Witnesses at a House Ways and Means Committee hearing on Thursday called for putting in place improved identity authentication measures for unemployment insurance (UI) programs as a way to cut down on UI program fraud.
The committee’s Feb. 6 hearing focused on extending the statute of limitations for Coronavirus Aid, Relief, and Economic Security Act (CARES Act)-related unemployment insurance (UI) fraud – which is set to expire on March 27 – along with solutions to prevent future UI fraud.
Spurred by business lockdowns and social distancing in the initial period of the pandemic, U.S. unemployment hit nearly 15 percent in 2020, leading the Department of Labor (DoL) and Congress to establish $2.2 trillion in pandemic relief through the CARES Act.
A report released in December 2013 by the House Select Subcommittee on the Coronavirus Pandemic reported that $191 billion of those relief funds were siphoned off via fraudulent claims paid out through state UI agencies to hackers and fraudsters.
Only $5 billion of those fraudulent payments have been recovered, according to the DoL, and more than 1,600 criminal cases related to UI fraud cases remain open and uncharged, according to the Department of Justice.
Lawmakers and witnesses alike agreed that extending the statute of limitations beyond March would aid in prosecuting criminal cases and recovering more of the stolen funds.
Haywood Talcove, chief executive officer of LexisNexis Risk Solutions for Government, suggested that Congress work to apply identity verification on the front-end, end self-certification, and continuously authenticate beneficiaries to prevent future UI fraud.
“For too long, the government has treated identity verification as an afterthought,” said Talcove. “Today, the threat is growing exponentially. AI [artificial intelligence] powered fraud networks generate fake identities that pass dated NIST [National Institute of Standards and Technology] verification standards from 2017, bots file thousands of applications in seconds, deep fake technology generates quote-unquote real people that bypass security safeguards.”
“Criminals are evolving in real time, our response must be just as fast, just as smart and just as relentless,” he said.
Talcove suggested employing AI tools, using data sharing, and changing the 1974 Privacy Act to combat UI fraud.
“Fraud in this scale is not inevitable, it’s [the] result of legacy systems, outdated and complex regulations, lack of data, and failure to act,” he said.
A committee hearing in February 2023 revealed that outdated state UI systems and weak online security contributed to the program’s vulnerability to fraud, according to witnesses from the Government Accountability Office (GAO) and the Pandemic Response Accountability Committee.
In response to a question from Rep. Nathaniel Moran, R-Texas, about what identity verification procedures would look like, Talcove compared them to practices commonly used in industry.
“Every single one of you goes through that identity verification process, when you go to your bank, when you use Amazon, when you go online to do e-commerce,” said Talcove. “You’re at the gas station, you put your credit card in, and all of a sudden, you get a text on your phone, and it says, ‘Congressman, are you really in Washington, DC?’”
Rep. Moran agreed with Talcove’s recommendations, saying that improving identity verification is “not that difficult.”
“I think there is an easy, easier way, a more effective way for us to stop the fraud on the front end, and certainly it’s going to benefit us on the back end, because we’ve got a number of those cases that are out there that we need to prosecute,” said Rep. Moran.
Data access and data breaches were also a hot topic of the hearing. Talcove explained that data used to steal identities for fraudulent UI claims were the result of poor cybersecurity and data breaches, saying explaining that some countries – particularly China – used data stolen from government breaches to file claims on behalf of U.S. citizens.
Some Democratic lawmakers likened UI fraud-related data breaches to the recent access of government data systems at the Treasury Department, General Services Administration (GSA), Office of Personnel Management (OPM), and U.S. Agency for International Development (USAID) by the Department of Government Efficiency (DOGE) team led by its chief Elon Musk.
“We really need to provide some answers to our constituents based on the immediate issue that they’re facing,” said Rep. Steven Horsford, D-Nev., during the hearing. “They’re the largest illegal data breaches happening right now in U.S. history, at this administration’s direction, and we still don’t know who’s in charge, or what they’re up to, where this information is being used, or how widespread it is.”
Others called out President Donald Trump’s firing of DoL Inspector General Larry Turner who departed the agency within the first weeks of the new administration. Turner had been responsible for overseeing efforts to investigate and charge UI-related fraud cases, according to Democratic representatives.
“We need to push back against President Trump’s illegal firing of our nation’s top UI fraud investigator and get Mr. Turner – and other independent, non-partisan inspector generals across government, whom the president illegally removed –back on the job,” said Rep. Judy Chu, D-Calif. “If we have the fraud, who is going to do the work of actually deterring it?”
The White House recently promised to temporarily restrict DOGE’s access to the Treasury’s payment systems after a coalition of labor organizations filed a lawsuit on Monday against the Treasury Department for allegedly sharing confidential data with DOGE.
