UI APPEALS: BEST PRACTICES IN ID THEFT CASES Sherri Miller

UI APPEALS: BEST PRACTICES IN ID THEFT CASES Sherri Miller Director Commission Appeals Texas Workforce Commission

1. Data Breaches 2. Service Modernization 3. Early Fraud Detection 4. ID Theft in TX Claims 5. ID Theft in TX LA Appeals 6. ID Theft in TX HA Appeals

DATA BREACHES MATERIAL FOR ID THEFT

2017—A FEW NOTABLE BREACHES June 2017, Deep Root Analytics Records on more than 198 million registered voters exposed July 2017, Equifax 143 Million records exposed, including SSN’s November 2017, Uber disclosed breach from late 2016 57 Million records exposed, including 600,000 drivers license numbers

2018—SELECTED BREACHES THROUGH APRIL March 2018, Orbitz 880,000 records exposed, including SSN’s March 2018, Under Armour (MyFitnessPal app) 150 millions users’ personal information compromised April 2018, [24]7.ai (3rd party chat service used by retailers) Best Buy—undisclosed amount of customer payment information exposed Delta Air—undisclosed amount of customer payment information exposed Kmart—undisclosed amount of customer payment information exposed Sears—undisclosed amount of customer payment information exposed April 2018, Lord & Taylor/Saks 5th Avenue/Saks Off 5th 5 million customers’ payment information compromised April 2018, Panera Bread Undisclosed amount of payment information compromised, including SSN’s

ID THEFT—THE NEW NORMAL Personal information and financial records are readily available for sale online SSN’s and health records are lucrative because they facilitate ID theft and have long shelf lives FTC reports that in 2017, ID theft complaints were the 2nd largest category of consumer complaints Breach Fatigue—a state of reduced attentiveness resulting from frequent data breach announcements; may cause consumers to fail to heed warning signs of ID theft

SERVICE MODERNIZATION INCREASING THE RISK

FROM PAPER TO THE CLOUD According to the National Association of State Chief Information Officers (NASCIO), investments in internet and cloud technology take 2nd place on the top 10 priorities for 2018 Automation of services and the trend to establish the internet as the primary delivery system increase fraud opportunities Paper notifications mailed to claimants for an appeals hearing may be the first indication to an individual that their ID info has been used to file for UI benefits

EARLY UI FRAUD DETECTION TAKING THE OFFENSIVE

PRO-ACTIVE, DATA-BASED FRAUD DETECTION Online fraudsters are sophisticated and organized, with tactics that include large-scale attacks Fraud prevention and early detection require proactive, advanced efforts Since at least 2013, Texas and other states, in cooperation with DOL and the National Association of State Workforce Agencies (NASWA) have pioneered ground-breaking, data analysis techniques and resources Collaboration and information exchange between states will be vital in ongoing efforts

TEXAS As of May 2018, TWC’s Regulatory Integrity Division (RID) and UI Division have locked over 21,800 fraudulent claims based on realtime data analysis UI data analytics algorithm applied to all online claims to flag suspicious claims before first payment is made Cross-checks on claims are run against national, state, county and municipal jail data, and TWC’s benefits system flags matches for investigation. Payment stops on about 70% of flagged “incarceration” claims. ID Theft Task Force investigates tips from Fraud Hotline, analyzes claims, confirms the identities of claim owners, and compiles evidence for future prosecution.

NASWA RESOURCES NASWA—national organization representing all 50 state workforce agencies, D.C. and U.S. territories. NASWA provides policy expertise, shares promising state practices, and promotes state innovation and leadership in workforce development. NASWA’s UI Integrity Center—helps UI agencies prevent, detect and recover improper payments, prevent fraud and promote integrity. Integrity Knowledge Exchange—offers a library, state practices portal and a team of subject matter experts who provide on-demand, in-person services to UI agencies. Integrity Data Hub—a centralized, multi-state data analysis tool which allows participating UI agencies to cross-match UI claims against a database of information associated with potentially fraudulent claims or overpayments. National Integrity Academy—provides high quality integrity-related training and certification programs to state administrative agencies.

BENEFITS LEVEL ID THEFT ALLEGATIONS IN TX

DIRECT ID THEFT ALLEGATIONS Allegation made to UI CSR CSR creates “fraudulent filing” issue in benefits system & flags the SSN for investigation Designated staff review the flagged SSN’s Allegation made to Fraud Hotline ID Theft Task Force (RID) speaks to the caller Task Force makes a decision about the claim

EMPLOYER RESPONSES Employer responds “still working” or “not unemployed” Validity of Claim issue created He never left. He hasn’t missed a day in months. Separation investigation conducted normally If either party alleges the claim is fraudulent, the SSN is flagged for review Designated staff review the flagged SSN’s

ROUTINE QUERIES ID Theft Task Force runs queries on all completed claims Suspect claims receive further review Task Force issues contact requests to claimants and makes a decision based on the result of the contact. UI is informed of decision so that appropriate action can be taken

LOCKED CLAIMS List of locked claims routinely supplied to the ID Theft Task Force, Appeals, Collections and UI Business Support Appeals on locked claims are evaluated ID theft notification letters are mailed

ID THEFT IN TX LOWER AUTHORITY APPEALS

CHALLENGES FOR LOWER AUTHORITY Not typically equipped to develop evidence necessary to evaluate ID theft allegations Limited to evidence voluntarily provided Lengthy ID theft investigations Complex & evolving procedures Lack of information/educational resources

INCOMING LOWER AUTHORITY APPEALS Case processing (Notice Writer) staff in Appeals review incoming appeals for prior ID Theft Task Force evaluation Case processing staff make a case note of any ID theft evaluation when found, including that inquiries should be directed to TWC’s Office of Investigations ID theft impacted appeals are referred to a supervisor for appropriate action. If ID theft has been previously substantiated, a hearing may not be necessary.

LOWER AUTHORITY HEARINGS If ID theft previously investigated, but not substantiated RID witness invited to testify at the hearing on the ID theft issue New ID theft allegations made (not previously investigated) Refer for ID theft investigation & conduct hearing when investigation has concluded

ID THEFT IN TX HIGHER AUTHORITY APPEALS

CHALLENGES FOR HIGHER AUTHORITY Most cases limited to previously developed record Not typically equipped to develop evidence necessary to evaluate ID theft allegations Lengthy ID theft investigations Complex & evolving procedures Lack of information/educational resources

REVIEWING ATTORNEY PROCEDURES Case includes prior ID theft investigation – review normally Case includes ID theft allegation not previously investigated Refer case to Supervising Attorney for review and appropriate action If investigation required, hold case until results provided Include ID theft info in summary If ID theft is substantiated, the claim may need to be voided

FAQ How do ID theft allegations make it as far as HA appeals without being addressed? What is the best method to determine if an ID theft allegation is valid? How many cases are impacted by ID theft? How many ID theft allegations are substantiated? How do these cases impact DOL performance measures?

QUESTIONS