While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
During a press conference in June 2016, leaders from the Justice and Health and Human Services departments unveiled charges in the largest takedown of Medicare and Medicaid fraud in the nation’s history. The final tally was eye-opening: About 300 individuals, including 61 doctors and other medical professionals, were accused of falsifying $900 million worth of medical bills.
The success, they said, was due to the Medicare Fraud Strike Force.
“The Medicare Fraud Strike Force is a model of 21st century data-driven law enforcement, and it has had a remarkable impact on healthcare fraud across the country,” former Assistant Attorney General Leslie Caldwell said at the time.
Behind the scenes, officials praised nearly real-time data analytics as a major asset in building their case.
Today, government agencies increasingly turn to data analytics as a crime-fighting tool. In the process, they scour a more varied and greater amount of data — structured and unstructured, internal and external — for insight into identifying fraud, waste and abuse.
Combined with emerging technologies such as machine learning, natural language processing, rule-based algorithms and predictive analytics, the emphasis has already yielded a significant return.
The Securities and Exchange Commission, which monitors transactions for insider trading and other crimes, has been among the agencies reaping value from the technology.
“If someone trades in the right direction through a whole series of good and bad news announcements, that’s likely suspicious and worth investigating,” says Rob Cohen, co-chief of the SEC’s Market Abuse Unit.
With wider access to data and almost immediate access to analytics tools, agencies can conduct accelerated investigations. In the past, by the time some formal inquiries started, phony companies and perpetrators could have already disappeared with millions of dollars. Now, feds can complete such investigations in weeks, sometimes even as the fraud is taking place.
“Ten years ago, you’d have to request data from the program agency and wait weeks for them to pull it,” says Steve Shandy, program manager at the Office of Inspector General, Health and Human Services (HHS OIG) Consolidated Data Analysis Center. “Usually, the people you were working with didn’t have direct access to health care claims data at their fingertips, nor access to data analytics tools.”
Today, hundreds of employees, including HHS OIG staff and researchers, can access data warehouses filled with information from multiple Medicare programs and health plans, as well as supplemental data from other government databases. The agency runs a 100-terabyte data warehouse on NetApp storage and several virtualized servers managed by a contractor.
The effort is not limited to HHS. As a result, the analytical tools many of these agencies now use can sift through enormous amounts of information and identify outliers, anomalies and unusual payments that potentially indicate fraud.
“Anomalies don’t always mean fraud, but they dig up valuable information that leads to further investigation,” Shandy says.
At HHS OIG, investigators need a search warrant to access medical records from providers and to help determine if those records support the claims submitted. This is where natural language processing, a system that can read and analyze written text, could offer further insight into more unstructured data and identify potential fraud.
“Big investments may come down the road in natural language processing and social media analytics,” Shandy says.
Aside from internal systems, agencies also are introducing external data into their analytics equations to identify potential abuse. This addition includes prescription drug databases, death records from the Social Security Administration, the Labor Department’s national directory of new hires (used to sniff out unemployment insurance fraud), and suspicious banking activity.
Now, Shandy says, social media can help feds learn more about alleged perpetrators and detect new schemes.
“Once somebody knows about a certain scheme, it often gets posted and others start replicating it,” says Frank Stein, director of IBM’s Analytics Solutions Center. “You can even find people posting food stamps for sale on Craigslist.”
Aside from tracking individual fraudulent transactions, agency leaders say the use of analytics is instrumental in identifying repeat offenders and connecting multiple players in schemes.
For example, the Agriculture Department’s Supplemental Nutrition Assistance Program uses analytics to create an audit trail of 8 million daily food stamp transactions, allowing the department’s Food and Nutrition Services to identify unusual patterns among stores and recipients, says FNS spokesman Jalil Isa. That system, known as ALERT, provides information to help determine whether suspicious transactions are program violations. Using ALERT, the Agriculture Department continuously evaluates and ranks retailers based on suspicious transaction activity and creates a watch list.
The SSA uses analytics to streamline the processing of disability applications. Agencies are hesitant to discuss the specific technologies they use for privacy, security and compliance reasons.
Through natural language processing, the SSA begins by reading the applications. With machine learning, the system then sorts some applications for fast-track processing, where they are approved or rejected. When the machine is unsure of an application, it is forwarded to SSA staff, allowing the agency to focus more resources on difficult cases.
This process shrunk the processing time for fast-tracked claims from 97 days to 20 days or fewer. Similar techniques also saved the SSA $2 million in costs for disability benefits renewals.
The SEC’s Market Abuse Unit’s Analysis and Detection Center designed an analytics tool to run queries on an archive of select trading data obtained from broker dealers. That tool can detect fraud, as well as patterns that may identify repeat offenders and fraudulent relationships among traders, hedge funds and others.
“Analytics allowed us to make connections among traders and develop the evidence that trades were based on hacked news information,” says Joe Sansone, co-chief of the Market Abuse Unit. This included matching traders and trades to the dates and times of the newswire announcements. Traders reaped more than $100 million from these illicit trades.
Thanks to analytics, the SEC in August 2015 identified a ring of hackers who penetrated three newswire services to acquire proprietary information, which they sold before it was announced, a case of insider trading.
Still, data is not the whole solution. “We have analytics people with a lot of subject matter expertise working closely with agents on the ground doing the hard work of investigating,” Shandy says. “The team approach is really the key to success, along with some creativity, curiosity and innovation.”