will come out with final numbers on their 
accomplishments, which are very impressive. I believe in the 
first year they reported that they recovered $42 million, and 
they just had very impressive type accomplishments and 
convictions and recoveries in some other areas, and exclusions 
from the program.
    But probably the most important lesson that was learned and 
that will carryover in terms of the way these law enforcement 
agencies work is that they learned to coordinate their efforts 
and really work together to try to fight some of these 
problems, which is exactly what you are talking about in 
Florida.
    So I think this has been a very, very positive program, and 
one where the lessons will be picked up and learned around the 
country and expanded.
    Ms. Thurman. Thank you. Ms. Willis, let me just ask one 
very quick question of you, if it is OK with the Chairman, 
here.
    Mr. Hulshof. Sure.
    Ms. Thurman. You and I have talked, and I know that there 
is a lot of conversation regarding improvements and results 
from IRS. Will these results be immediately noticed, or would 
they occur over a year, or is it something that is going to 
take a little bit longer?
    I do not want the expectations from this hearing to be that 
everything that we put into change can happen and it can happen 
on July 15, 1998. Are these improvements going to take a while?
    Ms. Willis. This is a long-term commitment. There are 
things that IRS has done and can continue to do to improve its 
programs and to improve the quality of service that it provides 
to taxpayers. But to truly modernize its processes and systems 
and address the high-risk problems that we have discussed is 
going to take a long-term commitment on the part of IRS, on the 
part of the Congress, on the part of GAO and others who provide 
oversight.
    As we move into the next millennium, and as we address the 
year 2000 problems, it is going to take a diversified approach 
where we look at not only the business requirements of how we 
want to run the Nation's tax system, but also a highly 
technical approach in terms of what opportunities technology 
will provide us that we can deliver to the taxpayer better 
services.
    But there is no question in our mind that this is going to 
be a multiyear process that is going to have to proceed 
incrementally as IRS develops the capability to deliver the 
systems, to reengineer its process, and to improve its 
services.
    Mr. Dodaro. I think, just to add on to that, a couple of 
thoughts. One, I think we got into this dilemma because of 
overpromising and not being able to deliver. And it is not just 
limited to IRS. It has happened to many other agencies, as 
well. To rectify that we need to make the investments in the 
basic management foundation, technical foundation, that needs 
to be in place.
    Third, I would think that Congress needs to settle on a 
credible plan, an achievable plan, and then monitor progress 
incrementally. And that is the way to ensure lasting change and 
meaningful improvements, and particularly when we are talking 
about an organization as large as the IRS.
    And that is why I was emphasizing those management tools 
today, of performance measurement. And Congressman Tanner has 
mentioned that several times. I think that is very important. 
But having a credible plan is important, too. I think there has 
been a tendency to think that technology and throwing money at 
it is immediately going to solve the problems, and that is not 
really the case. And you need to have better management, 
because a lot of the problems are not technology problems, as 
much as they are management problems.
    Ms. Thurman. Thank you.
    Mr. Hulshof. Let me follow up briefly with just a couple of 
questions, Ms. Ross, and I do not intend to replow old ground. 
But regarding the statements made by Mr. Dodaro about money is 
not the only answer, in your statement you indicate that a lot 
of the computer matches on earned income are relatively old, or 
that information is not updated in a timely fashion. And you 
indicate that part of that is Aid to Families with Dependent 
Children. That is one area where SSA has really not matched 
data.
    Have they put a plan in place so that they can match that 
information and update that information, so that we are not 
overpaying through SSA?
    Ms. Ross. They have a whole series of matches that they do. 
I pointed out that AFDC was one they did not do. Our concern is 
that, by its nature, when you take computer information from 
one system and then you move it on tape or disc or something to 
another agency, and find out how many hits you have, and then 
you send that information out to the field, that is just too 
long a process.
    So computer matching was a good technology a decade ago. It 
is not the right technology now. And we think SSA does not have 
an adequate plan for the new technology.
    Mr. Hulshof. Would that also be your testimony or opinion 
regarding their plan where, as was reported, we had prisoners 
in various institutions who were actually receiving some $5 
million in SSI benefits?
    The Social Security Administration told you, at least 
through your statement, that it has begun a program to identify 
SSI recipients in jails who should no longer be receiving 
benefits. Have they made a significant effort in that regard, 
Ms. Ross?
    Ms. Ross. In that regard, I think they have. I think, 
though, we need to follow through and see if month after month 
that kind of information continues to flow to SSA.
    Mr. Hulshof. One final couple of questions. And I am sorry 
that I did not provide a copy for you. This is the latest 
Social Security Administration publication, that's dated May 
1996, regarding disability based on drug addiction or 
alcoholism, which interestingly--or some would say ironically--
is also printed in Spanish on the reverse side.
    But it talks about, under the new law, if you are currently 
receiving disability benefits based on drug addiction and/or 
alcoholism, your cash benefits will cease January 1, 1997, 
which was the new law. However, the publication goes on to say 
that even if you stop using drugs or alcohol and still think 
that you could qualify through some other disability, you may 
reapply; and second, that you can appeal the decision that your 
disability is based on drug addiction or alcoholism, and 
benefits would continue to be paid out to a representative 
payee.
    Now, with that publication and that advice being given out 
to recipients, coupled with your statement that the Social 
Security Administration's lengthy and complicated disability 
decisionmaking process results in untimely and inconsistent 
decisions, putting those together--and Mr. Dodaro, I am not 
here to create some pie in the sky--but is there any optimism 
that I can tell my folks back in the Ninth District of Missouri 
that at some point in time we are no longer going to be paying 
SSI to those who do not qualify, specifically those who have 
traditionally come under the disability of alcoholism or drug 
addiction? Is that anywhere on the near horizon?
    Ms. Ross. Well, with the passage of the law last year, all 
people who were receiving benefits based on drug addiction or 
alcoholism as their primary disability had to come in and be 
reviewed. But from the very beginning, SSA estimated that about 
80 percent of those people would be returned to the rolls with 
a different disability. So you can view that however you would 
like. Twenty percent of the people are off the rolls. Eighty 
percent, or thereabouts, have probably come back on with 
another disability.
    There were some people who did not come and reapply. I do 
not have those numbers available. But one of the things we are 
concerned about--and actually, SSA was, as well--is that 
because people are now coming with impairments that are not 
related to substance abuse, they are not required to have 
representative payees anymore. So one of the safeguards that 
was there is no longer in place. And I think at some point we 
will need to go back and see what happened to people who were 
formerly abusers who are now back on the program. Do they have 
representative payees? Because they ought to.
    Mr. Hulshof. Mr. Dodaro, Ms. Willis, Ms. Ross, Ms. 
Aronovitz, thank you very much for your patience, for your 
time, for your testimony. You are excused, with the thanks of 
the Chair.
    Mr. Dodaro. Thank you very much.
    Mr. Hulshof. Let us continue this hearing, and call the 
next panel of witnesses, if we could. This hearing will 
continue. We are pleased to welcome Hon. Valerie Lau, the 
Inspector General, the U.S. Department of the Treasury. 
Welcome.
    We also welcome Patricia Dalton, the Deputy Inspector 
General from the U.S. Department of Labor; and also, Michael 
Mangano, Principal Deputy Inspector General from the U.S. 
Department of Health and Human Services.
    Thank you each for appearing here today, and for your 
patience for us finally getting to your testimony. With that, 
we will go to your testimony, your statements. The Chair 
recognizes Ms. Lau.

    STATEMENT OF HON. VALERIE LAU, INSPECTOR GENERAL, U.S. 
  DEPARTMENT OF THE TREASURY; ACCOMPANIED BY GARY BELL, CHIEF 
                           INSPECTOR

    Ms. Lau. Thank you, sir. Mr. Chairman and Members of the 
Subcommittee, today I would like to direct my remarks to two 
areas. First, I will discuss the IG Act Amendments, which 
created my office and defined the relationship with the IRS 
Inspection Service. Second, I will highlight the work of our 
two offices in two of the high-risk areas identified by GAO. I 
have prepared a longer statement, which I would like to submit 
for the record.
    Mr. Hulshof. That will be allowed.
    Ms. Lau. Thank you. As you know, the Treasury Office of 
Inspector General was established by the 1988 Amendments to the 
IG Act. Unlike most other OIGs, the amendments did not create a 
single audit and investigative entity for the Treasury 
Department. Instead, the IRS retained its own internal audit 
and investigative staff under the direction of the Chief 
Inspector.
    That office has primary responsibility for all direct audit 
activity at the IRS. My office has oversight responsibility for 
the Chief Inspector's Office. The amendments also gave my 
office the authority to initiate, conduct, and supervise audits 
of the IRS. However, our capability to do many such audits is 
limited.
    The OIG has an audit staff of approximately 160 auditors 
that must provide audit coverage for the remaining 11 Treasury 
bureaus. In contrast, the Chief Inspector has approximately 460 
auditors who focus solely on IRS programs and operations. 
Consequently, my office must rely on IRS internal audit for 
most of the audit coverage given to IRS. The Chief Inspector, 
Gary Bell, is here with me today.
    Let me now turn to a brief discussion of our work in the 
following areas: Financial management at the Customs Service 
and IRS, and oversight over IRS' tax systems modernization 
efforts.
    Three years ago, the OIG assumed responsibility for 
auditing Customs' financial statements from GAO. Customs has 
improved its financial management; however, much needs to be 
done. Our audit of Customs' fiscal year 1996 financial 
statement indicates tangible progress in addressing previously 
reported material weaknesses. While they have been addressed, 
they have not been fully eliminated.
    We believe that Customs' planned improvement efforts are 
appropriately focused on control weaknesses involving invalid 
drawback payments, in-bond shipments, and core financial 
systems. Let me share just one example. Drawback payments are 
refunds of duties and taxes paid on imported goods that are 
subsequently exported or destroyed. In its effort to prevent 
duplicative, erroneous, or otherwise invalid drawback payments, 
Customs has continued to implement and to refine several 
compensating controls. Previously, Customs could not easily 
match a drawback claim to its related entry to ensure the claim 
was not excessive or duplicative. Beginning in 1995, Customs 
started linking drawback claims to their related entries.
    Also, we have been working with Customs to implement a 
statistically valid sampling methodology to identify the extent 
of excessive drawback payments and determine the related loss.
    IRS' fiscal year 1996 financial statements are the fifth 
set prepared by the IRS' Chief Financial Officer and submitted 
for audit by the GAO. These statements are presented in two 
separate sections. The first, their administrative statements, 
account for IRS' use of appropriated funds it receives to 
conduct operations. The second, their custodial statements, 
reflect the collection of revenue on behalf of the Federal 
Government.
    The Inspector General and the Treasury Chief Financial 
Officer are closely monitoring the progress of this audit 
because the IRS audit results are material to the first 
departmentwide audited financial statements, which will be 
issued later this spring. Next year, the OIG will audit the 
fiscal year 1997 IRS administrative financial statements, and 
GAO will continue to audit IRS' custodial financial statements.
    Now, turning to the area of tax systems modernization, many 
congressional committees, including this one, have already 
heard of the problems with TSM and are probably not interested 
in hearing them in detail yet again. The IRS Chief Inspector's 
work regarding TSM has been extensive, and we have reported 
those results in our semiannual report to Congress.
    The Department and IRS have adopted a new approach to 
provide better oversight for TSM: The Modernization Management 
Board, or MMB. In addition, the IRS has created an Investment 
Review Board, or IRB, consistent with GAO's best practices 
self-assessment guidelines.
    We believe that the MMB and the IRB are promising oversight 
mechanisms to help IRS address and resolve its difficult 
issues. While these oversight mechanisms are new, they are 
having an impact. For example, in the 1996 audit of TSM, the 
Chief Inspector found that IRS' development of the document 
processing system, or DPS, continued to be at risk. The 
auditors recommended that IRS consider canceling the DPS 
project. Based on this and other ongoing evaluations, the IRB 
recommended, and the MMB agreed, to cancel the project. DPS was 
terminated in October 1996.
    In closing, progress has been made, but more remains to be 
done. We in the audit community are committed to helping 
management find solutions to the problems we identify.
    This concludes my statement. I will be happy to answer any 
questions you might have. Thank you.
    [The prepared statement follows:]

Statement of the Honorable Valerie Lau, Inspector General, U.S. 
Department of the Treasury

    Madam Chairwoman and Members of the Committee:
    Today, I would like to direct my remarks to two areas. 
First, I will discuss the role of my office under the IG Act 
and our relationship to the IRS Inspection Service. Second, I 
will describe the work of the Treasury OIG and the IRS 
Inspection Service in the areas defined by GAO as high risk.

                   Role of My Office Under the IG Act

    As you know, the Treasury Office of Inspector General was 
established by the 1988 Amendments to the IG Act of 1978. Like 
all other OIGs, our mission is to conduct independent and 
objective audits and investigations relating to the programs 
and operations of our Department; make recommendations that 
promote economy, efficiency and effectiveness; and prevent and 
detect fraud and abuse.
    Unlike most other OIGs, however, the Amendments did not 
create a single audit and investigative entity for the Treasury 
Department. We have direct review authority over some Treasury 
bureaus and oversight authority over others. We oversee 
investigative units within four law enforcement bureaus. Also, 
with respect to the Internal Revenue Service, we oversee 
internal audit and investigative staff who have remained under 
the direction of the IRS Chief Inspector. That office retained 
primary responsibility for all direct audit activity at the 
IRS, while my office was assigned oversight responsibility. For 
remaining Treasury bureaus, we have direct audit and 
investigative authority.
    The Amendments also gave my office the authority to 
initiate, conduct and/or supervise audits of the IRS. However, 
our capability to do many such audits is limited. We have an 
audit staff of approximately 160 auditors who must provide 
primary audit coverage for the remaining 11 Treasury bureaus. 
Our recent efforts have been focused on helping these other 
bureaus improve operations and meet the Chief Financial 
Officer's Act (CFO) and Government Management Reform Act (GMRA) 
requirements. In contrast, the Chief Inspector has 
approximately 460 auditors who focus solely on IRS programs and 
operations. Consequently, my office must rely on IRS Internal 
Audit for most of the audit coverage given to IRS. In addition, 
as you have heard today, the GAO performs an extensive amount 
of audit work at the IRS, including the bulk of the financial 
statement work.
    Prior to the Amendments, the Inspection Service reported 
solely to the IRS Commissioner and had little contact with 
Treasury officials and Congress. The Amendments changed this 
relationship. They required that the Inspection Service's work 
become subject to the reporting requirements of Section 5 of 
the Act. As such, the Inspection Service's results are 
routinely included in my Semiannual Report to the Congress, 
including its tax writing and general government oversight 
subcommittees.
    In keeping with this requirement, my Semiannual Reports 
have highlighted the work of my office and the Inspection 
Service in each of the high risk areas since 1990. While the 
IRS and Customs have made progress in managing the risks 
associated with each area, significant long-term concerns still 
remain. For this reason, both the Inspection Service and my 
staff will continue to focus significant audit coverage on 
these areas and will routinely report the results of our 
assessments to the Secretary, the Congress, and the public.
    A clearer understanding of the scope of the Inspection 
Service's activities can be seen within the framework of the 
overall mission of the IRS. As you know, the IRS is a large, 
complex and geographically dispersed organization which employs 
over 100,000 people who collect over $1.4 trillion in tax 
revenues and enforce the tax laws. Considering the significant 
amount of money involved, the discretionary authority of 
enforcement personnel, the size of the organization, the 
massive processing operations, and the scope of taxpayer 
contacts taking place daily throughout the country, it is easy 
to see the inherent risks associated with IRS operations. 
Within this framework, the Inspection Service has historically 
directed its audit coverage to those IRS activities that are 
related to the collection of tax revenues, enforcement of tax 
laws, and processing of returns and other information.

                           Managing High Risk

    We are here today to talk about high-risk issues. Managing 
risk and minimizing the vulnerabilities is a job for all of us 
in the public service. IGs, department and agency managers at 
all levels, and the Congress share this responsibility. 
Congress is doing its share as evidenced by a recent series of 
enacted legislation. Legislation like the Government 
Performance and Results Act of 1993 (GPRA), Government 
Management Reform Act of 1994 (GMRA), and the Information 
Technology Management Reform Act of 1996 (ITMRA) provide a 
perspective and approach to improving government operations 
which appear well-suited to fixing the problems. These laws 
provide the framework for systematic long-term solutions for 
making a government that works better and costs less.
    GAO has discussed with you their extensive work in the IRS 
and in other high-risk areas. Let me briefly discuss with you 
some of the work that my office and the Chief Inspector are 
doing to address those areas for which the Treasury is 
responsible. Let me first discuss how we are helping to address 
high-risk areas.
    Integrate High-Risks Areas in Audit Planning--Effective 
audit planning focuses on high-risks areas. We have instituted 
a long and short-range planning system that systematically 
identifies programs and activities subject to the risk of 
fraud, waste, and mismanagement. As these areas are defined, we 
plan audits, evaluations, and investigations to identify 
management actions needed to avoid mistakes.
    Ensuring That Recommendations for Corrective Action Are 
Implemented--Monitoring the department's implementation of 
recommendations is another way to ensure that progress is being 
made. Treasury management is ultimately responsible for 
implementing audit recommendations and achieving the cost 
benefits outlined in our reports. We monitor management's 
implementation through the Department's Audit Tracking System. 
This system allows us to follow up on management actions. For 
the Treasury high-risk issues, we and the Chief Inspector are 
making a concerted effort to examine completed corrective 
actions in order to ensure that they are actually having an 
effect on previously noted deficiencies. Additionally, my 
office is completing an evaluation of the Department's audit 
tracking system. We will make recommendations to ensure that 
this system provides information needed by management to assure 
that corrective actions are being timely and correctly made.
    I will now discuss the work of my office and the Chief 
Inspector's as they pertain to the following: Financial 
management at the Customs Service and IRS; Oversight of IRS' 
Tax Systems Modernization efforts; Filing fraud: Asset 
forfeiture; Information security; and the Year 2000 problem.
    Customs Financial Management--Financial management at both 
the Customs Service and the Internal Revenue Service has been 
previously reported as a material weakness and has received 
extensive criticism from GAO. With the advent of the Chief 
Financial Officers Act, these weaknesses took on greater 
emphasis.
    To provide some perspective, the Customs Service, which is 
of the size and complexity of a large Fortune 500 company, has 
existed for well over 200 years without the discipline of 
undergoing annual financial statement audits. Furthermore, like 
most federal entities, its operational and administrative 
functions were organized to address budgetary needs and 
requirements. Therefore, it was not surprising that its systems 
and operations were not readily able to withstand the scrutiny 
of a financial statement audit.
    Three years ago, we assumed responsibility for auditing 
Customs' financial statements from GAO. Customs has improved 
its financial management; however, more needs to be done. The 
results of Customs' fiscal year 1996 financial statement audit 
are a meaningful indication of the tangible progress it has 
made in addressing previously reported material weaknesses. 
While Customs' most serious material weaknesses have been 
addressed, they have not been fully eliminated. We believe that 
Customs' planned improvement efforts are appropriately focused 
on control weaknesses involving invalid drawback payments, in-
bond shipments, and core financial systems. Customs needs to 
focus its energies on these efforts.
    We believe the relative risk associated with Customs' 
financial management can be reduced with the continuing support 
of Customs senior and mid-level management. They must ensure 
that planned improvement efforts are properly implemented so 
that existing material weaknesses are resolved and related 
problems do not recur.
    IRS Financial Management--IRS' FY 1996 financial statements 
are the fifth set prepared by the IRS' Chief Financial Officer 
and submitted for audit in accordance with the CFO Act. These 
statements are presented in two separate sections. The first 
section presents the financial statements of the 
``Administrative'' operations, i.e. IRS' accounting for the 
appropriated funds it receives to conduct operations. The 
second section presents the financial statements of the 
``Custodial'' operations, i.e. collection of revenue on behalf 
of the Federal government.
    Since 1992, a GAO team, which included auditors detailed 
from IRS' Office of the Chief Inspector, has attempted to audit 
IRS' financial statements. They were unable to render an 
opinion as to the fair presentation of these statements citing 
severe financial management and control problems at IRS. GAO is 
now auditing IRS' FY 1996 financial statements. The OIG and 
Treasury CFO are closely monitoring the progress of this audit 
because of the significance of the IRS audit results to the 
first ever audited Treasury-wide financial statements for FY 
1996. Next year, the OIG will have responsibility for auditing 
the FY 1997 financial statement section pertaining to IRS' 
``Administrative'' operations. GAO will continue to audit IRS' 
financial statements covering ``Custodial'' operations.
    Tax Systems Modernization--The IRS has spent billions on 
TSM and there has been dissatisfaction with the results to 
date. IRS performed this work without having an overall plan, a 
consistent approach to managing contractors, or persons with 
the necessary skills to successfully complete the job. However, 
many congressional committees, including this one, have already 
heard of the problems with TSM and are probably not interested 
in hearing them in detail again.
    The IRS' Chief Inspector's work regarding TSM has been 
extensive. Since 1991, IRS Inspection has issued almost 90 
reports on TSM. These reports have reflected the same kinds of 
problems that GAO has reported in their audits. In our 
Semiannual Reports to Congress, we have highlighted the Chief 
Inspector's TSM work and since 1992 have reported TSM first as 
a major area of concern and later as a material weakness. In 
early 1996, we issued our own report on Treasury's Oversight of 
TSM which concluded that Treasury's past oversight of the 
modernization program had not been effective. Around the same 
time, the Department and IRS adopted a new approach to oversee 
TSM the Modernization Management Board (MMB). In addition, the 
IRS created an Investment Review Board (IRB) consistent with 
GAO's best practices self-assessment. As IRS and the Department 
embark on a whole new approach to TSM, the Chief Inspector 
continues to conduct a substantial body of audit work. In 
conjunction with his efforts, we plan to initiate a followup 
audit to assess whether Treasury has improved its ability to 
oversee TSM and whether IRS is addressing the recommendations 
made by the Chief Inspector and GAO.
    I believe the Treasury OIG has a significant role to play 
as TSM and other ``fixes'' are put into place. While others 
continue to extensively audit the development of TSM and other 
IRS activities, the OIG's oversight role includes monitoring 
the IRS' progress in implementing previous recommendations and 
assuring performance of adequate audit followup. We also 
participate as an advisory member of the MMB. We believe that 
the MMB and IRB are promising oversight mechanisms to help IRS 
address and resolve its difficult issues.
    While these oversight mechanisms are very new, they are 
having an impact. For example, in a 1996 audit of TSM, the 
Chief Inspector found that IRS' Document Processing System 
(DPS), an integral part of TSM, continued to be at risk because 
of repeated setbacks in the delivery of major DPS sub-systems. 
Furthermore, those setbacks indicated that IRS may not have the 
required technical expertise to deliver those sub-systems. The 
auditors recommended that IRS consider canceling any further 
development of DPS. Based on this and other ongoing evaluations 
of DPS, the IRB recommended, and the MMB agreed, that 
completing DPS was not cost effective given its projected 
return on investment. DPS was terminated in October 1996.
    Filing Fraud--As with Tax Systems Modernization, the Chief 
Inspector's Office has established an aggressive revenue 
protection audit strategy. This is designed to assist IRS 
management in improving systems for detecting return filing 
fraud in advance of issuing tax refunds. In a report released 
last month, the IRS internal audit staff concluded that IRS' 
1996 Revenue Protection Strategy initiative effectively 
enhanced the selection of returns most susceptible to 
noncompliance with filing requirements. Since Fiscal Year 1995, 
IRS internal audit has issued 18 reports on revenue protection 
activities. Some of the recommendations from those reports 
include methods to identify suspect tax return preparers who 
deliberately understate their client's tax liabilities and 
strategies developed to detect the use of duplicate social 
security numbers to claim additional tax exemptions. Other 
reviews addressed the suitability of electronic return 
originators and the prevalence of tax refund fraud related to 
false claims under the earned income credit program. In 
addition to these specific audits performed on filing fraud 
areas, the Chief Inspector's internal audit staff monitors the 
processing activities in an on-line environment each tax filing 
season.
    Asset Forfeiture--GAO has two concerns regarding asset 
forfeiture vulnerabilities--the need for better accountability 
and stewardship of seized property, and economies that could be 
realized through consolidation of the Justice and Treasury 
asset management and disposition functions. With regard to the 
management of seized property, Customs, as the custodial agent, 
has taken substantial actions that, if properly implemented, 
should remove Customs' seized-property management from the 
high-risk category. Customs continues to upgrade existing 
security at its storage facilities, appropriately focusing on 
those facilities where particularly large amounts of illegal 
drugs are stored prior to destruction. Additionally, while 
Customs' Fiscal Year 1995 year end physical inventory of 
illegal drugs and other contraband revealed significant errors 
in recorded quantities and quantities on-hand, its Fiscal Year 
1996 year end inventory showed that these conditions had 
considerably improved.
    Customs also is taking steps to correct previously reported 
weaknesses in its seized property tracking system. It is 
implementing a new seized asset case tracking system that, when 
fully operational, should offer improved controls and audit 
trails over seized and forfeited property, thus, reducing the 
ability to disguise a loss or theft of seized property. Customs 
is taking steps to ensure that existing weaknesses are resolved 
and related problems do not recur. The relative risk associated 
with Customs' seized property management system can be reduced 
with the continuing support of Customs top and mid-level 
management by ensuring that planned improvement efforts are 
properly implemented.
    Since the OIG has not examined the benefits of 
consolidating the Justice and Treasury funds, we are unable to 
comment on the extent of GAO's estimated savings. Our work has 
focused on the use of Treasury Forfeiture Funds by state and 
local law enforcement recipients. Our conclusions from this 
work raises concerns regarding the administrative difficulty 
imposed on recipients because of the existence of two sets of 
guidelines to which they must adhere. We also had some 
difficulty in assessing whether Treasury funds have been spent 
in accordance with Treasury program criteria. We found that 
recipients commingle funds from Treasury, Justice, and other 
sources making it more difficult to ensure that the funds were 
being used for intended law enforcement purposes. Therefore, 
because of the different spending guidelines and program 
requirements, local law enforcement agencies would likely find 
it easier to receive money from one fund or to comply with one 
uniform set of guidelines for both funds. Treasury and Justice 
have been working together to establish more uniform 
guidelines.
    Information Security--GAO is rightly concerned about 
malicious attacks on computer systems. Federal computer systems 
are open to attack because so many computers are interconnected 
these days. The Government is vulnerable, and so is the 
Treasury Department. Computer intruders, whether outside or 
inside our bureaus, look to defraud and steal government 
resources, access sensitive data, and disrupt government 
services and operations. Whatever the nature of the attack or 
its consequences, the seriousness of this threat is real.
    At Treasury OIG, we have a new group that specializes in 
information technology issues. So far, we have reviewed 
information security policies for Customs and ATF. We have 
reviewed information security administration, program change 
procedures and mainframe security software at Customs, ATF and 
Secret Service during our annual financial audits. These audits 
identify a number of weaknesses that intruders could exploit. 
Some reported weaknesses have been corrected; however, others 
have not. We have also issued a comprehensive report on 
disaster recovery planning that compares the plans among the 
different Treasury bureaus. We found several bureaus do not 
have a workable disaster recovery plan--a serious security 
weakness. IRS Inspection Service auditors have also given 
extensive coverage to computer security issues. For example, in 
1992, the Inspection Service reported that the Integrated Data 
Retrieval System (IDRS) control systems did not detect or 
prevent unauthorized accesses by IRS employees to tax 
information. The information obtained was used for improper and 
illegal purposes.
    In response to the 1992 report, IRS management implemented 
the Electronic Audit Research Log (EARL) system to identify 
employees who improperly access IDRS. Since EARL development 
began in 1993, Inspection Service auditors have monitored and 
reported on the design and progress of the system deployment. 
In addition, my office performed a followup audit to evaluate 
IRS' progress in correcting the IDRS access weaknesses. IRS 
managers have used these assessments to set the strategic 
direction for EARL and develop operating procedures to improve 
their overall effectiveness in identifying unauthorized access 
to IDRS.
    Even though improvements have been made to detect and deter 
unauthorized or improper access to tax information, weaknesses 
still exist. For example, IRS management still has not 
completed an important corrective action of obtaining security 
accreditation for the EARL system. In 1994, the Chief 
Inspector's office also identified significant security 
weaknesses over sensitive taxpayer information on personal 
computers and mini-computer systems in IRS. They made a number 
of recommendations to strengthen controls, however, in a 1996 
followup audit, they found that these weaknesses still exist. 
Clearly, more needs to be done to improve information security 
at IRS.
    Year 2000 Problem--As we have already heard, agencies must 
immediately assess their Year 2000 risk exposure and need to 
budget and plan how they will overcome the date problem for all 
of their mission critical systems. These plans and strategies 
need to be developed immediately if conversion is to be 
accomplished by early 1999. The Department's schedule and 
milestone dates are in accordance with the Government-wide 
schedule, with most of the conversion work expected to be 
completed by early 1999. While the Department's approach is 
consistent with GAO's recommendations, the ultimate challenge 
for Treasury will be to ensure that its approach is 
appropriately applied in an expeditious and timely manner.
    The Department is currently finalizing their Year 2000 
approach and vulnerability assessment. We know that Year 2000 
is a particularly high risk area at IRS, Customs, and the 
Financial Management Service, and the assessment may identify 
other information systems which may be affected by the Year 
2000 problem. Our strategy has been to await the results of the 
vulnerability assessment, and then determine where direct OIG 
involvement is required. At that time, we intend to identify 
issues, programs, or systems that might cause completion dates 
to slip or milestones to be missed. Furthermore, we are meeting 
with Department and bureau information resources management 
officials. We regularly attend the Treasury Year 2000 work 
group meetings and participate in the Chief Information 
Officers and Chief Financial Officers Councils where the Year 
2000 problem is a regular agenda item. Additionally, we are 
conducting a Department-wide Survey of Information Technology 
investment management practices. As a part of this survey, we 
are assessing the impact of the Year 2000 problem on systems 
development initiatives and plan to follow their progression.
    To conclude, I believe the federal audit community is an 
important element in the identification, analysis, and removal 
of high-risk areas. Our collective work can provide assistance 
to management in its efforts to minimize high-risk programs and 
other vulnerable areas. Audit followup is also a critical part 
of the puzzle and should be used to report on progress and 
identify what is working and what is not. I believe that my 
office, together with the Chief Inspector's Office, has a good 
record in this effort.
    This concludes my statement. I will be happy to answer any 
questions you or members of the committee may have.
      

                                

    Chairman Johnson. Thank you very much.
    Ms. Dalton.

STATEMENT OF PATRICIA A. DALTON, DEPUTY INSPECTOR GENERAL, U.S. 
                      DEPARTMENT OF LABOR

    Ms. Dalton. Good afternoon, Madam Chairman, and Members of 
the Subcommittee. Thank you for inviting the Office of 
Inspector General to discuss pension enforcement activities of 
the Department of Labor. I am here in my capacity as Deputy 
Inspector General to present the views of the OIG, which may 
not necessarily be representative of those of the Department.
    It is the opinion of OIG, Madam Chairman, that ensuring 
that pension assets are safeguarded is an area that continues 
to require major departmental and congressional attention. 
Current pension plan assets now total close to $3.5 trillion. 
Because of the nature of these assets--large sums of money that 
are invested for deposit for a future benefit--the potential 
for serious abuse exists, and no one is really exempt from 
becoming a victim of this abuse. Our criminal investigations 
demonstrate that people being defrauded come from all walks of 
life. It does not matter whether you are a truckdriver, or a 
roofer, or even a Member of Congress.
    The Department must be effective in ensuring that pension 
funds are deposited fully and promptly to workers' accounts, 
and that these funds be safe while held in trust. The problem 
of pension asset fraud and abuse is of such importance that the 
Department of Justice recently launched an initiative to 
increase prosecution of pension-related cases.
    A serious problem that has been identified in the pension 
area is that of ensuring that contributions withheld from 
employee paychecks are appropriately and promptly deposited by 
employers. Recently implemented regulations by the Department 
reduce the time in which someone could temporarily use the 
pension funds inappropriately and then deposit the funds 
without being detected. However, those regulations will not 
prevent individuals inclined to do so from converting funds for 
their own use. In fact, the government continues to identify 
instances of employee pension contributions not being deposited 
properly, or funds diverted for the personal use of those 
administering the assets. The OIG is of the opinion that 
enforcement and oversight of this area needs to remain a 
priority of the Department of Labor.
    Last week, my office issued an audit of the Department's 
employee contribution project which was initiated by the 
Department's Pension and Welfare Benefits Administration, in 
May 1995. This project was initiated to address the issue of 
plan administrators' failure to remit employee contributions to 
401(k) pension plans and health plans.
    Our audit found that PWBA's efforts in this project had a 
positive impact on protecting plan assets, particularly with 
respect to increased enforcement in this area, as well as 
participant awareness of the problem. However, we also found 
that improvements were needed in the targeting as well as in 
the case management information system used by the Pension and 
Welfare Benefits Administration for this enforcement 
initiative.
    The OIG also has some longstanding concerns with respect to 
ensuring that funds are safeguarded while they are held in 
trust by plan administrators, service providers, or trustees. 
Chief among our recommendations in this area is the need to 
repeal the limited-scope audit provision of ERISA. These 
provisions result in inadequate auditing of pension plan 
assets.
    According to PWBA, more than $950 billion in pension plan 
assets, out of approximately $2 trillion subject to the audit 
requirements of ERISA, are not examined because of the limited-
scope audit provision. Madam Chair, the OIG believes that 
requiring full-scope audits of all employee benefit plans is a 
reasonable mandate that would not place an undue burden on 
business. After all, at least half of the Nation's pension plan 
assets are currently the subject of full-scope audits. To 
illustrate the difference in value between a limited-scope 
audit and a full-scope audit, I have attached to my written 
testimony a copy of the audit opinions from each type of audit.
    The OIG believes that failure to adequately audit pension 
plans opens the doors to many forms of fraud and abuse, 
including understating required contributions or degrees of 
risk and overstating plan investments and valuations. 
Obviously, these factors can lead to pension plan failures.
    The OIG has also recommended that independent public 
accountants and plan administrators be required to report 
serious ERISA violations directly to the Department, in order 
to enhance oversight of pension plan assets, as well as to 
ensure the timely reporting of violations. Legislation to 
address these concerns has been proposed in past years, but a 
legislative fix has yet to be enacted. It is my understanding 
that the administration is currently working on introducing a 
proposal that would address these two OIG recommendations.
    From an investigative perspective, the OIG continues to 
focus on identifying abuses of service providers, 
administrators, and others, with respect to union pension funds 
and investment activities. My office currently is conducting 
criminal investigations of more than $200 million in pension 
assets that are suspected of being abused or defrauded.
    Our investigations continue to uncover abuses of employee 
benefits plans in the manner in which pension assets are 
managed and invested. We have found that the size of these plan 
assets are inviting targets to unscrupulous service providers 
and individuals who offer services to plan administrators, such 
as accountants, attorneys, or investment advisors.
    Madam Chairman, it is the OIG's opinion that ensuring 
pension assets are safeguarded is of such importance we are 
devoting considerable resources to this effort.
    This concludes my oral statement. I will be pleased to 
answer any questions.
    [The prepared statement and attachments follow:]

Statement of Patricia A. Dalton, Deputy Inspector General, U.S. 
Department of Labor

    Good Morning Madam Chair and Members of the Subcommittee. 
Thank you for inviting the Office of Inspector General (OIG) to 
discuss pension plan enforcement activities of the Department 
of Labor. I am here in my capacity as Deputy Inspector General 
to present the views of the OIG, which may not necessarily be 
representative of those of the Department of Labor.
    It is the opinion of the OIG, Madam Chair, that ensuring 
that pension assets are safeguarded is an area that continues 
to require major departmental and congressional attention. So I 
thank you for your interest in holding this hearing to further 
explore this issue. As you may be aware, current pension plan 
assets now total close to $3.5 trillion. Because of the nature 
of these assets--large sums of dollars, entrusted for deposit 
and long-term investment for a future benefit--the potential 
for serious abuses exists. And no-one is really exempt from 
becoming a victim. Our criminal investigations of pension plan 
fraud demonstrate that the people being defrauded come from all 
walks of life. It does not matter whether you are a truck 
driver or a roofer contributing to an union pension fund or 
whether you are a Member of Congress.
    The Department must be effective in ensuring that pension 
funds are deposited fully to workers' accounts in a prompt 
manner and that these funds be safe while held in trust. The 
problem of pension asset fraud and abuse is of such importance 
that the Department of Justice has launched an initiative to 
increase prosecution of pension-related cases.

                              Jurisdiction

    By way of background, oversight responsibility over the 
various aspects of the Nation's pension system and assets rests 
with four Federal agencies: the Department of Labor's Pension 
and Welfare Benefits Administration (PWBA); the Internal 
Revenue Service (IRS); the Pension Benefit Guaranty Corporation 
(PBGC); and the Department of Labor, Office of Inspector 
General (OIG).
    PWBA is responsible for administering Title I of the 
Employee Retirement Income Security Act 1974 (ERISA), which 
governs the rights and financial security of employee benefit 
plan participants and beneficiaries in the Nation's private 
pension and welfare benefit plan system. PWBA's 
responsibilities include the promulgation of regulations, 
providing interpretations of ERISA, and the enforcement of the 
provisions found in Title I. The IRS is responsible for the 
enforcement of ERISA's Title II tax-related provisions, while 
PBGC is responsible for Title IV, which provides Government 
insurance in the event of failure of certain types of pension 
plans. Title III of ERISA provides the framework for all of the 
agencies to coordinate their activities.
    Under the Inspector General Act of 1978, as amended, the 
OIG has oversight responsibilities over PWBA's programs and 
operations. Over the years, the OIG has conducted audits to 
identify weaknesses in the system and to make recommendations 
to improve the oversight of the Nation's pension assets. In 
addition, the OIG is the investigating unit within DOL for 
criminal labor racketeering and organized crime matters, and 
thus, some of the OIG's investigative jurisdiction regarding 
employee benefit plans overlaps that of PWBA. Within our 
jurisdiction, we conduct investigations into: (1) labor-related 
criminal conduct involving unions and/or industries with 
demonstrated ties to, or influences by, known organized 
criminal groups, whether they be traditional organized crime 
groups or newer, non-traditional groups; and (2) significant, 
prolonged, systematic and related criminal conduct and may be 
categorized as labor racketeering.

      Ensuring Pension Funds are Fully and Appropriately Deposited

    A serious problem that has been identified in the pension 
area is that of ensuring that contributions withheld from 
employee paychecks are appropriately and promptly deposited by 
employers. The Department has taken steps to help ensure this 
by making regulatory changes that reduce the time from which 
contributions are withheld or paid by the employee and received 
by the employer and the time the contribution is considered a 
plan asset. While these regulations reduce the time in which 
someone could temporarily use the pension funds inappropriately 
and then deposit the funds without being detected, they will 
not prevent individuals inclined to do so from converting funds 
for their own use. That type of activity needs to be addressed 
through an aggressive criminal enforcement program. In fact, 
the Government continues to identify instances of employee 
pension contributions not being deposited properly or funds 
diverted for the personal use of those administering the 
assets. The OIG is of the opinion that enforcement and 
oversight of this area needs to remain a priority of the 
Department.
    Last week, my office issued an audit of the Department's 
employee contribution project (ECP). This project was initiated 
by PWBA in May 1995 to address plan administrators' failure to 
remit employee contributions to 401(k) pension plans and health 
plans. The purpose of the OIG audit was to determine if the 
Department, through the ECP, is adequately addressing the area 
of employee contributions to ensure that funds in those plans 
are safeguarded from unscrupulous plan administrators.
    Our audit found that PWBA's efforts in this project had a 
positive impact in protecting plan assets, particularly with 
respect to increasing enforcement in this area as well as 
participant awareness of the problem. The latter was evidenced 
by a significant increase in participant complaints to PWBA. 
However, we also found that improvements were needed in the 
targeting of this enforcement initiative as well as in their 
Case Management Information System. The audit found that PWBA 
had not focused its investigative resources on plans with the 
most serious potential for abuse. We attributed this 
ineffective targeting to the fact that PWBA left the 
development of enforcement strategies to the discretion of 
regional directors, but did not conduct a timely evaluation of 
project results. As a result, enforcement results varied from 
region to region. Strategies utilized by the regions included 
reviewing participant complaints, referrals, and leads from 
plan service providers or administrators; as well as case 
development through computer targeting or self initiation. It 
is our opinion that an evaluation of project results would 
assist management in identifying the most effective targeting 
strategies, evaluating the success of the project, and 
determining its future scope and direction. PWBA is now 
evaluating the results of the ECP project.
    We also found that data in PWBA's Case Management System is 
inaccurate, particularly with respect to information on the 
sources of cases and occurrences of fiduciary violations. It is 
our opinion that the accuracy of this data is essential in 
enforcement planning and, when correlated with case results, 
crucial in assessing the success of the project.
    We also found that PWBA does not collect data or report on 
funds that have been misapplied and which are unrecoverable by 
participants or the Federal Government. The OIG believes that, 
by not providing information on unrecoverable assets, as it 
does for restored assets, PWBA fails to communicate a complete 
picture of this issue. This partial disclosure may be 
misleading PWBA clients as to the seriousness of this issue and 
deprives the Congress and the Department pertinent information. 


        Ensuring Pension Assets are Safeguarded While in Trust 

    The OIG also has some long-standing concerns with respect 
to ensuring that funds are safeguarded while they are held in 
trust by plan administrators, service providers, or unions.
    Chief among our recommendations in this area is the need to 
repeal the limited scope audit provision of the Employee 
Retirement Income Security Act (ERISA) of 1974, which results 
in inadequate auditing of pension plan assets. Since 1984, the 
OIG has reported its concerns that employee pension funds are 
not being adequately audited to ensure that they will be 
available in the future to pay promised benefits. This 
provision exempts from audit all pension plan funds that have 
been invested in institutions such as savings and loans, banks 
or insurance companies already regulated by Federal or State 
Governments. At the time ERISA was passed two decades ago, it 
was assumed that all of the funds invested in those regulated 
industries were being adequately reviewed. Unfortunately, as we 
have found from the savings & loan crisis, that is not always 
the case.
    According to PWBA, more than $950 billion in pension plan 
assets (out of approximately $2 trillion subject to audit 
requirements under ERISA) are not examined because of the 
limited scope audit provision. Currently, because of this 
provision, independent public accountants (IPAs) conducting 
audits of pension plans cannot render an opinion on the plan's 
financial statements in accordance with professional auditing 
standards. It is important to note that the disclaimer of any 
opinion on the financial statements includes even those assets 
that are not held by financial institutions. The OIG believes 
that these Ano opinion@' audits provide no substantive 
assurance of asset integrity to benefit participants or the 
Department. Our concerns in this area were raised in two OIG 
audits and have subsequently been supported by PWBA, the 
General Accounting Office, and the American Institute of 
Certified Public Accountants.
    Madam Chair, the OIG believes that requiring full scope 
audits of employee benefit plans is a reasonable mandate that 
would not be a burden on businesses. Currently, at least half 
of the Nation's pension plan assets are the subject of full 
scope audits. Moreover, these audits are usually routine add-
ons to annual financial audits of a corporation, and therefore, 
their specific cost is not high. To illustrate the difference 
in value between a limited scope audit opinion and a full scope 
audit opinion, I have attached a copy of each to my testimony.
    The OIG believes that the failure to adequately audit 
pension plans opens the door for many forms of fraud and abuse, 
including understating required contributions or degrees of 
risk, and overstating plan investments and valuations. 
Obviously, these factors can potentially lead to pension plan 
failures.
    The OIG has also recommended that independent public 
accountants (IPAs) and plan administrators be required to 
report serious ERISA violations directly to the Department. The 
OIG believes this requirement will enhance oversight of pension 
plan assets as well as ensure the timely reporting of 
violations. This change will involve accountants in the kind of 
active role that they are supposed to play in the safeguarding 
of pension assets, by providing a first line of defense to plan 
participants through their timely and direct reporting of 
potential problems with employee benefit plans.
    Because of the vulnerability of pension assets to fraud and 
mismanagement, Madam Chair, the OIG believes that full scope 
audits of employee benefit plans and reporting of serious ERISA 
violations by IPAs and plan administrators are crucial factors 
in ensuring that pension assets are safeguarded. However, while 
legislation to address these concerns has been proposed in past 
years, a legislative fix has yet to be enacted. It is my 
understanding that the Administration is currently working on 
introducing a proposal that would address these two OIG 
recommendations.
    From an investigative perspective, the OIG continues to 
focus on identifying abuses by service providers, 
administrators, and others with respect to union pension funds 
and investment activities. The OIG is currently conducting 
investigations of more than $200 million in pension assets that 
are suspected of being abused or defrauded. Our investigations 
continue to uncover abuses of employee benefit plans in the 
manner in which pension assets are managed and invested. The 
size of these plan assets offer inviting targets to 
unscrupulous service providers and individuals who offer 
services to the plan administrators such as accountants, 
attorneys, or investment advisors.
    An example of some of the types of abuses we have 
identified involves an attorney for an employee benefit plan 
with over $30 million in assets. In this case, the attorney 
engaged in a scheme to temporarily divert pension assets to 
invest in an off-shore, lucrative (yet high-risk) investment 
scheme. Some $10 million in pension assets were lost in the 
scheme when the offshore investors stole the money. The 
attorney pled guilty to charges of conspiring to solicit and 
receive kickbacks related to influencing the investment of the 
$10 million of pension funds. Other service providers to the 
fund, an investment advisor and an accountant have been charged 
as well. The attorney is currently incarcerated.
    The OIG, in conjunction with its probe of labor 
racketeering in the construction industry, has been looking 
into the use of pension plan assets as loans for construction 
projects and other related loan activity. These cases are very 
complex in terms of the way the fraud is concealed. An example 
of this type of activity involved a case where an individual in 
California pled guilty to charges that he was involved in a 
scheme to defraud pension funds through the use of construction 
loans. The defendant, acting as the general managing partner of 
a partnership, obtained over $10 million in construction 
financing through a mortgage company from four union pension 
funds. As part of the loan agreement, the defendant was 
advanced funds in order to directly pay subcontractors for any 
work that they performed on the project. To obtain a release 
for some of the funds, the defendant was obligated to provide 
the mortgage company with documentation supporting the use of 
the funds to pay the subcontractors for construction materials 
and services. The defendant used the money on other unrelated 
real estate construction projects, while the project that was 
to be funded with the money failed. Unfortunately, the pension 
plans had to absorb the monetary loss.
    The OIG is also playing a very active role in the Attorney 
General's Pension Abuse Initiative. This enforcement project 
seeks to increase emphasis on the problem of pension asset 
fraud and abuse. U.S. Attorneys' offices are working with 
Federal and State Government agencies to determine the 
magnitude of this problem in their respective districts. Of the 
initial cases that have been identified where prosecution is 
anticipated, at least 20 percent are being investigated by this 
OIG. The cases, which are scattered across 36 different federal 
districts, involve embezzlements and kickbacks to union and 
plan officials ranging from $3,000 to $28 million. 

                       Continuing OIG Oversight 

    Ensuring that pension assets are safeguarded is of such 
importance that the OIG has prepared a 5-year audit plan of 
potential areas we will be exploring with respect to pensions. 
As part of this endeavor, in this next year, we will be 
conducting an audit on ERISA reporting and disclosure 
requirements. ERISA requires a significant amount of reporting 
and disclosure by employee benefit plans as a means of 
protection for employee benefit plan participants. Our review 
will determine how the IRS and PWBA gather the required 
information, and analyze how the information is used by the 
Government and participants. Since reporting and disclosure 
requirements place a burden on plan administrators yet are 
critical to participant protection, we will attempt to 
determine if the current requirements are necessary and 
sufficient to accomplish the intent of ERISA.
    The OIG will also evaluate PWBA's enforcement strategy with 
respect to ERISA's prohibited transaction rules, fiduciary 
responsibilities, and reporting and disclosure requirements. We 
will specifically evaluate the use of computer targeting as an 
enforcement tool and the resources devoted to it and will 
obtain information from other agencies to determine any other 
targeting methodologies of benefit to PWBA.
    The OIG will also monitor the development of PWBA's two 
major computer system development projects--their new form 5500 
system and a new Case Management System from their start 
through completion. At a 5-year projected cost of $59 million 
for the form 5500 system alone, OIG monitoring is necessary to 
ensure that the systems are an appropriate and efficient tool 
in PWBA's oversight and enforcement efforts.
    Madam Chair, this concludes my prepared statement, I would 
be pleased to answer any questions that you or the other 
Subcommittee Members may have.
[GRAPHIC] [TIFF OMITTED] T9632.001

      
    [GRAPHIC] [TIFF OMITTED] T9632.002
    
      

                                

    Chairman Johnson. Thank you very much.
    Mr. Mangano.

  STATEMENT OF MICHAEL F. MANGANO, PRINCIPAL DEPUTY INSPECTOR 
     GENERAL, U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES

    Mr. Mangano. Thank you very much, Madam Chairman and 
Members of the Subcommittee. We appreciate the opportunity to 
be here this morning to present to you what we think are some 
of the more important vulnerabilities in the Medicare Program.
    I would recommend for your consideration three areas, one 
of which was already talked about a little bit earlier this 
morning, home health. We would add to that list hospice and 
durable medical equipment.
    Far and away, we believe that the home health benefit is 
the one that is the most vulnerable in the Medicare Program 
today. With expenditures increasing about fivefold over the 
last 6 years and the number of visits doubling over that time 
period, we think that the program is growing fast. And 
unfortunately, we think a large contributing factor to that is 
fraud and abuse. In 1990, the program cost $3\1/2\ billion. 
Last year, it was up just under $17 billion.
    We have completed eight audits of home health agencies in 
California, Florida, and Pennsylvania, and we found error rates 
at those home health agencies of 19 to 64 percent. That is, we 
found visits that were either unreasonable or not necessary, 
patients who were not homebound or not properly authorized by a 
physician, and services that were billed but actually were not 
delivered. Preliminary data that we have from statewide reviews 
in other States bear out the same kind of seemingly similarly 
high error rates.
    We are also concerned about the extreme variation between 
the numbers of visits between home health agencies, themselves. 
Those home health agencies we would consider the lower cost 
ones were averaging about 33 visits a year per patient; 
whereas, those at the higher end were offering over 100 visits 
per beneficiaries.
    We have offered a number of recommendations to the Health 
Care Financing Administration which I want to reiterate here. 
They deal with more effective targeting the reviews of those 
home health agencies, better case management strategies, and 
also involving beneficiaries more into the process itself.
    We think that the problems are so pervasive in the home 
health area that we would think that a legislative fix, in 
terms of restructuring the payment method, is clearly well in 
order at this time. Some of the options that we have offered 
are prospective payment, capitation payments, and benefit 
targeting.
    In addition to issues surrounding home health, we are also 
very concerned about the substantial growth in the hospice 
benefit and the lengths of stays of persons in hospice. Our 
work in this area began in 1994 when we took a look at Puerto 
Rico and what was going on there. In Puerto Rico we found large 
numbers of beneficiaries who are not terminally ill receiving 
the hospice benefit. We had recommended recovery of almost $20 
million in overpayments in that area.
    We have also completed more recently 12 audits of hospice 
organizations in Illinois, Florida, Texas, and California. In 
those facilities we found an error rate of over 65 percent for 
those beneficiaries who were in hospice care for over 210 days. 
That was approximately $83 million in overpayments for 
beneficiaries who were really not eligible for the service at 
the time they entered into it. We also found a particularly 
serious vulnerability of hospice beneficiaries in nursing 
homes, which I pointed out in my written testimony.
    We think that the Congress has some opportunities here to 
consider at least two recommendations. One is that you reduce 
the Medicare payments after 210 days in a hospice. That would 
give the hospice some financial security that patients that 
live longer than initially expected would have some resources 
available to the hospice to take care of it, but would also 
make the hospice a little more careful in making eligibility 
determinations at the beginning.
    The second recommendation is to reduce the hospice payment 
for patients living in nursing homes to more accurately 
consider the kinds of services that those beneficiaries really 
need and the services that are already being provided by the 
nursing home.
    The third area is, I think, a little bit more hopeful in 
that some things have been done already. That is in the durable 
medical equipment and supplies area. We would applaud what HCFA 
has done in narrowing down the number of carriers to four. 
These are the durable medical equipment regional carriers who 
really specialize in making payments for durable medical 
equipment.
    We see, though, continuing problems with overutilization in 
areas of wound care; false billings for incontinence supplies, 
body jackets; and excessive payments for oxygen, enteral 
nutrition, and nebulizer drugs. We find this to be a particular 
problem in nursing homes.
    The chart that I have over there gives you one example of 
where some administrative action can really pay some dividends. 
Back in 1994, we conducted a series of evaluations that pointed 
out that incontinence supplies were being overbilled to the 
Medicare Program. That is, the services that were being billed 
were not really the kinds of supplies that were being 
delivered.
    [The chart follows:]
    [GRAPHIC] [TIFF OMITTED] T9632.004
    
      

                                

    We started a nationwide investigation involving over 20 
cases across the country, and the Health Care Financing 
Administration instructed their durable medical equipment 
carriers to really intensify the review. As you can see from 
that chart, the incontinence supplies then dropped almost $100 
million in 1 year because of that threefold action. So I think 
some things can be done administratively.
    We also think there are some legislative fixes here that 
are worthy of your consideration. One is to bundle up some of 
the costs of durable medical equipment into the nursing home 
facility fee; and second, to free up HCFA to be able to do more 
competitive bidding for these services, so that they can get a 
fair market value for the kinds of products beneficiaries are 
receiving.
    My written testimony identified a few other areas, which I 
will not go over now. So let me close by saying that we 
appreciate the opportunity to testify here this morning.
    [The prepared statement follows:]

Statement of Michael F. Mangano, Principal Deputy Inspector General, 
U.S. Department of Health and Human Services

    Good Morning, Madam Chairman. I am Michael F. Mangano, 
Principal Deputy Inspector General of the Department of Health 
and Human Services. Since 1976, the primary mission of the 
Office of Inspector General has been to protect and recommend 
improvements to the programs and management of the Department 
of Health and Human Services. This mission is accomplished 
through audits, investigations, and inspections designed to 
reach all organizational levels of the Department, its 
contractors, grantees and providers of goods and services to 
departmental programs.
    As this Subcommittee is aware, Medicare is one of our 
nation's most important social programs. It provides health 
care coverage for more than 38 million elderly or disabled 
Americans. Because of the huge sums of money being spent, $191 
billion in FY 1996, there will always be individuals or 
companies that attempt to defraud the Medicare program.
    The General Accounting Office has outlined a number of 
vulnerable areas within the Medicare program in its latest 
reports entitled ``High Risk Series.'' These include payment 
safeguards, claims processing, and managed care. We certainly 
agree that these are important and vulnerable areas. However, I 
would like to add to what GAO has said by bringing to your 
attention three programmatic areas of the Medicare program that 
we believe are particularly vulnerable to systemic fraud, 
waste, and abuse. These are home health, hospices, and durable 
medical equipment and supplies. We have intensified our work on 
these programs in the last two years.

                              Home Health

    Medicare Part A pays for home health services for 
beneficiaries who are homebound, in need of care on an 
intermittent basis, and under the care of a physician who both 
establishes a plan of care and periodically reviews it. 
Beneficiaries receive numerous services including part-time or 
intermittent skilled nursing care and home health aide 
services, physical speech and occupational therapy, medical 
equipment and supplies, and medical social services. The 
benefit is unlimited as long as the services are considered 
medically necessary.

Rapid Growth.

    The home health benefit is the fastest growing component of 
the Medicare program. In FY 1990, Medicare spent $3.5 billion 
for home health services for approximately two million 
beneficiaries. By FY 1996, expenditures had grown 5-fold to 
$16.9 billion, and the number of beneficiaries increased to 3.7 
million. Home health expenditures now account for 8.8 percent 
of total Medicare spending, compared to 3.5 percent in 1990. In 
addition to the increasing number of home health beneficiaries, 
utilization has doubled, from an average of 36 visits per 
Medicare beneficiary receiving home health benefits in 1990 to 
76 visits in 1996. The Congressional Budget Office estimates 
that spending for home health services will reach $31 billion 
by 2002.
    The reasons for the rapid growth of home health 
expenditures are numerous. Some of the growth is appropriate 
and expected due to changes made to the benefit, demographic 
trends, and technological advances. Court cases have also 
liberalized coverage of the benefit so that more beneficiaries 
can receive care for longer periods. There are many new medical 
technologies, such as infusion therapies, which can now be 
provided at home that in past years would only have been 
delivered in hospitals. In addition, we know that a growing and 
aging Medicare population will result in increased home health 
costs. The trend toward providing more care in the community 
instead of institutions has also impacted the use of home 
health services. Finally, growth can be attributed to the 
fundamental structure of the benefit as well as problems with 
the management of the home health benefit.
Fraud and Abuse.

    Unfortunately, fraud and abuse also significantly impact 
the high growth rates of home health. Over the past several 
years, we have issued evaluations and audits that have 
identified numerous types of fraud and abuse problems. The home 
health benefit is particularly susceptible to exploitation 
compared to other types of health services because the care is 
provided in patients' homes with limited supervision.
    We have now completed audits of eight home health agencies 
in Florida, Pennsylvania, and California. These audits revealed 
that the agency error rates--the percent of the home health 
visits paid for by Medicare but which did not meet Medicare 
guidelines--varied from 19 to 64 percent. We found visits that 
were not considered reasonable or necessary, visits for 
patients who were not homebound, visits improperly or not even 
authorized by a physician, and visits which were not provided 
to Medicare beneficiaries. Preliminary data from additional 
audits underway in other States indicate similarly high error 
rates. We are therefore concerned that such high error rates 
may be commonplace.

Unexplained Variation.

    We are also concerned about the extreme variation in 
payments to home health agencies and the fact that such 
variations are growing without clear justification. In FY 1993, 
lower cost home health agencies (those which provided less than 
the national average of visits per episode) averaged 30 visits 
per episode, whereas the higher cost agencies (those with 
visits per episode above the national average) provided 85. One 
year later, the lower cost agencies provided 33 visits per 
episode, while the average for the higher cost agencies jumped 
to 102. We found that private for-profit home health agencies 
tended to be the more costly. Additionally, we have found that 
home health agencies in four southeastern States--Tennessee, 
Alabama, Mississippi, and Georgia--averaged twice as many 
visits per Medicare beneficiary as home health agencies in all 
other States. These four States averaged approximately 100 
visits per episode compared to approximately 54 for all other 
States.
    Our analysis indicates that beneficiary age, race, gender, 
qualifying condition, principal diagnostic codes, and overall 
quality of care do not account for these variations. It appears 
to us that the differences are due mostly to the discretion 
afforded home health agencies to influence the amount of care 
given to their clients.

Looking for Solutions.

    Our work has shown repeatedly that there is a need for 
greater control and protection from fraud and abuse. However, 
we must proceed cautiously to ensure that any measures to 
control the benefit do not harm those beneficiaries who truly 
need these services. Our focus must be on protecting the 
benefit as well as controlling expenditures and minimizing the 
potential for fraud and abuse.
    To learn more about how this might be done, we examined 
practices of private insurance companies, State Medicaid 
agencies, the Department of Veterans Affairs, the Civilian 
Health and Medical Program of the Uniformed Services (CHAMPUS), 
and numerous health maintenance organizations (HMOs) manage 
their home health care programs. While their benefit structures 
were similar to Medicare's, they did try to control costs in 
ways that Medicare does not. For example, some place limits on 
the number of visits or caps on the dollar amount that can be 
paid. Many tried to target their programs more specifically to 
the individualized needs of their beneficiaries. They also 
undertook more intensive utilization control measures such as 
reviews of physician referral rates, post-pay edits, and 
utilization profiling combined with physician education.
    We found that HMO's provide home health care for only one-
fourth the cost of the Medicare fee-for-service program. The 
HMOs that responded to our survey spent an average of $882 per 
beneficiary in 1994 compared to Medicare's fee-for-service cost 
of $3,464. They do this by using case managers to review and 
approve patient care. These case managers work with physicians 
to plan care and write orders, review and approve both initial 
and continuing visits, review medical necessity, track and 
report outcomes and cost savings on a monthly basis, and 
participate in quality assurance activities such as clinical 
record reviews, team meetings, and case conferences. They 
carefully control both the number and kind of visits, 
constantly evaluating the care provided.

Administrative Remedies.

    Based on these practices and on our own analysis of 
weaknesses which we found, we have made several recommendations 
aimed at controlling Medicare expenditures and reducing the 
potential for fraud, waste and abuse. These recommendations 
include more effective reviews of home health agencies, funding 
case management programs in the fiscal intermediaries, ensuring 
that fiscal intermediaries have adequate resources to detect 
inappropriate claims, and requiring beneficiaries to certify 
their ``homebound'' status.

Legislative Changes.

    However, we believe that management actions like these will 
not be sufficient. The problems are so commonplace that a 
restructuring of Medicare's payment system is called for. 
Options include prospective payment, capitation of payment for 
services, beneficiary cost sharing, and benefit targeting.
    Given the current rapid growth rate, substantial savings 
can be attained by preventing abuse and constraining over 
utilization of this benefit. The amount would, of course, 
depend on the success of payment control methods or the type of 
benefit restructuring enacted into law. Any estimate of savings 
is sensitive to many factors such as the actual home health 
growth rate, growing use of Medicare managed care and 
behavioral changes due to any legislative or regulatory 
changes. However, to give a general sense of the problem and of 
potential savings, a 10 percent reduction of payments last year 
would have saved $1.7 billion, and a 20 percent reduction would 
have saved $3.4 billion.

                                Hospice

    The Medicare hospice benefit was established in 1983 and 
may be elected by Medicare beneficiaries who are diagnosed with 
a terminal illness and have a life expectancy of 6 months or 
less. Hospice is the provision of palliative care, usually in 
the home, where the dying person can be in contact with family 
and friends. Rapid Growth. Total hospice payments have 
increased dramatically. In 1995 Medicare paid approximately $2 
billion for hospice services, more than 24 times the amount 
spent in 1986. In contrast, Medicare expenditures for home 
health services grew about 5 times during the same time period. 
We are concerned about the substantial growth in hospice 
payments and lengths of stay for patients in hospice.

General Fraud and Abuse.

    We have recently undertaken a number of studies related to 
Medicare's hospice benefit. We found that certain providers are 
misusing the benefit by enrolling a high number of ineligible 
beneficiaries. In 1994, we completed a review of Medicare 
hospice eligibility in Puerto Rico. This study disclosed large 
numbers of beneficiaries in hospice care who were not 
terminally ill and therefore not eligible for the benefit. We 
estimate that $20 million was inappropriately paid for services 
rendered to ineligible patients in Puerto Rico.
    With the Puerto Rico results as background, we began a 
broader review of this important benefit. We have also audited 
12 large hospices located in Illinois, Florida, Texas, and 
California. We found, on average, that 65 percent of the 
patients in hospice over 210 days did not qualify for the 
benefit. From these audits we identified $83 million in 
overpayments. In addition to the problem of overpayments, these 
audits discovered other problems regarding internal controls, 
questionable hospice marketing practices, and potential illegal 
incentives to refer nursing home patients to hospices. We have 
ongoing investigations.

Special Vulnerabilities for Nursing Home Patients.

    Beginning in 1986, Medicaid nursing home patients were 
allowed to elect hospice care. Recently we have begun to look 
closely at hospice patients residing in nursing homes. We are 
finding that nationally approximately one-fifth of hospice 
patients residing in nursing homes were ineligible for the 
benefit. Approximately one-third of those that lived beyond 210 
days had been ineligible for the benefit when they enrolled.
    When a nursing home patient elects hospice, the hospice 
assumes responsibility for the professional management of the 
patient's medical care, but the nursing home continues to 
provide the patient's room, board and other services. The 
payment system for hospice patients residing in nursing homes 
is complex, involving a transfer of funds from the State 
Medicaid program to the hospice and then a payment by the 
hospice to the nursing home. The average amount that the States 
transfer to the hospices is $73 per day per patient. The 
hospice may transfer some, all, or more than this back to the 
nursing home to cover routine daily needs. The hospice also 
receives the same level of payment from Medicare for providing 
hospice services to these patients as it does for patients 
residing at home--$96 per day. The end result is that both the 
nursing home and hospice receive payment for providing services 
to beneficiaries residing in nursing facilities. We are 
currently looking at the type and frequency of the services 
being provided to these patients. Many times we are finding 
that hospices are providing routine care that is being provided 
by the nursing home, and usually fewer services than they 
provide to patients at home.
    Another factor affecting the increase in hospice payments 
may be the 1990 repeal of the 210 day limit for hospice care. 
Prior to 1990, hospices were more conservative in deciding who 
would be admitted under the benefit and when to admit the 
patient. If the patient lived beyond 210 days (7 months), the 
hospice would have to absorb the cost of providing care to the 
patient since Medicare would not pay beyond this time. Repeal 
of the 210 day limit shifted the financial risk for patients 
living longer from the hospice to Medicare. Prior to the repeal 
of this limit, less than 6 percent of hospice patients lived 
beyond 210 days. In early 1996, however, approximately 14 
percent of patients had lengths of stays longer than 210 days.
    Let me be clear that we recognize that some of the longer 
stays may be a positive development, perhaps reflecting the 
fact that hospices are providing care that is beneficial to the 
patients and resulting in longer life. Furthermore, we 
recognize how difficult it is to predict how long even a 
seriously ill person may live, and we fully expect that some 
hospice patients will live beyond initial estimates made by 
physicians. What we are concerned about is patients whose 
medical condition never did support a prognosis of death within 
6 months (as required for eligibility for the Medicare hospice 
benefit). For example, our audits found patients with 
``unspecified'' debility, or with Alzheimer disease or other 
chronic or lingering conditions which at the time of admission 
to the hospice program were not likely to be terminal within 
six months.
    We are very concerned about these patients not only because 
their admission to the hospice program may be contrary to 
Medicare guidelines, but also because their health and well 
being could be jeopardized. Election to the palliative care 
offered by this program requires beneficiaries to voluntarily 
relinquish their right to curative care for their terminal 
condition under the regular Medicare program. However, it may 
be that curative care is what they need. Being deprived of it 
for more than 210 days could be harmful to them. It is true 
that these patients may decide to return to the regular 
Medicare program. However, once they have been in hospice care 
for more than 210 days, they never again have the right to 
choose hospice care should they ever need it.

Administrative Remedies.

    We will continue to investigate hospice providers who are 
blatantly enrolling Medicare beneficiaries that do not qualify 
for the benefit. We are also urging the Health Care Financing 
Administration to provide better oversight of the hospice 
program by educating the provider community and examining 
hospice claims more closely.

Legislative Amendments.

    However, we believe that Congressional action is warranted 
to address inappropriate growth of the hospice benefit. 
Consideration should be given to reducing Medicare payments for 
hospice patients living in nursing homes. This would be 
consistent with the overlap of services received by these 
patients under both the nursing home and hospice programs. In 
addition, it may be appropriate to reduce Medicare payments for 
hospice patients after 210 days. This would result in hospices 
appropriately sharing the risk for recruiting patients. It 
would provide an incentive for them to ensure that only those 
beneficiaries who meet Medicare guidelines are enrolled in the 
program, while still affording a level of financial protection 
for them and resources to serve those patients who outlive the 
six month prognosis.

                 Durable Medical Equipment and Supplies

    Medicare Part B pays for medically necessary medical 
equipment and supplies furnished in a beneficiary's home when 
ordered by a physician. Durable medical equipment consists of 
items that can withstand repeated use and include oxygen 
equipment, hospital beds and wheelchairs. Medical supplies 
include catheters, ostomy, incontinence and wound care 
supplies.

General Fraud and Abuse.

    Over the years, we have devoted significant resources to 
issues involving medical equipment and supplies. We have seen 
problems associated with filing claims for equipment that was 
never delivered, upcoding, unbundling, providing unnecessary 
equipment, and excessive payment rates. The widespread problems 
in this area have been due in part to high profit margins, ease 
of entry into the system, and weaknesses in payment safeguard 
functions. Some of our more significant work in this area 
includes:
     Enteral Nutrition Therapy--We found that Medicare 
payments for enteral nutrients are excessive. Nursing homes and 
other third party payers are able to purchase enteral products 
at rates 17 to 48 percent less than Medicare allows. Even a 17 
percent reduction in Medicare payments would have saved the 
program $45 million in 1994.
     Wound Care Supplies--We found that questionable 
payments of wound care supplies may have accounted for as much 
as two-thirds of the $98 million Medicare allowed for these 
items from June 1994 through February 1995.
     Incontinence Supplies--We found that questionable 
billing practices may account for almost half of the $230 
million allowed for incontinence supplies in 1993. We have 
convictions for providers billing for incontinence supplies 
that were never delivered.
     Oxygen Services--We found that Medicare, on the 
average, allowed 174 percent more than the Veterans 
Administration reimbursement for oxygen concentrators. We also 
found significant variation in the services provided to 
beneficiaries associated with oxygen concentrators. Reducing 
Medicare's payment to one that is more compatible with Veterans 
Administration prices, while still adjusting for difference in 
procurement requirements and methods, could save Medicare $200 
million per year. At the same time, standards for services and 
quality assurance can and should be tightened.
     Orthotic Body Jackets--We reported that 95 percent 
of claims paid by Medicare ($14 million in 1992) were for non-
legitimate devices. We have also obtained convictions of 
entities that billed Medicare for body jackets when they 
actually provided seat pads.
     Nebulizer Drugs--We found that Medicare and its 
beneficiaries could have saved $37 million if they had used the 
payment methodology used by Medicaid for nebulizer drugs.

Special Problems in Nursing Homes.

    We have particular concern when these medical supplies and 
services have been furnished in a nursing facility setting. 
Above and beyond any payment that might be made by Medicare 
Part A for skilled nursing home care or by Medicaid or private 
insurance for long term nursing home care, Medicare Part B pays 
for services and supplies provided to Medicare beneficiaries 
residing in a nursing home. The service provider is the one who 
bills Medicare for this, not the nursing home. In fact, the 
nursing home may have very little to do with authorizing or 
overseeing the service provided and has little to say about the 
cost to either the Medicare program or the beneficiary. We have 
found that no single individual or institution is held 
responsible by Medicare for managing the beneficiary's care and 
medical services while in a nursing home. Without appropriate 
oversight, the opportunity and incentive certainly exists to 
aggressively market and promote excessive and unnecessary items 
and services.
    For example, a Medicare Part B provider who offers therapy 
services to residents of nursing homes can easily gain a market 
for his or her services. The patient is happy to receive 
services of any kind, with the expectation that they may help 
medically or socially, and the nursing home staff is relieved 
of patient care during the time the provider is delivering 
therapy services to the patient. While such services and 
supplies must be authorized by a physician, we have found that 
the oversight of physicians in these cases is often very weak. 
When suppliers deliver unneeded and unordered supplies to 
nursing homes for patients and bill Medicare, the nursing home 
has little incentive, except for limited storage space, to 
return the supplies.
    In the nursing home setting, we have also become 
increasingly concerned about the cost shifting between Part A 
and Part B of the Medicare program in the provision of services 
for skilled nursing facilities. The Health Care Financing 
Administration determines the daily rate it will pay for care 
in a skilled nursing facility. This rate is calculated to 
include the totality of services, including room and board, 
nursing care, and other routine services. However, for some 
additional services, such as enteral nutrition, rehabilitation 
therapy, surgical dressings, incontinence supplies, and braces, 
skilled nursing facilities are permitted to bill Part B of 
Medicare separately.

Administrative Remedies.

    I am pleased to report that in addition to discovering 
problems we are also developing new and effective ways to deal 
with them. One good example is the problem with incontinence 
supplies which I mentioned above. Our exposure of these billing 
abuses, coupled with a coordinated nationwide investigation 
involving more than 20 separate cases and a concerted effort by 
the Health Care Financing Administration's durable medical 
equipment carriers has turned the escalating reimbursements 
downward. By the end of FY 1995, the abusive practices we had 
identified had all but disappeared and Medicare is now saving 
more than $104 million per year as a result.

Legislative Amendments.

    While this kind of action is good news, it is not enough of 
a solution. It is important to get at the underlying systems 
which leave Medicare so vulnerable to this kind of abuse.
    Because of our concerns related to nursing home payments, 
we believe it is appropriate to enact global payment 
restructuring. Structural changes can include combining payment 
for supplies and equipment into the nursing facility daily 
rate, consolidated billing, competitive bidding strategies, and 
capitation payments. Each of these strategies attempts to take 
advantage of the ability of nursing facilities to more 
economically provide services and supplies to their patients 
with the cost savings passed on to Medicare. Additionally, 
these payment mechanisms recognize the importance of the 
nursing facility in achieving a more cost effective program. 
Since nursing facilities are significantly involved in the 
planning and provision of patient care, they arguably, are the 
most appropriate entity to scrutinize providers and determine 
the most cost effective methods of obtaining and utilizing the 
services and supplies needed to meet the medical needs of their 
patients.
    We believe that changing the payment incentives in the 
nursing home area will be effective in reducing some of the 
abuses we have found with durable medical equipment. However, 
additional action which specifically addresses durable medical 
equipment, such as conducting site visits to oversee suppliers, 
requiring suppliers to obtain surety bonds, and charging 
application fees should also correct abuses. Finally, 
additional legislative modifications such as making it easier 
for the Health Care Financing Administration to reduce 
inherently unreasonable payment levels and authorizing 
competitive bidding should be considered.

                         Other Areas of Concern

    Other programmatic areas which are of continuing concern to 
us are lab services, prescription drug prices, and non-
physician outpatient services. Following is a brief summary of 
our findings and recommendations in this area.
     Lab Services--We are nearing completion of a 
three-year investigative initiative called ``LabScam.'' LabScam 
is targeted at abusive marketing and billing practices by the 
Nation's largest independent clinical laboratories. This 
project evolved from a 1992 case against National Health 
Laboratories involving ``unbundling'' of tests. Unbundling is 
the practice of running specimens through a single piece of 
automated multi-channel laboratory equipment and then billing 
separately for each component test. The frequency of testing 
for the Medicare population increased 96 percent from 1986 to 
1993, while the population increased by 14 percent.
    In coordination with other Federal and State law 
enforcement agencies, our LabScam investigation has generated 
receivables and recoveries to date of over $800 million. We 
have recommended the Health Care Financing Administration 
periodically evaluate the national fee schedule to ensure that 
it is in line with the prices that physicians pay for clinical 
laboratory tests and to develop policies and procedures to 
ensure that the Medicare program benefits from reduced prices 
when panels are ordered on behalf of Medicare patients.
     Prescription Drugs--Medicare beneficiaries receive 
limited coverage only under this benefit which covers certain 
prescription drugs, mostly administered by physicians, and used 
for cancer/pain management, dialysis, organ transplantation, 
and immunization. Medicare paid nearly $2 billion in 1995 for 
over 700 million drug units, as compared to $663 million in 
1992.
    Medicare drug allowances are based on average wholesale 
prices which are recommended by manufacturers but do not 
accurately reflect actual wholesale prices. This results in 
payments significantly more than those paid by Medicaid, mail-
order pharmacies, and even some pharmacies. We have recommended 
that Medicare payments for prescription drugs be based on 
acquisition costs paid by the biller subject to a median limit. 
Potential savings could be as much as $450 million per year 
based on adoption of this recommendation.
     Non-Physician Outpatient Services Claims--Since 
the inception of the prospective payment system in 1983, 
hospitals have improperly billed Medicare for non-physician 
outpatient services that are included in the hospital's 
inpatient payment. We have issued a series of four reports 
identifying about $115 million in Medicare overpayments to 
hospitals for improper billings from 1983 through 1991. A fifth 
report has revealed that the problem continues, and has 
identified over $27 million in improper billings and subsequent 
payments from 1992 through 1994. Since an improper billing 
pattern has been repeatedly demonstrated among the hospital 
community, the identified claims are being subjected to the 
Federal False Claims Act. To date, over $100 million has been 
recovered.

                               Conclusion

    I appreciate the opportunity to appear before you today and 
share with you some of our concerns related to the Medicare 
program. The problems I have described today have a direct 
impact on the solvency of the Medicare Trust funds, and their 
elimination would help improve the financial viability of these 
trust funds. There are other problems as well. Each year we 
issue our Cost-Saver Handbook, also known as ``The Red Book,'' 
which summarizes all of our major dollar recommendations that 
have not been substantially implemented. Consideration of our 
recommendations, both in this testimony as well as those 
contained in ``The Red Book,'' would contribute toward solving 
this financial crisis for present, as well as future, Medicare 
beneficiaries. I would be happy to make any of our reports 
available to the Subcommittee and to also respond to any 
questions you may have.
      

                                

    Chairman Johnson. Thank you very much for your excellent 
testimony.
    Ms. Lau, in the past 2 years, the Office of Internal 
Affairs at Customs has handed down several indictments against 
Inspectors on the Southwest border. The indictments concern 
instances in which corrupt Inspectors contacted drug smugglers 
using cell phones and pagers to indicate which border crossing 
lanes would facilitate illegal drug shipments by car.
    The right to wear these electronic devices has been 
defended and permitted by Customs management under the 
partnership agreement. What efforts have been made by your 
office to pursue such cases of corruption within the Customs 
Service?
    Ms. Lau. Yes, Madam Chairman, you may be aware that, 
especially at the Southwest border, there is a Southwest border 
task force that is headed by the FBI and includes the 
participation of Customs and DEA. They have taken a lead role 
in the area of investigations into border corruption cases such 
as this.
    Chairman Johnson. And what kind of effort has been made to 
deal with the issue of laundering money, since one of the chief 
ways of laundering money is to overstate the value of imports?
    Ms. Lau. Madam Chairman, in that area Customs, itself, has 
implemented at least one program that does address the 
valuation of imports. It is called the compliance measurement 
program. And in that program, there are criteria that would 
address whether the import is appropriately valued and the 
appropriate duties assessed. I understand in their most recent 
report they have reported over 80-percent compliance.
    Chairman Johnson. Over 8-percent compliance?
    Ms. Lau. Yes, that is my understanding.
    Chairman Johnson. That does not sound very high.
    Ms. Lau. Over 80-percent compliance?
    Chairman Johnson. Oh, 80 percent. I thought you said 8 
percent.
    Ms. Lau. Eighty percent. I am sorry.
    Chairman Johnson. I see.
    Ms. Lau. Eighty.
    Chairman Johnson. And have you reviewed this program? Would 
you agree with them on that?
    Ms. Lau. In this area, that is one of the programs in place 
that we look at in conjunction with our financial audit review. 
But in terms of programmatic review, I do not believe we have 
yet reviewed the effectiveness of the program.
    Chairman Johnson. And by 80-percent compliance, I assume 
that you mean that 80 percent of the shipments are not being 
overvalued?
    Ms. Lau. To be precise, I would like to look into that and 
report back to you on the record.
    Chairman Johnson. What I would like to know is, what was 
the compliance level before? I mean, do we have any idea? I 
would assume, actually, that the number of shipments involving 
laundering would be rather small; just the value very high. So 
80-percent compliance may have been there before and there now, 
and not have touched the problem. So you can get back to me on 
that.
    Ms. Lau. I am afraid I do not know what the baseline was, 
as we were talking before about measurement, that it is 
important to know what baseline you are measuring that against. 
So I would be happy to provide that for the record.
    [The following was subsequently received:]

    The Compliance Measurement Program (CMP) is Customs' 
primary tool to assess compliance of port of entry transactions 
across the 4-digit Harmonized Tariff Schedule (HTS). Among the 
compliance issues covered during CMP are value, quantity, 
quota, classification and country of origin. Customs developed 
initial baseline data on import compliance across the 4-digit 
HTS for the first time in 1995. In 1996, Customs refined and 
expanded the measurement of this baseline data.
    The results showed nationwide, an overall increase in 
compliance from 80 percent in 1995 to 82 percent in 1996. 
Customs' 1996 data also show that discrepancies in the stated 
value of imports occurs about 1 percent of the time nationwide. 
These discrepancies can be both over values and under values. 
In 1995, Customs projected $83 million in revenue over 
collections and in 1996, $101 million.
    I do not have any information on how much, if any, of these 
overcollections or discrepancies in values result from the 
practice of overstating the value of imports as a means of 
money laundering. My office would not normally have 
investigative jurisdiction in this area unless there was 
indications of involvement by Customs officials in the money 
laundering scheme. Customs Office of Enforcement would have 
jurisdiction to investigate illegal practices by importers or 
brokers. I do know that Customs has enforcement initiatives on 
the southwest border such as Operation Hard Line aimed at drug 
smuggling and money laundering. They could speak more 
specifically to efforts underway to combat the various money 
laundering schemes.
      

                                

    Chairman Johnson. Thank you.
    Mr. Coyne.
    Mr. Coyne. Thank you, Madam Chairwoman.
    I wonder if you could, Ms. Dalton, expand on the extent of 
the abuse relative to 401(k) pension plan assets? Is that an 
extensive problem?
    Ms. Dalton. In the first 14 months of the operation of the 
employee contribution project of the Pension Administration, 
there were approximately 1,200 cases that were opened. And 
there were some significant recoveries from that work.
    Mr. Coyne. How would the typical employee know if their 
contributions were not deposited to their 401(k) plan or are 
diverted? How would they be able to tell that?
    Ms. Dalton. One of the problems that was identified and 
addressed by the Pension Welfare Benefit Administration was the 
fact that, many times, an employee was not aware of that. The 
administration went through an education process, so that 
people would become more aware and would be looking at reports 
and statements from their pension plans to determine the 
condition of the plan.
    Mr. Coyne. Is the bigger problem diversion of funds after 
deposit, or failure to deposit the contributions?
    Ms. Dalton. I cannot give you a definitive answer on that. 
There have been problems in both areas. In terms of before the 
deposit occurs, one of the things that has happened recently is 
that the amount of time allowed for the employer to hold the 
money has been reduced from 90 days to 15 days. And it is a 
violation of the ERISA Act if that money is not deposited in a 
timely manner. So there is a reduced period in which that money 
can be used prior to the requirement to deposit the funds.
    Subsequent to deposit, there are continuing problems with 
fraud and abuse in this area. We have had numerous cases in 
this area where money has been diverted to investments that 
were not in the best interests of the plans and, in fact, the 
plans were defrauded.
    Mr. Coyne. In your overall findings, are union employees 
more susceptible to the risk of fraud, more so than nonunion 
employees?
    Ms. Dalton. I do not know the answer to that. Both union 
employees and nonunion employees can be and have been victims 
of fraud and abuse. Whether it is more in one or the other, I 
just do not know.
    Mr. Coyne. You would not be able to tell us that?
    Ms. Dalton. No.
    Mr. Coyne. Thank you.
    Chairman Johnson. Mr. Tanner.
    Mr. Tanner. Thank you, Madam Chair.
    Mr. Mangano, you, I assume, heard the GAO testimony about 
the number in the case of fraud and abuse, and so on, in the 
Medicare Program put at $6 to $20 billion. Do you have an idea 
about that?
    Mr. Mangano. Well, we have never developed any independent 
estimate of that figure. We have always known about the GAO 
estimation based on other reviews. What I can tell you is that 
wherever we look we do find problems. The largest portion of 
that fraud, waste, and abuse figure is in the waste area, and 
those things come into play where we believe Medicare pays too 
much for things. They do not get fair-market value for the 
kinds of products that they purchase.
    We are, as I think Mr. Dodaro mentioned earlier, conducting 
the Chief Financial Officer audit of HCFA this year. By this 
summer I think we may be able to give you better figures on 
what the estimation is for fraud and abuse.
    Mr. Tanner. Well, I think that would be helpful, simply 
from the standpoint of being able to measure progress on the 
point. And whatever you could do there would be very much 
appreciated.
    On this Operation Restore Trust that has been talked about 
in the five States, what did you identify, or what was 
identified, I guess, as the primary sources either gross 
overutilization or out and out fraud?
    Mr. Mangano. Well, the three areas that we targeted in the 
Operation Restore Trust were home health, durable medical 
equipment, and nursing facilities. And as I indicated earlier 
in my testimony, we think that the home health benefit is the 
area that is most prone to abuse in these days. The mushrooming 
of the number of home health agencies has been astounding over 
the last 5 or 6 years.
    There are several reasons for it. One, it is a very 
generous benefit. It is a benefit which is provided in a 
person's home, so there is really not much oversight of it. 
There is no copayment from the beneficiary's point of view, so 
the beneficiary in many cases really loses some of the added 
incentives to ensure that the benefits are appropriate.
    The last thing is that the benefit itself has to be 
authorized by a physician, and a physician has to order a plan 
of care. In many of the cases, we are finding that the 
physicians that are actually signing some of these plans of 
care are not the beneficiaries' personal physicians, but 
physicians that may be hired by the home health agency, which 
has every interest in signing up new beneficiaries and then 
allowing for very many more visits.
    One of the questions that came up a little earlier this 
morning from a Subcommittee Member pertained to some of his 
beneficiaries complaining about fraud in the home health area. 
We have seen that time and time again. The organizations that 
have been in this business for a long time, that have been 
providing this service before the benefit took off, are really 
some of the finest providers of home health services that we 
have seen. It has been many of the new for-profit entrepreneurs 
that have gotten into the business to make a fast buck that 
have given it the problems.
    Once we discover that there has been a fraudulent or 
abusive situation occurring, we will issue a report and we will 
start an investigation; but many times that home health agency 
will go immediately out of business because the primary source 
of revenue is Medicare. So once we do identify how much they 
owe in terms of false billings, there is no way to collect that 
money again, because the business is defunct.
    Mr. Tanner. Does the State have a role in this at all, in 
terms of law enforcement?
    Mr. Mangano. Certainly, many of these home health agencies 
that do business with Medicare also do business with Medicaid, 
and the State operates the Medicaid Program. I believe there 
are some States that have additional programs to ensure the 
integrity of some of these home health agencies.
    One of the panelists this morning mentioned that Florida 
has gone to a surety bond system, which is something that we 
have recommended as well, so that the organizations need to be 
bonded in their State. We think that there ought to be reviews 
of applications that are a lot tighter than they have been to 
date, so we can ensure that the fly by nights do not do 
business with us.
    Mr. Tanner. With respect to that, what has happened on your 
recommendation that a surety bond be put in place so that you 
get at the problem of these people closing up when you discover 
they are running a scam of some kind?
    Mr. Mangano. We have made that recommendation. HCFA said 
that they are looking at it. We do not have a final decision on 
it.
    One of the things I am very hopeful about is that the 
administration has now come forward with a proposal to pay for 
home health services on a prospective basis. And I know the 
Congress is taking up that same initiative. So I think some of 
the policy recommendations that we have made HCFA is following 
up on. They are doing certain things with their carriers and 
intermediaries to have closer scrutiny toward some of these 
bills.
    HCFA, for the first time, has involved its survey and 
certification organizations into going into home health 
agencies to make sure that they really are properly doing 
business.
    Mr. Tanner. Thank you. One followup on that. In the 
situation you described--the fly by nights, you call them--what 
happens when they go out of business and, of course, there is 
no money to collect from the overpayments or the fraudulent 
payments, however one wants to characterize them? Is there a 
communication from your office to the Justice Department or to 
the State attorney general? What happens there?
    Mr. Mangano. Absolutely. When we find a situation of 
fraudulent billing, we almost always open up a criminal 
investigation and work with the Department of Justice to bring 
those persons to the bar of justice. The money, if it does not 
exist in the corporation, is gone. But we do follow up.
    One example of that was an organization down in Georgia. It 
was one of the largest home health agencies in the South. The 
original name was ``ABC Home Health Products,'' and they 
changed it to ``American Home Health Products.'' We initiated a 
criminal investigation. Both the owner and his wife are now in 
jail, and that organization paid back $252 million to the 
Federal Government.
    Mr. Tanner. We should do more of that.
    Chairman Johnson. That is pretty impressive.
    Ms. Dalton, I would like to ask you a few questions about 
pension policy, as well. You call for the repeal of the 
limited-scope audit provisions. It is my understanding that 
there are no audit requirements for employers with fewer than 
100 employees.
    Ms. Dalton. That is correct.
    Chairman Johnson. And of those employers that have 100 to 
500 employees, half of the employees in that category have no 
pension coverage.
    Ms. Dalton. I am not sure of that, Madam Chairman.
    Chairman Johnson. Well, but assuming that that is the 
case--because it was part of, I guess, an earlier GAO study--I 
assume, then, that the fees for audit would be distributed over 
half of the companies that have employees between 100 and 500. 
And I would like to get some estimate from you, either now or 
later, as to what you think the cost of that audit would be.
    Ms. Dalton. We had an estimate several years ago from the 
American Institute of Certified Public Accountants that they 
believe that the additional cost for full-scope audits for 
those half of the plans that are not currently getting the 
full-scope audit would be an increase in their audit cost of 10 
to 30 percent.
    Chairman Johnson. An increase in their audit cost of 10 
to----
    Ms. Dalton. Thirty percent.
    Chairman Johnson. Of 10 to 30 percent?
    Ms. Dalton. That is correct.
    Chairman Johnson. That is important, because the Federal 
Government made a series of changes in pension law some years 
ago that had the result, the unintended consequence, of 
motivating many companies to drop their pension plans. Now, if 
your audit costs go up 30 percent, we may provoke a similar 
unintended consequence.
    Also, your testimony states that $950 billion in pension 
plan assets are not examined because of the limited-scope audit 
provision. But how much of this money is already in regulated 
institutions?
    Ms. Dalton. The limited-scope audit provision can be 
invoked for the assets that are included in federally or State 
regulated institutions, such as savings and loans, insurance 
companies, and so forth.
    Chairman Johnson. Excuse me. What is the need for taxpayer 
dollars invested in investigating assets that are in financial 
institutions that are already regulated by Federal law?
    Ms. Dalton. Well, I think there are two reasons. First of 
all, what happens is, part of the assets but not all of the 
assets, may in fact be in regulated institutions. Because of 
the assets that are not subject to audit, the auditors are 
often in the position that they must disclaim an opinion on all 
assets, even those they are supposed to have looked at.
    Chairman Johnson. Ms. Dalton, do you have any information 
on what percentage of the pension moneys currently not overseen 
by you are not in regulated financial institutions?
    Ms. Dalton. No, I do not.
    Chairman Johnson. Well, I would certainly want to know that 
fact before I made a change in the law. And the second fact I 
would want to know is why auditors are not required currently 
to provide the split opinions they used to provide, which would 
enable you to have the information as to how much of this money 
is in financial institutions and how much really needs 
auditing.
    Ms. Dalton. Currently, under generally accepted auditing 
standards, auditors are not allowed to give what is called a 
piecemeal opinion. They must give an opinion on the financial 
report as a whole. The reason for this is that if they cannot 
attest to certain accounts, the activities in those accounts 
may affect other assets, liabilities, other transactions within 
the plans. So therefore, the auditors are in the position of 
basically giving no opinion. They do some work on the plan, 
which is paid for, but no opinion is given.
    Chairman Johnson. All right. We certainly would want to 
look at restoring to the auditors a somewhat more flexible 
approach, when I would suspect that most of these moneys are in 
financial institutions in which there is already oversight. So 
if you would get back to us on that, certainly it will affect 
our ability or interest in moving ahead.
    And I am going to yield now to Mr. Hulshof.
    Mr. Hulshof. Thank you, Madam Chair. To follow up just a 
little, Ms. Dalton, if an accountant audits a business in my 
district, it is reasonable for the accountant to question the 
value of assets. Should it not also then be reasonable to use 
that same scrutiny for pension plans?
    Ms. Dalton. Yes, it is.
    Mr. Hulshof. The Chair asked a question about the increased 
cost--you mentioned 10 to 30 percent--of additional 
administrative cost. I ask the question directly. Is this not 
going to require, or would businesses not be more reluctant to 
provide pension plans for employees if their costs were to go 
up in that significant fashion?
    Ms. Dalton. The 10 to 30 percent, I think, has to be put 
into some perspective, in that pension plan audits are often an 
add-on audit to the overall corporation audit. So even though 
the percentage sounds fairly high, the actual cost of a pension 
plan audit may be fairly small relative to the total 
corporation audit. And oftentimes, the same auditor is doing 
both the corporate audit and the plan audit.
    Mr. Hulshof. I am not sure when you came in for the 
previous panel, but one of the things we talked about was the 
information security problems and some of the things GAO was 
concerned about regarding computer attacks, if you will. And 
you mentioned that more needs to be done maybe to improve 
information security at IRS. Could you give us just a couple of 
ideas about what you think should be done to improve 
information security at IRS?
    Ms. Lau. Yes, I would be happy to. You are referring to my 
statement in which I outline some of the work the Chief 
Inspector's Office and my office have done in the area of 
information security, which is part of the basis for my 
statement that more needs to be done.
    The one example that I used specifically is a followup 
review of information security over small scale computer 
systems that the Chief Inspector conducted where weaknesses 
previously identified several years ago still exist. That is 
the kind of issue of followthrough that was mentioned in the 
prior panel.
    I can only provide you examples based on the work we have 
done, but we certainly would be, the Chief Inspector and I, 
amenable to coming up to talk with you or your staffs about the 
issue further.
    Mr. Hulshof. Last, I guess a question for each of you. Mr. 
Mangano, probably every one of us on this Subcommittee--in 
fact, probably every one of us in this body--could provide 
horror stories that happen in the field regarding fraud and 
abuse. And because this was just communicated to me recently 
back in my district: A practicing nurse involved in home health 
care had gone to her routine visit of a man who was receiving 
the health care at home. And he was ambulatory--he was 
shopping--and so clearly did not qualify for the home health 
visit. When she mentioned this to her superiors at the health 
facility, and she was encouraged to change her nursing note to 
indicate that, in fact, the gentleman did require home health 
visits.
    What can I tell that woman? And as a result of that, by the 
way, she made the decision to, on her own, terminate employment 
with that home health facility. Rather than have her give up 
her career, what can I tell her and others in that situation as 
to how their concerns regarding fraud or abuse can be 
addressed?
    Mr. Mangano. Well, that is clearly a case of fraud, and it 
is the kind of thing that we see all the time when we go out 
there and look at some of these home health agencies. That 
person can report it to our office, or could go to the regional 
home health intermediary and report it there. That is the 
intermediary that is contracted by the Health Care Financing 
Administration to operate that benefit. Either one of those two 
places is fine with us.
    And an easy way to remember our phone number is, she can 
report it on our hotline, which is ``HHS-TIPS''--T-I-P-S.
    Mr. Hulshof. If the Chairwoman would indulge me in a last 
question, what is there for concerns, whether they are real 
concerns or just perceived concerns, then that somehow she 
would be blacklisted in the future? I mean, the information 
that she would want to provide to the appropriate authority, 
how can she be assured that something like that would not 
follow her around in future employment possibilities?
    Mr. Mangano. I do not know that there is any guarantee that 
I can make out of it. But I would say this, that she would have 
an awful lot of admiration from those home health organizations 
that run a reputable business. She is obviously working for 
either a company or an individual as her supervisor that are 
not running a proper business.
    Mr. Hulshof. Thank you, sir.
    Thank you, Madam Chairwoman.
    Chairman Johnson. Thank you. I did want to ask one more 
question of you, Ms. Dalton. The administration has recently 
created an economically targeted investment program to allow 
plan sponsors to make investments on the basis of guidelines 
issued by the Labor Department. Can you tell me how many 
applications have been submitted----
    Ms. Dalton. I am sorry----
    Chairman Johnson [continuing]. And how many you have 
approved? You know, the administration has developed this 
economically targeted investment program to allow plan sponsors 
to make investments on the basis of guidelines issued by the 
department. And I am wondering how many applications have been 
submitted to do that to the department, and how many you have 
approved, and what criteria you use in approving or rejecting 
them?
    Ms. Dalton. I am sorry, Madam Chairman. I do not have that 
information available, but we will attempt to get it for you.
    Chairman Johnson. I hope you will get it back to me. 
Because I share with you the belief that government has an 
absolute responsibility to assure that pension contributions 
get deposited and get protected. But I believe that your 
guidelines are going to allow some investments of a type that 
were made in Connecticut into high-risk investments. And we 
have seen companies lose considerable money, and the State lose 
considerable money, through those kinds of investments.
    So if you would get to me the guidelines that you use, the 
number of applications, the number approved, and why, that 
would be helpful to me, because I have real concern that this 
program is in opposition to our shared goals, rather than in 
support of those goals.
    Ms. Dalton. Yes.
    [The following questions and answers were subsequently 
received. An attachment is being held in the Committee files.]

[GRAPHIC] [TIFF OMITTED] T9632.005

      
    [GRAPHIC] [TIFF OMITTED] T9632.006
    
      
    [GRAPHIC] [TIFF OMITTED] T9632.007
    
      

                                

    Chairman Johnson. Thank you very much. And thank you to the 
panel. Unless anyone else has any further question--any?
    Thank you very much. It has been a very useful hearing.
    [Whereupon, at 1:17 p.m., the hearing was adjourned.]
    [Submissions for the record follow:]

Statement of John J. Callahan, Acting Commissioner of the Social 
Security Administration, on the Program Integrity of the Supplemental 
Security Income Program

    Madam Chairman and Members of the Subcommittee:
    Thank you for the opportunity to address several issues 
raised by the General Accounting Office (GAO) during the March 
4, 1997, hearing before your Subcommittee, on the Supplemental 
Security Income (SSI) program.
    Let me first acknowledge that GAO's input can be a valuable 
resource in identifying areas in which improvements might be 
needed. I am concerned, however, that GAO's March 4 testimony 
before your Subcommittee may have been misleading, because it 
did not fully reflect the many steps SSA has taken to improve 
the administration of the SSI program and protect it from fraud 
and abuse.

                             Introduction 

    Mr. Chairman, SSI was designed to provide a basic measure 
of financial security for the neediest and most vulnerable 
among us elderly, blind and disabled individuals who have very 
little income or assets. That is why we at SSA have a ``zero 
tolerance rule'' for those who would seek to defraud this vital 
program. SSI is the primary financial support for six and one-
half million low-income elderly and disabled Americans more 
than half of whom have no other source of income at all.
    Given the size and complexity of the SSI program, we are 
constantly working to improve its administration, and to 
enforce this zero-tolerance rule. Let me now outline some of 
the specific measures that have been taken over the past few 
years.

                      Initiatives to Combat Fraud 

    During fiscal year 1996, SSA developed a comprehensive 
tactical plan to focus the necessary resources and provide 
appropriate oversight in a consolidated effort to combat waste, 
fraud and abuse. The Commissioner established a National Fraud 
Committee and ten Regional Fraud Committees to oversee the 
implementation of the plan. These Committees will ensure that 
SSA's efforts to combat fraud will be supported and implemented 
effectively.
    Because State assistance programs are often linked to SSI 
eligibility, State and federal interests in fraud investigation 
often overlap. Therefore, SSA is taking steps to team with 
State and local authorities to investigate likely fraud cases. 
SSA is also moving aggressively to develop mechanisms, such as 
computer matching agreements, for obtaining and verifying 
income and other relevant information about SSI recipients from 
States and other public agencies. For example, SSA is currently 
engaged in an ongoing pilot project in Tennessee which has 
resulted in the capability of SSA claims representatives to use 
the highly automated system of birth, death and employment 
records in that State.
    It should be understood, however, that it is neither a 
quick nor an easy task to expand this pilot to other States. 
Rather, SSA will have to negotiate separate agreements with 
each State, and with each State agency, since each State has 
separate data sources and different hardware and software 
configurations. Indeed, many States do not have centralized 
data at all. However, the results of the pilot in Tennessee 
augur well for future expansion of data-sharing, and we are 
pursuing this goal aggressively.

   The SSA Office of the Inspector General (OIG) and National Fraud 
                                Hotline 

    Our ongoing efforts to fight program fraud and abuse were 
greatly enhanced when Public Law 103-296 was enacted, 
establishing SSA as an independent agency, effective March 31, 
1995, with its own Inspector General (IG). SSA and our IG's 
office have forged a strong relationship which has already 
borne fruit: through our joint efforts, in fiscal year 1996, 
570 individuals were convicted of fraud and more than $22 
million in fines, judgments and restitutions were recovered. Of 
this amount, about $1.3 million is related to SSI fraud. We 
look forward to continued success in our joint efforts.
    To help identify cases of potential fraud, we have 
established a national fraud hotline (1-800-269-0271). Using 
this hotline, we have received leads on potential fraud from 
our own employees, as well as the public. Moreover, we have 
increased the number of field personnel investigating reports 
of fraud by more than 100 percent from 120 to 250 in the past 
two years.

                     Fraudulent Transfer of Assets

    Let me now turn to the issue of fraudulent transfer of 
assets, since the GAO has expressed concern that some 
individuals may dispose of assets for less than fair market 
value, in order to become eligible for SSI.
    SSA developed a provision which was included in the House-
passed welfare reform bill, but dropped during conference which 
provided that individuals who disposed of assets for less than 
fair market value would be found ineligible for SSI for a 
period of time directly related to the uncompensated value of 
the asset.
    SSA plans to work with this Congress in an effort to gain 
passage of this provision.
    We would, however, like to point out that we believe that 
the audit report on this subject was flawed. As we stated in 
our comments on the report, in a number of the cases looked at 
during the study, the asset transferred was the SSI recipient's 
home. An individual's home is not considered a resource under 
the SSI program and it, therefore, would not have prevented SSI 
eligibility if held. Thus, data that included transfer of the 
home should not have been included in GAO's audit.

     Improvements in the Disability Related Aspects of the Program

    Finally, Mr. Chairman, I would like to discuss SSA's 
efforts to make improvements in the administration of several 
disability-related aspects of the SSI program. These include:
     Initial Disability Determinations and Continuing 
Disability Reviews (CDRs);
     ``Middlemen'' fraud;
     Return-to-Work strategies and the Administration's 
``ticket to independence' initiative; and
     Plans to Achieve Self-Support (PASS).

Initial Disability Determinations and CDRs 

    To improve the way we process claims for both SSI and 
Social Security disability benefits, we have made a complete 
redesign of that process this agency's number one priority. We 
are currently laying the groundwork for a streamlined process 
that will substantially reduce the time it takes to make a 
disability determination. It will also provide individuals with 
more direct access to the people working on their claim.
    Of course, we recognize that making a determination of 
disability is not the end of the process. That is why we 
redevelop selected cases and conduct myriad reviews, both prior 
to and after payment to a beneficiary is effectuated, to ensure 
that development procedures and awards are correct.
    In fact, SSA recognized that need to redesign its CDR 
process long before a GAO audit indicated that need. In 1992, 
SSA conducted a study which tested the effectiveness of using 
two tools a mailer and a profiling system as a predictor of 
medical improvement. Based on this study, the CDR mailer 
process was implemented in 1993. This process allows SSA to 
identify more accurately those beneficiaries that are most 
likely to medically improve, so that we can conduct a full-
medical CDR. In contrast, we use a more efficient, cost-
effective mailer to conduct CDRs for beneficiaries who are not 
likely to medically improve. In 1996, SSA implemented computer 
``scannable'' mailers to make the process even more efficient. 
Since the mailer process was begun, SSA has conducted almost 1 
million CDRs.
    The number of CDRs processed each year increased from 
48.000 CDRs in FY 1993 to 217,200 in FY 1995, but SSA 
recognized that lack of resources was preventing further 
progress. In 1996, with full support of the Administration, 
working with both authorizing and appropriating committees, 
special funding for conducting CDRs was appropriated and has 
provided the agency with the ability to conduct many additional 
CDRs. During FY 1996, SSA processed over 500,000 such reviews 
the second largest annual number in SSA's history. SSA intends 
to process 603,000 CDRs in FY 1997, including 151,000 SSI 
cases. With continued congressional support, we project that we 
will have processed about 8 to 10 million CDRs (2.4 million in 
SSI) by FY 2002.

``Middlemen'' Fraud 

    Another potential source of fraud which SSA identified 
involves the use of `middlemen' who sometimes help non-English-
speaking individuals apply for SSI. It was determined that in 
some cases these middlemen were attempting to coach individuals 
to feign disabilities in order to obtain SSI. In other cases, 
middlemen were taking advantage of individuals who were 
genuinely eligible for SSI, by charging them exorbitant fees 
for help in applying for benefits.
    In 1992, SSA began working with the leaders in non-English-
speaking communities in order to promote trust, to help change 
some immigrants' cultural belief that they needed the services 
of a middleman to deal with the government, and to explain the 
availability of SSA services, emphasizing that these services 
were free. In addition, SSA has hired almost 1,500 bilingual 
employees in the past 4 years and currently has the capability 
of providing translation services in at least 22 different 
languages.
    In our efforts to eliminate the middleman problem, working 
with the State government in California, 24 arrests of alleged 
``middlemen'' have been made and 18 convictions have been 
obtained. In addition, 517 SSI recipients have had their 
benefits terminated.

Return to Work Strategies and the ``Ticket to Independence'' 
Initiative

    In addressing SSA's efforts to assist SSI beneficiaries to 
return to work, it is important to understand the statutory 
limits on SSA's role in decisions regarding vocational 
rehabilitation (VR).
    When the disability program was established in 1954, the 
Congress stated that one of its objectives was to ensure that 
disabled individuals were promptly referred to State VR 
agencies so that as many disabled individuals as possible could 
be restored to gainful work.
    Congress did not, however, establish a single, integrated 
disability/VR program. Instead, it provided for the 
coordination of two programs the Federal disability program, 
administered by the current Social Security Administration, for 
the payment of benefits to individuals determined to be 
disabled, and a Federal/State VR program to provide VR services 
to individual eligible under the terms of a State plan. With 
respect to rehabilitation, SSA's role was solely to refer 
disabled individuals for rehabilitation services under the 
Federal/State VR program, administered by the Rehabilitation 
Service Administration (RSA) in the Department of Education, 
and Congress has never changed that role. The State VR agencies 
make the decisions under the policies set forth by the RSA, and 
by State VR agencies themselves.
    Despite these constraints, in his fiscal year 1998 budget, 
President Clinton has proposed a new initiative under which 
SSA, in partnership with the private sector, will help more 
disabled Social Security beneficiaries return to work and leave 
the SSI rolls. The proposal would allow SSA to begin a pilot 
project of a new VR and employment services program under 
which--
     disabled beneficiaries will be given a 'ticket to 
independence' which they may use to obtain VR and employment 
services from any participating public or private provider of 
their choice;
     SSA will pay only for results. That is, a service 
provider will be paid only after a beneficiary whom it has 
served begins to work and no longer receives cash benefits; and
     the Health Care Financing Administration, under a 
demonstration program, will extend Medicare and Medicaid 
protection beyond the current-law maximum for some disability 
beneficiaries returning to work.

Plans to Achieve Self-Support 

    Mr. Chairman, SSA policies for evaluating PASS plans 
represent another area of concern. GAO has been particularly 
critical of SSA for ``allowing'' individuals to gain SSI 
eligibility through PASS plans, but SSA has no statutory 
authority to restrict the use of the PASS provision in this 
way. Ironically, the legislative history of the provision (that 
is, the Senate Finance Committee report on H.R. 1) indicates 
that the Congress wanted SSA to construe PASS provisions 
liberally in order to encourage individuals' efforts toward 
self-support.
    Nevertheless, we are making additional efforts to bring a 
greater degree of consistency nationwide in adjudicating PASS 
applications. For instance, since the February 1996 GAO report 
on the PASS program, SSA established a cadre of 39 PASS 
examiners specially trained to evaluate the viability of 
individual PASS plans. The cadre reviews all PASS plans 
submitted by SSI claimants. This approach will ensure 
consistent application of policy and treatment of individuals 
attempting to establish a PASS.
    In addition, SSA has developed a database for PASS 
specialists to gather management information about the PASS 
plans they review. We have also developed a standardized form 
to be completed by an individual applying for a PASS and have 
refocused our adjudicative efforts from ``when'' to ``how'' a 
plan will be accomplished. That is, we examine the step-by-step 
process by which an individual plans to meet his or her goal 
rather than concentrating on whether a plan will meet the 
required time limits.
    Within the next couple of months, this process will undergo 
a thorough review to determine whether it is the most effective 
method to ensure that PASS plans offer true opportunity for SSI 
claimants to move toward a greater degree of independence, 
while remaining realistic in terms of the individual's desired 
goals.
    In addition, SSA soon will be meeting with representatives 
from advocacy groups to discuss PASS policies and procedures, 
and we will also examine this issue in the larger context of 
our return-to-work strategies.

Prisoner SSI Benefit Cessation 

    SSA has greatly improved its process for identifying SSI 
recipients who are incarcerated so that their benefits can be 
stopped as required by law. Although the requirement for the 
cessation of prisoner's benefits in was adopted in 1981, it was 
not until three years ago under the Clinton Administration that 
serious enforcement was undertaken. SSA has now established 
reporting agreements with all State and federal prison 
officials, as well as 99 percent of the 3,500 local and 
community correctional institutions across the country. Under 
these agreements, correctional facilities are providing 
information to SSA about SSI recipients entering prisons. In 
addition, the welfare reform bill has strengthened SSA's 
ability to terminate payment of SSI benefits to inmates on a 
timely basis by providing incentive payments to State and local 
correctional facilities when they provide SSA with information 
that leads to termination of SSI payments.

                              Conclusion 

    In conclusion, Mr. Chairman, SSA takes seriously its 
obligations to those who need our programs, as well as to those 
who pay for them. That is why we have always maintained 
extensive program integrity, quality assurance, and entitlement 
safeguards. As I have outlined today, this is an ongoing 
process, as we constantly seek to enforce our zero tolerance 
rule for fraud.
    Clearly, in a program as complex and as large as SSI, there 
is always work for us to do, and ways we can improve our 
stewardship of the program. But I am proud of the efforts we 
have already made. The agency looks forward to working with the 
Congress and the GAO to continue our efforts to ensure that 
those who are truly eligible for SSI receive it, while those 
who would defraud the program and the American taxpayer are 
tracked down, prosecuted and punished.
      

                                

                           The ERISA Industry Committee    
                                Washington, D.C. 20005-3509
                                                      March 6, 1997
Hon. Nancy Johnson
Chairman
Subcommittee on Oversight
Committee on Ways and Means
11376 Longworth House Office Building
Washington, D.C. 20515

    Dear Chairman Johnson:

    We are writing in reference to testimony presented before the 
Subcommittee on March 4, 1997, by Patricia A. Dalton, Deputy Inspector 
General, U.S. Department of Labor, at the Subcommittee's hearing on 
``High Risk Programs Within the Jurisdiction of the Committee on Ways 
and Means.''
    In her testimony, Ms. Dalton recommended that legislation be 
enacted (1) to require full scope audits of employee benefit plans and 
(2) to increase reporting requirements imposed on plan administrators 
and plan auditors. The focus of this letter is the second 
recommendation--to increase reporting requirements.
    Ms. Dalton notes that legislation to impose such requirements has 
been proposed in past years but never enacted. Indeed, the Pension 
Audit Improvement Act of 1995 (S.1490) received serious consideration 
in the last Congress.
    S.1490, however, was not enacted because it was found to be 
overreaching, burdensome, and lacking fundamental safeguards 
appropriate in a free society.
    We enclose for your information a statement that we filed with Sen. 
Nancy Kassebaum, Chairman of the Senate Committee on Labor and Human 
Resources about this bill last year. We also ask that this letter be 
included in the hearing record of your Subcommittee's March 4 hearing.
    On behalf of The ERISA Industry Committee, we ask that such 
legislation not go forward, and would be pleased to meet with you to 
discuss our concerns at any time.

            Sincerely,
                                          Janice M. Gregory
                                                     Vice President

                                

                                  COPY

                                                      April 1, 1996

The Honorable Nancy Landon Kassebaum
Chairwoman, Committee on Labor and Human Resources
 302 Russell Senate Office Building
 United States Senate
 Washington, D.C. 20510-1602

Re: The Pension Audit Improvement Act of 1995 (S. 1490)

    Dear Madam Chairwoman:

    We are writing to express our strong opposition to the Pension 
Audit Improvement Act of 1995 (S. 1490).
    The ERISA Industry Committee (ERIC) represents exclusively the 
employee benefits interests of America's largest employers. ERIC's 
members provide comprehensive retirement, health care coverage and 
other economic security benefits directly to some 25 million active and 
retired workers and their families. Thus, we have a strong interest in 
proposals affecting our members' ability to deliver those benefits, 
their cost and their effectiveness, as well as the role of those 
benefits in the American economy.
    The bill imposes new reporting requirements that are 
extraordinarily demanding, exceptionally vague, and unacceptably far-
reaching. In combination, the bill's vague standards, tight deadlines, 
and severe penalties require reporting on the basis of suspicion and 
fear, rather than on the basis of known and verified facts. Legislation 
of this ilk is offensive and wholly inappropriate for any free society.
    Contrary to its title, the bill applies to all employee benefit 
plans governed by the Employee Retirement Income Security Act 
(``ERISA''), not merely to pension plans. The bill includes draconian 
penalty provisions that apply even to plan administrators who 
innocently or mistakenly violate the bill's reporting requirements. The 
bill is clearly over-kill: it unnecessarily adds another layer of 
reporting obligations to the elaborate reporting and disclosure 
requirements of existing law and provides for the imposition of severe 
penalties on plan administrators who mistakenly or otherwise fail to 
comply with requirements that are both demanding and vague.
    No hearings have been held on the bill in either the Senate or the 
House.
    ERISA already imposes elaborate reporting and disclosure 
requirements on plan administrators. It requires the plan administrator 
to file an annual financial report, including an audited financial 
statement, with the Internal Revenue Service or the Department of Labor 
and to distribute a summary of that report each year to plan 
participants. ERISA also requires the plan administrator to distribute 
to plan participants a summary plan description and summaries of 
material modifications of the plan. In addition, plan participants have 
the right to examine, and to obtain copies of, all documents and 
instruments governing the plan.
    S. 1490 would add a new Sec. 111 to ERISA. As proposed, Sec. 111 
requires a plan administrator to notify the Secretary of Labor ``within 
5 business days after the administrator first has reason to believe . . 
. that an irregularity may have occurred with respect to the plan'' 
(emphasis added). In addition, Sec. 111 requires the plan's accountant 
to notify the plan administrator of an irregularity ``within 5 business 
days after the accountant first has reason to believe that an 
irregularity may have occurred with respect to the plan'' (emphasis 
added). Under the bill, if the accountant so notifies the 
administrator, the administrator is required to notify the Secretary of 
Labor within 5 business days. If the administrator fails to notify the 
Secretary of Labor within that 5-day period, the accountant must notify 
the Secretary on the next business day following the end of the 5-day 
period.
    The bill defines ``irregularity'' broadly to include, among other 
things, any willful violation of ERISA's reporting and disclosure 
requirements and any intentional misstatement or omission of an amount 
or disclosure in a financial statement, accounting record, or 
supporting document undertaken to mislead.
     The bill also requires the plan administrator to notify the 
Secretary of Labor within 5 business days after the termination of an 
engagement for auditing services; the notice must report not only the 
termination of the engagement but also the reasons for the termination. 
If there is a failure to report or if the accountant disagrees with the 
reasons given, the accountant must file his or her own report with the 
Secretary.
    The bill provides that no accountant will be liable to any person 
for any statement made in good faith in a report required by the bill. 
However, the bill inexplicably fails to include a parallel provision 
protecting plan administrators from liability for the statements that 
they make in good faith in reports filed in accordance with the bill.
    The bill gives the Secretary of Labor new authority to assess a 
civil penalty of up to $100,000 against any administrator who fails to 
file a report required by Sec. 111. The Secretary also may assess a 
penalty of up to $100,000 against an accountant who fails to file a 
required report, but only if the failure is knowing and willful.
    We oppose the bill on numerous grounds, including the following:
     Vague Reporting Standards. By requiring a report whenever 
the plan administrator or accountant has ``reason to believe'' that an 
irregularity ``may have occurred,'' the bill establishes a standard 
that is unacceptably vague. The ``reason to believe'' standard appears 
to require a plan administrator to file a report whenever it might be 
deemed to have the slightest suspicion that an irregularity might have 
occurred. In view of the bill's tight reporting deadline and the harsh 
penalties that the bill provides for, plan administrators and 
accountants will be under enormous pressure to report matters that 
raise any potentially relevant concern, no matter how remote. For 
example, if a plan administrator suspects that there might have been a 
failure to comply with ERISA's reporting and disclosure obligations (no 
matter how insignificant the suspected violation might be), he or she 
will be pressured to conclude that there is ``reason to believe'' that 
an irregularity ``may have occurred'' even if he or she has no idea 
whether the failure was willful and even if he or she is uncertain 
whether the failure actually occurred.
     Unrealistically Tight Reporting Deadlines. The bill's 5-
day and next-day deadlines are wholly unrealistic. They give both plan 
administrators and accountants insufficient time to gather additional 
facts, to consult with responsible individuals, to evaluate any facts 
that they are aware of, and to apply considered judgment to those 
facts. The bill promotes a ``lynch-mob'' mentality rather than 
thoughtful and accurate reporting.
     Draconian Penalties. The bill authorizes a penalty of up 
to $100,000 for each violation. While a $100,000 penalty is severe 
under any circumstances, it is absolutely draconian in view of the 
bill's vague reporting standards and unrealistically tight reporting 
deadlines. In combination, the vague standards and tight deadlines make 
it inevitable that plan administrators will inadvertently violate the 
bill's reporting requirements. What is worse, as explained below, the 
bill provides for penalties to be imposed even when a plan 
administrator acts in good faith and violates the requirements 
mistakenly or inadvertently.
     Penalty for Unwillful Violations. Although the bill 
provides for the imposition of penalties on accountants who engage in 
``knowing and willful'' violations of the reporting requirements, the 
bill provides for penalties on plan administrators who fail to file any 
required report, regardless of whether the failure is knowing and 
willful. There is no justification for penalizing a plan administrator 
for failing to comply with a reporting requirement of this kind unless 
the failure is knowing and willful.
     Inequitable Treatment of Plan Administrators. As we have 
explained, the bill inexplicably allows penalties to be imposed on plan 
administrators for violations that are not knowing and willful, but 
provides for penalties on plan accountants only if the violation is 
knowing and willful. Similarly, although the bill immunizes accountants 
from liability for any statement made in good faith in a report filed 
in accordance with the bill, the bill fails to provide parallel 
protection for plan administrators. For example, if an accountant is 
terminated by the plan administrator, and the parties disagree over the 
reason for the termination, the accountant will be immune from 
liability for any statement it makes in good faith in a report filed 
with the Secretary of Labor, but the plan administrator will not 
receive parallel protection. This disparity in treatment is wholly 
unwarranted.
    For all these reasons, we strongly oppose S. 1490. We will be 
pleased to meet with you to discuss our concerns in greater detail.

            Sincerely,
                                            Mark J. Ugoretz
                                                          President
      

                                

Statement of the Health Industry Distributors Association on `High-
Risk' Programs

    The following statement is submitted to the House of 
Representatives Committee on Ways and Means, Subcommittee on 
Oversight on behalf of the Health Industry Distributors 
Association (HIDA). HIDA is the national trade association of 
home care companies and medical products distribution firms. 
Created in 1902, HIDA represents more than 700 companies with 
approximately 2000 locations nationwide. HIDA members provide 
value-added services to virtually every hospital, physician 
office, nursing home, clinic, and other healthcare sites in the 
country, and to a growing number of home care patients. As the 
intermediary between medical products manufacturers and 
Medicare providers, HIDA Members are able to provide unique 
``ground level'' recommendations to aid efforts to combat fraud 
and abuse in the Medicare Program.
    As a professional trade association, HIDA wholeheartedly 
supports the rigorous enforcement of laws that ensure that 
Medicare pays reasonable reimbursement amounts for medically 
necessary items and services on behalf of Medicare 
beneficiaries. HIDA has long advocated the responsible 
administration of the Medicare program, and has repeatedly 
identified specific abusive or illegal practices occurring in 
the marketplace to assist the government's anti-fraud efforts. 
HIDA has also assisted in the development of additional 
targeted policies designed to aid the government in the 
administration of the Medicare program. This statement will 
focus on two such policies, Medicare supplier standards and 
nursing facility consolidated billing.

          Policy Recommendation Number One: Supplier Standards

    To help rid the industry of the few illegitimate players 
which jeopardize patient care, tarnish the industry, and 
unfairly distort the market for medical products, HIDA urges 
the Health Care Financing Administration and Congress to 
require that all Part B suppliers comply with standards that 
will assure Medicare beneficiaries receive a consistent quality 
of durable medical equipment, prosthetics, orthotics, and 
supplies (DMEPOS) services. The following recommended supplier 
standards result from a fundamental belief that the current 
Medicare Supplier Standards (42 CFR 424.57 et. seq.) are simply 
insufficient. Importantly, it is not just the de minimus nature 
of the standards that is deficient, but also the process 
Medicare uses to determine whether a provider actually meets 
those standards. The following recommended standards therefore 
would inject some substantive meaning into the notion of being 
a Medicare provider of DMEPOS services.
    These new standards are intended to build upon those 
currently administered through the Medicare National Supplier 
Clearinghouse (NSC). These standards would therefore apply to 
all firms that have or apply for a Medicare Part B supplier 
number in order to provide DMEPOS services and bill Medicare on 
behalf of beneficiaries. They reflect the consensus of a wide 
array industry leaders, national associations, state 
associations, HIDA Members, and other constituent interests.
    If the NSC adopts the recommended standards and changes the 
process by which it determines whether a provider actually 
meets the standards, Medicare will realize an immediate benefit 
by ensuring that beneficiaries receive DMEPOS items and 
services only from legitimate firms. If an effective screening 
process is used, unscrupulous firms will never have an 
opportunity to engage in abusive behavior because they will 
never be able to bill the Medicare program on behalf of 
beneficiaries. Consequently, the standards will significantly 
contribute to reducing fraud and abuse in the Medicare program. 
For these reasons alone, Congress should require HCFA to adopt 
these Supplier Standards.

Organization of Standards:

     Basic Business Standards--would apply to all firms 
applying for a Medicare Part B Supplier/Provider number and any 
firm that currently has a Part B supplier number issued by the 
National Supplier Clearinghouse.
     Standards for Providers of Respiratory Products--
would apply to all firms providing respiratory products and 
services to Medicare beneficiaries, and billing Part B for 
those products.
     Standards for Providers of Home Infusion Therapy--
would apply to all providers of home infusion therapy, and 
billing Medicare Part B for these products.
     Supplier Enrollment/Application Procedures and 
Verification--describes a new process by which suppliers would 
receive a Medicare Part B supplier/provider number. The process 
includes verification of information submitted to Medicare, and 
an on-site visit to the firm.
    NOTE ON TERMS: Please note that the following terms are 
used interchangeably:
    --patient, consumer, client
    --supplier, provider

Basic Business Standards for Part B Suppliers

    The Basis Business Standards would apply to all providers/
suppliers that apply for a Medicare Supplier number, and that 
are in the business of providing medically necessary durable 
medical equipment, prosthetics, orthotics and supplies (DMEPOS) 
to Medicare beneficiaries either in their home or in a nursing 
facility.
    STANDARD BB-1: AS PART OF THE APPLICATION PROCESS, THE 
PROVIDER/SUPPLIER MUST PROVIDE BASIC INFORMATION, INCLUDING:
     Name
    --A. Registration/business license
    --B. D/B/A (``doing business as'')
     Tax identification number
     Address verification
      Proof of insurance
    --A. General product liability insurance
    --B. Professional liability insurance (if company has 
health care professionals as employee(s))
    STANDARD BB-2: Provider/supplier must comply with all 
federal, state and local regulatory requirements (e.g., 
licensure), and show proof of compliance when applicable.
    STANDARD BB-3: Provider/supplier must provide evidence of 
financial soundness. May be demonstrated in many different 
ways, for example by:
    --A. Bank references
    --B. Insurance--property, liability
    --C. Trade credit references
    --D. Etc. (Dun & Bradstreet or other credit reports)
    STANDARD BB-4: Provider/supplier must have policies and 
procedures to cover basic scope of services for appropriate 
product lines.
    STANDARD BB-5: Provider/supplier must maintain all 
professional and business licenses and certifications, and show 
proof when applicable.
    STANDARD BB-6: Provider/supplier must have 24-hour a day, 7 
day a week service availability for appropriate products and 
response to emergency situations.
    STANDARD BB-7: Provider/supplier routinely monitors the 
quality and appropriateness of services, equipment and supplies 
provided.
    STANDARD BB-8: Provider/supplier has a corporate compliance 
program.
    STANDARD BB-9 Provider/suppliers (owners and officers) 
shall not have been convicted of violations of Medicare and/or 
Medicaid rules and regulations.
    STANDARD BB-10: Provider/supplier attests that it is 
knowledgeable of the Medicare laws, regulations and policies 
pertaining to the billing of the applicable services, equipment 
and supplies provided.
    STANDARD BB-11: Provider/supplier has the capability 
(either directly or through contractual arrangements with other 
entities) to service customer locations, as evidenced by 
product inventory, distribution systems, and emergency backup 
systems.
    STANDARD BB-12: Provider/supplier provides its customers 
with educational resources relative to the products and 
services provided such as assistance with understanding 
Medicare regulations, provision of Medicare's toll free 
beneficiary help line, equipment inservices (if applicable), 
and product information.
    STANDARD BB-13: Provider/supplier has policies and 
procedure to document and resolve customer complaints and 
inquiries.
    STANDARD BB-14: Provider/supplier maintains regular 
business hours.
    STANDARD BB-15: Provider/supplier maintains a physical 
business location with its business name evidently displayed.
    STANDARD BB-16: Provider/supplier has procedures to 
document maintenance and repair programs for equipment as 
applicable.
    STANDARD BB-17 The patient/caregiver must be informed of 
the provider's compliance with all applicable HME Federal and 
State laws, regulations and Standards.
    STANDARD BB-18 The provider/supplier must assure that all 
the necessary and appropriate patient/caregiver education has 
been provided or arranged for with respect to the services, 
equipment, and supplies provided.
    STANDARD BB-19 The provider/supplier must provide patient/
caregiver training in the safe and proper use of equipment, 
with a follow-up demonstration.
    STANDARD BB-20 The provider/supplier must inform, in 
general terms, the patient/caregiver of his/her financial 
responsibilities.
    STANDARD BB-21 The provider/supplier will assure that 
environmental considerations are addressed such that the 
continuing needs of the patient/caregiver are met in the safest 
possible manner.
    STANDARD BB-22 The provider/supplier only uses equipment 
and supplies that conform to generally accepted industry 
manufacturing standards.
    STANDARD BB-23 The provider must have a valid, current and 
accurate prescription for all equipment and supplies provided.
    STANDARD BB-24 The provider/supplier must notify the 
prescribing physician of apparent patient non-compliance.

Supplier Standards for Providers of Respiratory Products

    These provider standards would apply to providers of 
respiratory products (in addition to the Basis Business 
Standards described above).
    STANDARD RESP-1: All patient/caregiver information must be 
kept in confidence (except when required to be released, for 
example, by JCAHO; and provider will first obtain client's 
permission).
    STANDARD Resp-2: Providers may only provide respiratory 
therapy equipment for which it is an authorized dealer.
    STANDARD Resp-3: The provider must perform and document 
scheduled in-home routine preventative maintenance of provider-
owned (i.e., rental, loaner) equipment.
    STANDARD Resp-4: Either directly or through contracting 
with another entity, the provider must perform and document 
manufacturers' scheduled maintenance of provider-owned (i.e., 
rental, loaner) equipment.
    STANDARD Resp-5: Provider cleans, stores, and transports 
respiratory therapy equipment in accordance with the 
manufacturer's recommendations and all applicable Federal and 
local laws ad regulations.
    STANDARD Resp-6: The provider must have a valid, current 
and accurate prescription for all respiratory therapy equipment 
dispensed.
    STANDARD Resp-7: The provider must secure physician 
approval, either through a change in the prescription or 
through physician-approved protocols, before respiratory 
therapy equipment modality substitutions are made.
    STANDARD Resp-8: The provider only utilizes the services of 
personnel who are appropriately trained, qualified, and 
competent for their scope of services.
    STANDARD Resp-9: The provider utilizes services of health 
care professionals that adhere to all Federal and State laws, 
rules, and regulations.
    STANDARD Resp-10: Providers providing life supporting or 
life sustaining respiratory therapy equipment assume the 
responsibility to directly provide or arrange for the services 
of a respiratory therapist or equivalent.

Supplier Standards for Providers of Home Infusion Therapy

    These provider standards would apply to providers of home 
infusion products (in addition to the Basis Business Standards 
described above).

Performance Standards

    STANDARD IV-1 Provider has competent staff:
    A. Provider has trained, competent technical staff
     B. Provider has access to qualified health professionals
    STANDARD IV-2 Provider performs client assessments, which 
includes:
    A. Appropriateness of therapy
    B. Safety of home environment
    C. Development of plan of care to establish product and 
service needs
    STANDARD IV-3 Provider coordinates client care with other 
providers and practitioners:
    A. Communication and interaction with other providers and 
practitioners
    a. Patient assessment/service plan
     b. Changes in patient's needs
     c. Changes in patient's care regimen
    STANDARD IV-4 Provider has a valid, current and accurate 
prescription for all products dispensed.
    STANDARD IV-5 Provider schedules activities, including
    A. Who does what and when
    STANDARD IV-6 Provider performs patient/caregiver training 
which includes:
    A. Indication for therapy
    B. Administration of medications or formula
    C. Operation and maintenance of pump
    D. Inventory storage and management
    E. Self-monitoring
    F. Emergency response
    STANDARD IV-7 Provider delivers, sets up and pickup 
equipment and supplies.
    STANDARD IV-8 Provider performs ongoing monitoring and 
follow-up, including:
    A. Assess response
    B. Assess functioning of therapy delivery system
    C. Assess product utilization, patient compliance
    D. Assess continuing need for therapy (with others)
    E. Equipment tracking, cleaning, maintenance and repair
    STANDARD IV-9 Provider provides access to emergency 
response services:
    A. Services are available 24 hours a day, 365 days a year
    B. Provider responds within reasonable time
    C. Provider provides intervention as indicated.
     a. Technical
    b. Clinical--provide instruction, visit or contact other 
provider
    INFORMATION MANAGEMENT
    STANDARD IV-10 Provider manages the following information 
related to the client:
    A. Maintain clinical records
    B. Patient satisfaction/grievances
    C. Complications
    D. Unscheduled deliveries and visits
    E. Utilization data by service, by patient
    F. Goals of therapy, patient needs

Application Process--for a Medicare Part B Supplier Number

    The verification that a provider/supplier meets the 
Medicare supplier standards is vitally important to the 
provider/supplier industry, beneficiaries, and the Medicare 
Program to ensure that only viable providers/suppliers provide 
medically necessary DMEPOS items and services to Medicare 
beneficiaries.
    HIDA recommends that non-governmental independent 
organizations verify that providers/suppliers comply with the 
Medicare supplier standards, both initially and on an ongoing 
basis. This recommendation is similar to the structure used 
world wide by the International Standards Organization (ISO). 
This process would be simple, minimize bureaucracy and 
paperwork, and most importantly, ensure the suppliers comply 
with the standards.
    National Supplier Clearinghouse (NSC) would certify 
organizations that wish to verify suppliers meet the Medicare 
supplier standards.
     These organizations would verify compliance based 
solely on the Medicare supplier standards. Verification would 
include: A complete review of the application, Written follow-
up on questionable areas On-site visit to verify/check 
remaining questionable areas.
     There would be a time limit to complete the review 
process (no more than 90 days).
     The provider/supplier pays the fee to the 
verification organization (a portion of which may go to the NSC 
to cover administrative costs).
     There would be a three year cycle for renewal of 
Medicare supplier number to ensure ongoing compliance with the 
Medicare supplier standards. The fee would cover the three year 
cycle.
    Note: HIDA supports a reasonable application fee to cover 
costs of verification. The recommendation is made with the 
understanding that these verification procedures will actually 
weed out the ``bad actors;'' non-legitimate companies would not 
be able to get a Medicare supplier number because of the 
rigorous screening of all applicants.

Policy Recommendation Number Two: Nursing Facility Consolidated Billing

    The Administration's FY 1998 budget package contains a 
legislative proposal prohibiting any entity other than a 
nursing facility from billing Medicare for the medical supplies 
and services provided to nursing facility residents. This 
``consolidated billing proposal'' does not distinguish between 
reimbursements for services covered by Medicare Part A vs. Part 
B.
    HIDA supports consolidated billing for nursing facility 
residents who are covered by Medicare Part A. We understand 
that Part A consolidated billing is needed to gather the 
information that the Health Care Financing Administration 
(HCFA) needs to develop the nursing facility prospective 
payment system. However, HIDA believes that nursing facilities 
should retain their ability to use outside suppliers of 
medically necessary Part B services when the resident is not 
covered under the 100-day Part A stay. This choice is more 
efficient and economical for many nursing facilities.
    Outside suppliers provide nursing facilities with a number 
of services that promote positive health outcomes. Value-added 
services provided by medical suppliers including storage, 
inventory management, clinical services (e.g., respiratory 
therapy, nutritional assessments, support for wound care 
protocols), billing and collection, and outcomes support. Many 
nursing facilities do not have the administrative staffing, 
physical space, or other resources to ensure that adequate 
quantities of the appropriate products are available to meet 
each patient's needs, especially since some patients require 
products on an emergency basis or have frequently changing 
needs. As a result, beneficiaries could be denied access to the 
wide range of high quality, medically necessary products that 
are currently available.
    The Health Industry Distributors Association opposes 
consolidated billing for nursing facility residents who are not 
covered by Medicare Part A because:
    Concerns Relating To Fraudulent Billing Are Not Applicable 
After The 100 Day Part A Stay: It is argued that consolidated 
billing is needed to eliminate the opportunity for fraudulent 
``double billing'' of Medicare Part A and Part B. These 
concerns can be addressed through Part A consolidated billing--
simultaneous billing of Part A and Part B is not feasible for 
residents who are not covered by Part A. In addition, the new 
Durable Medical Equipment Regional Carriers (DMERCs) have 
instituted tight controls over the Part B benefit. With full 
time Medical Directors developing and implementing strict 
guidelines defining medical necessity and utilization of 
medical supplies, the DMERCs have been highly effective in 
combating fraudulent billing practices. Therefore, 
irregularities in the Part B billings of outside suppliers 
providing services to nursing facility residents are readily 
apparent under the current system.
    Consolidated Billing Would Impose New Cost Burdens On 
Nursing Facilities: By requiring fully consolidated billing, 
even when beneficiaries are not under a Part A stay, many 
nursing facilities that previously utilized outside suppliers 
to provide their residents with medically necessary supplies 
and services would be required to provide these services 
themselves, to directly bill for these supplies and services, 
and to assume other responsibilities that are currently 
fulfilled by outside suppliers. These responsibilities and 
services would add significant costs to a nursing facility. 
Importantly, current law allows a nursing facility to act as a 
Part B supplier; presumably those facilities who choose to do 
so now would continue this practice in the future if it is 
their best option.
    Consolidated Billing Is, At Best, Budget Neutral: The 
proposed legislative prohibition against the use of outside 
suppliers is considered revenue neutral, as it is characterized 
by the Congressional Budget Office as a billing requirement. In 
reality, fully consolidated billing would likely increase costs 
to the health care system, since the supplier community 
provides valuable billing expertise, inventory control, staff 
education and clinical services which the facilities will need 
to replace.
    Consolidated Billing Is Not Necessary For Prospective 
Payment: It is argued that consolidated billing is necessary to 
collect the data needed to construct a prospective payment 
system for nursing facilities. However, there is no prospective 
payment proposal for the Part B benefit, which will continue to 
exist unless Congress specifically eliminates it.

                               Conclusion

    HIDA appreciates the opportunity to submit these 
recommendations to the Subcommittee. We urge Congress and HCFA 
to strengthen the Medicare program by implementing rigorous 
supplier standards and requiring nursing facility consolidated 
billing during the 100-day Part A benefit. These two 
recommendations will aid in the ongoing effort to combat 
Medicare fraud and abuse while promoting the provision of 
consistent, high quality services to Medicare beneficiaries.