Per the U.S. Department of Labor, unemployment insurance fraud can take many forms. Employer fraud may include certain actions to avoid tax liability or establishing a fictitious employer account to enable fraudulent claims against that account. Claimant fraud may include knowingly submitting false information, knowingly continuing to collect benefits when ineligible, certifying for benefits under state law while being able and available to work, or intentionally collecting full benefits while not reporting wages or income. Additionally, identify theft may result in unemployment insurance fraud that is neither the fault of the employer nor the identify theft victim.
How does the scam work? Personal identifiable information (PII) was most likely obtained from a previous cyber hack and there have been many major attacks within the past 5 years where such information could have come from. The scammers are using the PII to create an unemployment claim and then intercept the money. There are cases where the money was sent to the victim’s actual bank account or debit card was sent to the victim’s address. Fraudsters, in turn, may then try to contact the victim by phone, email or text impersonating an unemployment official. The scammers are using the identity of people currently employed as well as those who have been retired, making it all the more difficult for HR staff to vet the unemployment claims.
Planning is key in reducing the impact of these situations. Dealing with fraud is not a matter of “if” but “when.” Having a formal procedure in place with actionable steps is one of the best ways to manage fraud. This should include:
- Unemployment claims monitoring: Human resources staff should perform their due diligence to investigate all claims against their district to determine if the claim is valid or fraudulent.
- Data breach analysis: Districts should verify that the personal information was not obtained through a data breach at their district. If a breach occurred, the district should investigate their liability.
- Notify the Department of Labor (DOL): The DOL must be notified of this false claim for unemployment benefits. Each state has different resources to report unemployment insurance fraud.
- Communicate identity theft and unemployment insurance fraud procedures with employees: Plans are only effective if they are followed. Verify that your employees understand their part in preventing and reporting fraud. Ex. A letter/e-mail notifying all district employees of the recent unemployment scams that are occurring and advising employees how to handle the situation should they fall victim to an unemployment scam.
- Maintain Records: Properly record information about the fraud. This includes all communications with government entities, the victim’s information, and company employment records.
Employees who are victims should take steps to proactively protect themselves by:
- Reporting the fraud to the state unemployment benefits agency (NYS Department of Labor NYDOL.gov), which can be done online or calling the NYS Fraud Hotline: (1-888) 598–2077. Many have also found it helpful to report the fraud to their local police department.
- Protecting their credit by either freezing their credit or placing a fraud alert on their credit reports.
- Reviewing their credit history reports from the three major credit bureaus.
- Staying alert for new signs of identity theft by keeping a close eye on bank statements and other financial account statements, utility bills, credit card statements, medical bills, and medical insurance statements.
If you would like to learn more about this topic, please contact:
Shari Diamond, CIA
Shari has been with Cerini & Associates, LLP since 2008 where she works primarily with the firm’s school district clients providing internal audit and claims audit services. She has over twenty years’ experience performing internal audits, risk assessments, and compliance reviews, as well as recommending processes to strengthen the internal controls environment while increasing efficiencies. Her prior experience at PWC and Northrop Grumman included performing Information Technology audits.