Picking Uncle Sam's pockets, with Jetson Leder-Luis
This week I'm joined by Jetson, an economist specializing in frauds against the government, mostly in healthcare spending. We chat about the intersection between benefits/payment fraud and financial fraud (making this a good companion to prior conversations). The optimal amount of fraud is non-zero, but perhaps at prevailing margins, we could cut off tens of billions of dollars for work which is pretty pedestrian in character.
Sponsors
Check is the leading payroll infrastructure provider and pioneer of embedded payroll. Check makes it easy for any SaaS platform to build a payroll business, and already powers 60+ popular platforms. Head to checkhq.com/complex and tell them patio11 sent you.
Building an enterprise-ready SaaS app? WorkOS has got you covered with easy-to-integrate APIs for SAML, SCIM, and more. Start now at https://bit.ly/WorkOS-Turpentine-Network
Timestamps
(00:00) Intro
(02:04) Overview of Medicare/Medicaid
(02:41) Estimated $50-100B fraud losses
(03:31) Taxonomy of healthcare fraud
(08:04) Hospice fraud; potentially saved money
(16:33) A $10 billion asterisk: ambulances for dialysis patients
(21:30) Sponsors: Work OS | Check
(24:45) Complexities of fraud detection and prevention
(39:02) Pandemic fraud
(41:34) Findings on PPP loans fraud
(48:19) Supply chain of fraud
(52:06) Policy and enforcement challenges
(01:08:32) Whistleblower programs
(01:14:54) Final thoughts
Transcript
Patrick
Hi everybody, my name is Patrick McKenzie, better known as Patio11 on the internets, and this week I'm joined by Jetson, who is a professor of fraud.
Jetson
Hey Patrick, thanks for having me.
Patrick
Thanks very much for coming. Can you just give people a sketch of your professional background?
Jetson
I've never been called a professor of fraud before. That's so much fun.
So my name's Jetson Leder-Luis. I'm an assistant professor at Boston University at the business school, the Questrom School of Business. I also split my time between some other places, including the National Bureau of Economic Research. I'm an economist, I did my doctorate at MIT, and indeed, I study fraud.
Patrick
Awesome. And for those of you who don't know, I do have to make a mandatory disclaimer here: I worked at Stripe, which is largely a payments processor, for a number of years in a variety of roles, and have touched fraud from the industry perspective. Things that I say in my private spaces are not necessarily endorsed by my former employer, even though I'm currently an advisor to them.
Cool. Disclaimer made.
[Patrick notes: People who know me mostly as a writer might be a bit puzzled by that bit of professional history, but partly I was at a company where broad generalists routinely pitched in all over the place, and partly I have had an interest in this topic for 20 years, which occasionally allowed me to be useful to teams of e.g. 20-somethings hitting it for the first time professionally. I’d ballpark it as 5% of my time over the years–this was a bit of a sideline for me, not my full-time job at any point (well, incident mode sometimes felt pretty full-time).]
Jetson
I should also disclaim that the opinions that I'm giving today are my own and not that of any of the federal funding agencies that have been so gracious, nor any of the private funders, nor anyone else that do any sort of private consulting work for. Just speaking off the cuff today about my own experience and research.
Patrick
Yep. As an aside, I think one of the wonderful things that the internet allows is for people to be a fly on the wall of conversations like this, between people who might have some degree of knowledge about the thing they're talking about. Institutions, even institutions that are notionally supposed to advance the public good and the state of the literature on things, do not necessarily have incentives which are compatible with being maximally candid about these topics.
To be clear, neither of us is going to say exactly 100% of what we know about this, both because there's limited time and because of social considerations. But hopefully it will be interesting regardless.
So you've done a lot of work on Medicaid fraud specifically. Can you talk a little bit about your background there?
Overview of Medicare/Medicaid
Jetson
Absolutely. So when I say I study fraud, I almost exclusively study fraud that's committed against the government. So, simple pitch: the US government spends trillions of dollars a year trying to provide services to the citizenry – roads, schools, hospitals, et cetera. – and there are big incentives to divert that money towards fraud. One of the largest areas of federal spending is healthcare.
There are two big healthcare programs. There's Medicaid and there's Medicare. For those who aren't familiar, Medicaid is the low-income program, and Medicare is the old age and disabled program. I've done a lot of work on fraud in the health care systems. Primarily, I work with Medicare data, just because it's easier to access; Medicaid is run by the states, which means that there are actually 50 different data sets if you want to study Medicaid. Medicare is centralized at the federal government level, which means that I can see fantastic data from generally one source, which is a lot easier to work with.
Estimated $50-100B fraud losses
Medicare fraud is fascinating. The way Medicare works is the government actually just works as a big insurance company. The U.S. government doesn't mostly run nursing homes, hospitals, home health agencies, hospices, physician's offices, anything that we might want to give the beneficiaries; instead, if you're over 65 and an American citizen, you qualify for Medicare, which is a big health insurance program. We spend $800 billion a year on Medicare as a country. That's a fantastic amount of money. And I estimate that health care fraud between the different programs is between $50 and $100 billion a year of money that gets lost.
Taxonomy of healthcare fraud
Patrick
So one of the things that is a little opaque to non-specialists in this is that there is something of a taxonomy or a spectrum of fraud. When different people in different parts of the federal government and the Office of the Inspector General and the OMB, et cetera, talk about fraud, they might be discussing slightly different things.
So can you just give people a lay of the land for when you say there's $50 to $100 billion of fraud? What does that mean specifically?
Jetson
Right, so there are a number of ways in which we make fraud illegal. One way to think about characterizing it is, “Where is it illegal, and why?”
Anything that violates the rules of the insurance game can be considered fraud. And so when I write about fraud, one of the ways I like to explain it is, “The only thing that makes it a coherent set of behaviors is that they're illegal under these laws.”
And so on the far benign end of the spectrum – maybe not benign per se in that it still costs the government money and may be bad – but certainly the least sketchy capital-F Frauds are civil frauds. Think about a hospital that admits patients because it's more profitable to admit them than to see them in the ER and then send them home. A hospital might do this systematically and then ultimately be charged in civil court for, basically, “You need to pay us the money back with some penalties.”
Generally, civil healthcare fraud in the United States is prosecuted under what's called the False Claims Act, which I think we should talk more about. It's a super interesting whistleblower law.
On the other far end of the spectrum, we have criminal fraud, where individuals who, for example, run a pill mill, or an ambulance company that's not even taking patients anywhere, but just sending bills and it's totally a ghost patient. These people often, but not always, have ties to organized crime; those generally are prosecuted under criminal fraud statutes where the penalty is potentially not just money but also jail time.
So when I say that there's $50 to $100 billion of fraud, I would think that that's all across the spectrum.
Patrick
Gotcha. So one thing that I would like to emphasize is that at some point the government needs to make a decision on what is legal versus illegal, and of the set of illegal things we have a limited amount of resources to actually prosecute that illegality. There are spectral ranges around the edges here, where what is crime is a policy decision – it is definitionally a policy decision – and what forms of fraud are acceptable to actors, even if they cannot say the exact words “these are acceptable,” is also a policy decision. We have difficulty discussing this (in government specifically) explicitly and squarely.
But for example, a concept in medicine is defensive medicine, where you as a medical provider might overtreat a patient – order tests that you think are maybe not medically necessary or order procedures that you think that are perhaps not medically necessary, not out of your medical judgment, but because you are worried about being sued for malpractice if a patient has a foreseeable outcome given their current health circumstances that could result in you somewhat unjustly taking liability.
So theoretically speaking, when you are billing the government for procedures which are medically unnecessary, that is obviously illegal fraud. However, the polity of the United States largely does not believe that the government should dictate to doctors individual line-by-line medical decision making. And thus this is illegal fraud that we're kind of OK with at most margins.
[Patrick notes: A pervasive issue in healthcare insurance, including government-sponsored healthcare insurance, is the principal/agent problem. Never ask the barber if you should get a haircut, the saying goes, but definitionally you’re going to be asking the doctor how much healthcare you should consume. We largely trust doctors to do a bit of a balancing act between their individual incentives, as service industry workers frequently paid by the procedure/test/etc, and as professionals, who should not recommend consumption of services where that would negatively impact health outcomes or otherwise pessimize for the patient’s interest.
We grant an extraordinary amount of leeway here and presumption that physicians are all-but immune to incentives. The notion of doing things otherwise is a constant friction in discussions of healthcare economics: patients don’t like when insurance companies say Procedure Disapproved, and when government tries to ration healthcare, that act is described as “[instituting] death panels.”]
Jetson
Well, I'm not sure that everyone understands the relationship between how bad it is and whether or not we should enforce it. So I have some incredible things to say.
So I completely agree with you. There is this spectrum and I see frauds that are obvious frauds where people should be going to prison and the government is doing a lot of work to try to stop that. For example, in the last few years, there's been this rise in genetic testing fraud – I'll tell you about it.
Medicare started paying for genetic tests for people with cancer risk, but it was supposed to be people who only already had clear indications that this was something that they needed and then it was supposed to be something that the government spent a little bit of money on.
It turns out that nobody was really checking on eligibility, so you had these very sophisticated criminals basically going door-to-door asking for people's Medicare numbers and pretending to order genetic tests that in many cases were not even performed. So that makes it a clear fraud because they're billing for something that didn't happen. It's not really about necessity. The most recent reports from the Office of the Inspector General, from Health and Human Services and the Government Accountability Office, indicate that there was something like more than a billion dollars lost to that type of fraud alone – just in the last few years. [Patrick notes: $463 million to a single perpetrator!]
So there are these clear frauds, but then you're talking about the ones that are like, “Why are we making this illegal?”
Hospice fraud; potentially saved money
So I want to tell you a story about a paper I wrote that is so relevant to this space.
The paper actually is (just as of this morning) forthcoming at the American Economic Review, which is the, kind of, top econ journal – you can go read it if you're interested in this. This paper is called Dying or Lying: For-Profit Hospices and End-of-Life Care, and it's about fraud in the hospice industry. This is joint work with John Gruber from the MIT economics department (who you might know because he was one of the architects of the Affordable Care Act) as well as our PhD student, Theo Caputi, and our colleague at Emory, David Howard.
So we have this paper, and it's about fraud in the hospice industry.
Patrick
So just for the benefit of people who might not have had an inevitable unfortunate life experience yet: eventually people dear to you and you yourself will pass away. (At least it seems inevitable on current technological progress trends. Who knows in 60 years, but…)
People pass away. Their last couple of months are kind of rough. Hospices are a specialized medical institution where someone who has decided that their priority is no longer life extension but rather having a dignified and as pain-free as possible last few weeks to months, can essentially check into the hospice for full-time care and then pass on to the hereafter in a dignified fashion.
Some of these are for-profit businesses in the United States, and that tees us up for discussion of their incentives.
Jetson
That's right. So for-profit hospice is a super interesting market because historically we think about this as a kind of simple, church kind of palliative care: someone comes, fluffs your pillows, gives you some pain medication.
And that is historically what it was. But beginning in 1999 or so, we saw an introduction of for-profit hospices starting to dominate this industry; over the last 25 years, the number of for-profit hospices has quadrupled. And what's happening is they're increasingly taking patients who it's not clear that these are who we thought hospice was for. In particular, there's been a big rise in Alzheimer's and dementia patients going to hospice.
Now, the way hospice qualification works is you have to have a doctor sign off and say, “You're going to die within six months.” But doctors don't really know when you're going to die. And so that laxity, that uncertainty was potentially exploited by these for-profit companies who took a lot of patients who didn't die fast enough.
This was deemed fraud by the federal government, and there were 163 federal civil lawsuits going after these hospice companies for money. We actually conducted a Freedom of Information Act request against the Department of Justice. We have a database of all these lawsuits.
Patrick
And so for these patients, brief biographical sketches – this is a real person. They are advanced in age and dealing with severe medical issues. But the severe medical issues are not the kind which a doctor would say, “This will likely kill you in six months,” which is this arbitrary boundary that we've established by law. They're simply diseases which greatly impair the person and require them to have care.
These people are effectively getting a nursing home-like experience that could continue for an arbitrary number of years under the heading of ‘hospice care,’ which we assume by law will typically terminate with the passing of the patient in less than six months.
Jetson
So that's correct, except for just one small institutional detail, which is actually hospice comes to you. These are not nursing homes. These are actually visitors that come to wherever you already live.
Now, you might live at a nursing home. Medicare does not pay for long-term care; Medicare does not pay for nursing homes. So we're talking about the Medicare program, visiting people wherever they happen to already be living, basically as a substitute for all the doctors and surgeries and medical devices and pharmaceuticals that we might otherwise give them.
OK, so we write this paper. What do we find? Actually, it turns out that this big fraud that everyone's been so concerned about, which is taking these long staying patients, saves the government money.
Now, why is that? It turns out that even though hospice patients are spending $10,000, $20,000 on hospice over these months, it's still cheaper to do it that way than to have them go to the hospital, then go to a rehab facility, then for them to receive pharmaceuticals, et cetera. And so we show in the paper, quite convincingly, that these patients, the ones who are uncertain – these dementia patients don't really know whether they're going to die within six months – going to hospice saves a ton of money, and it appears to improve their quality of life.
It does make them die a little faster because they're going to give up curative treatment – that is the same thing as saying we can keep you alive for longer by doing the more invasive stuff – but the government still prosecuted this as fraud and they still to this day think about it as a fraud because they say, “Look, the rules are six months, you've taken all these patients who aren't dying – you broke the rules.” And here we are as the economists going, “But it saved you money!”
[Patrick notes: To explicitly call out one thing which might pass subtextually: one thing the federal government is compensating the hospice’s sales reps for is convincing patients and families to focus on palliative care, which can be provided relatively cheaply by the less-credentialed side of the healthcare profession, versus e.g. hospital care, which can easily hit $10k a day, principally because it necessarily involves extremely expensive professionals.
Should we be happy with that? Is it death panels by another name? Punting on those questions; back to the fraud.]
Patrick
So on the upshot, patients and their caregivers appear to be happier; they have received less expensive care because they're not seeing the most expensive professionals in the medical institutions – doctors, surgeons, et cetera – but rather getting this palliative care that is descriptively done by home health aides who bill at one-tenth the rate that a doctor does.
We gave the institutions that employed those home health aides billions upon billions of dollars improperly under some set of rules – but this might have been for the best, according to your research.
Jetson
Another way of thinking about that is, “Fraud is fraud not because of what an economist would call efficiency concerns – it's not fraud because it's bad. It's fraud because it breaks a rule.”
And so there are frauds that are bad because the rules have been set up well. But there are frauds that are, in this case, efficient because we think that the rules were set up poorly.
What's interesting is that when you think about the incentives of the enforcement agencies – that is, the Department of Justice and the Office of the Inspector General, et cetera – their job is to enforce the rules, not necessarily to be lenient just because it saved a bunch of money. [Patrick notes: Previously, on Complex Systems, Dave Guarino and Dave Kasten both touched on this. ]
Patrick
Yep. And this is an important distinction between what our institutions believe fraud is, and what us lay individuals in civil society might believe fraud is – where fraud is when you lie for the purpose of extracting advantage in a way which confounds our moral intuitions.
There very well might have been a strategic lie here, in that the institutions at issue are capable of counting, and can realize after two to three years of running this business model that the median patient stay time is grossly more than six months – and continue running the business model. That is a strategic decision to defraud, but perhaps that does not compromise our moral intuitions, particularly when you can literally point at thousands of people who will say, “This is much better than my life three months ago, where I was paying out of my own pocket for care, which my doctors told me while ordering it, ‘Look, this is a reach, you need to put your affairs in order.’”
I think talking about fraud in general is difficult because it is difficult to have hard conversations about moral intuitions, and so we pretend we're not doing it. This particular one is difficult to talk about because we're having hard conversations about our moral intuitions – about a greatly uncomfortable topic.
You've had multiple goes at attempting to have conversations with the government over the years, and you've mentioned in prior conversations with me some impedance mismatches in getting them to adopt better methods for identifying fraud.
Do you want to talk about some of those impedance mismatches?
Jetson
Absolutely.
So, I don't want to be the guy that's on here that says that healthcare fraud isn't a problem. The case of hospice is special; hospice is special because it's a technology where, maybe breaking the rules to grease the wheels a little bit – that's the way we talk about it in, like, a corruption framework – greasing the wheels is sometimes a good idea.
[Patrick notes: My father by turns entertained and horrified me growing up with tales of load-bearing corruption in Chicago, including the soft kind of lobbying to achieve an outcome faster than default and the “pass a city worker $20 so they actually do their job.” It is a difficult collective action problem: we’d prefer the clocklike efficiency of Tokyo but given a system which doesn’t default to that, perhaps $20 to shave weeks off a construction project is efficient. But we also don’t want to have the second order effects of this, where every project is delayed to the very point of killing it or beyond, because people in positions of authority realize they can confiscate all economic surplus. Chicago is very far from that margin, thankfully. (Skeptical? Can you point to non-government-affiliated wealth? Easily, right.) There are some cities in the world which… are not very far from that margin.]
Jetson
But usually it's not, and healthcare fraud writ large is actually a very expensive and pernicious problem. Hospice is at the far end of the spectrum, maybe it was kind of a good thing – I'd say that, in almost all of the cases that we can think of, healthcare fraud is a real problem. It's costing the government a ton of money and the government has been largely unsuccessful at completely stamping it out for years.
Now the government does great work, and I speak regularly with colleagues at the Department of Justice, at the Office of the Inspector General, at Medicaid fraud units in different states in the country and they're fantastic professionals – but they are underfunded. One of the reasons they're underfunded is that when we think about fraud prevention as a government problem, largely the people responsible for creating budgets see this as a cost center.
They say, “Fraud prevention? This just costs us money,” and it's hard for them to think about how much money is saved. So they think about these programs as really a liability, and they think about this just as another paperwork burden. They don't understand that the amount of money that we save because of good policy is massive.
Maybe it was a strategic error on my part to start with the only fraud I've ever seen that wasn't actually a big problem; largely they are!
A $10 billion asterisk: ambulances for dialysis patients
So let's talk a little bit about detection, and let's talk about the ambulance market.
Patrick
Awesome. Tell me about the ambulance market.
Jetson
So ambulances are an area where there's been a lot of different types of fraud for years, and I think one of the reasons is it's pretty easy to get into the ambulance business. If you and I right now wanted to go and open a hospital, that'd be pretty hard. The reason is that we need a lot of licensure, physical space, expensive equipment – I don't know what an MRI machine costs, but it ain't cheap. [Patrick notes: Ballpark it at a million dollars; it’s (notoriously) one of the most expensive machines which we deploy that widely.]
In contrast, you can start an ambulance company for about $15,000. You can buy a used ambulance on an auction website online for about that price, and [then you just need] two employees: one of whom is an EMT – they charge 20 bucks an hour – and one of whom has first aid certification and can drive.
So this is a very low-overhead business to get into, and because it's a low-overhead business to get into, it's an area that has historically been really ripe with fraud.
Patrick
There's also a somewhat uncomfortable dimension about socioeconomic class here, which I feel obligated to verbalize explicitly: The sort of entrepreneurs who go into providing medical services via ambulances are closer in character to the sort of entrepreneurs who open up roofing companies – very similar capital structure, very similar personnel actually doing the work – and we see vastly different crime rates in different subpopulations.
As Sam Bankman-Fried and many, many others who are currently guests of the United States federal government have shown that there is no social class that doesn't commit fraud – but the realized incidence of it in industries that are closer to society's socioeconomic margins is higher than in industries that are not.
I will get off my class soapbox for a moment and return the flow to you.
Jetson
No, I think that's a good point.
So I'm gonna take you to a distant star and a distant galaxy of Medicare – one that people don't think about – which is ambulance transportation for dialysis patients.
For those who are unaware, if your kidneys no longer function, the best thing you can get is a kidney transplant – but those are hard to come by, and so many Americans are on what's called dialysis. Dialysis is basically, you go and they filter your blood in the way that the kidneys would, but you have to get hooked up to a machine for about three hours, three times a week.
And the US government actually spends 1% of the federal budget on the dialysis program. Did you know that statistic, Patrick?
Patrick
I actually did know that statistic–I was about to ask you if it's true or not, because that sounds like a mind-boggling amount of money to me.
Jetson
It's a mind boggling amount of money. To be clear, this is not 1% of healthcare. This is, “1% of the federal budget is the dialysis program.” And this is not that many people – I think at any given time, there are fewer than 1 million people in the United States on dialysis.
Patrick
And so, fingers to the wind, we're spending more on this than the combination of aircraft carriers and nuclear weapons combined.
Jetson
I will trust you on those statistics. I'm not a defense expert.
Patrick
I will update the transcript if I was wrong with my finger to the wind estimate.
[Patrick notes: Aircraft carriers, about $10 billion a year. Nuclear weapons, about $50 billion a year. 1% of the federal budget is about $68 billion. And so, don’t exactly treat this as a high-finance exercise, but I think I get a cookie for good seat-of-my-pants estimation.]
Okay, so we spend a lot of money on dialysis. How does this show up in our ambulance spending?
Jetson
The federal government doesn't pay for regular transportation for these people. So if you need to go to this dialysis clinic three times a week, you're on your own, you gotta get there.
People who are on dialysis are largely those who have, for various life circumstances, lost and/or destroyed their kidneys. Many of these people are of lower socioeconomic status, there's a high incidence of previous drug users – these are poor people. Many of these people are gonna have to take the bus or the train or try to live near one of these centers or ask someone for a ride. Transportation is hard.
But we have decided that it's not part of the program… except, in what was supposed to be a little asterisk, if you need an ambulance for medical reasons – if you're on an oxygen tank or if you're bedridden, and the only safe way (the legal standard is actually “no other safe way to travel”) that you can get to and from your dialysis appointment is by ambulance, the federal government says, “Okay, we'll pay for it.” And boy, did they pay for it.
They set the rates at $250 or so for a one-way ride. Now, this is $250 each way – round-trip ride is $500, three times a week, that's $1,500 a week, potentially for the rest of the person's life. That is an extremely lucrative fraud.
So I ended up writing a paper about this and the policy solutions used to correct it. It's called Ambulance Taxis. This is joint work with Jimmy Roberts and Ryan McDevitt at Duke, their former student, Paul Ellison, who's at the University of Utah, as well as Riley Lee, who was at Duke and now is at the University of Illinois – I feel obligated to shout out my fantastic co-authors, go read their papers!
These folks and I, we did a lot of work to try to understand the fraud and understand the policy. The first thing we found out is that the US government spent $7.7 billion, with a B, on dialysis ambulance transportation between 2003 and 2017, which is our sample window.
We collected data from the US Renal Data System, which is basically all the dialysis patient data, and we found nearly $8 billion of just ambulances. This was supposed to be a random, “you just got out of the hospital and you need a one-way ride one time,” and it ended up being that organized crime got involved. There was a small loophole, because nobody was checking whether or not the patient actually needed this. And they drove a truck through that.
Patrick
When people hear organized crime, they often think, you know, the classic mafia, et cetera – and possibly this was the actual mafia – but there's an interesting spectrum of threat actors here (that's the word we would say in industry). Have you done much ethnographic work on, like, “When it is organized crime, are those the folks that we typically think of when that phrase is brought up? Is this like street gangs? Is this actors in, I don't know, Eastern Europe, that perpetuate a very large portion of all financial fraud?”
Jetson
So it wasn't offshore, because these were physically-housed ambulance companies. It started in, we think, the Eastern District of Pennsylvania, near the Philadelphia area, but quickly propagated throughout the country.
It appears that there was some connection to Eastern European crime communities, but those operating in the United States, although we don't know too many details. There's some public information on these cases through the court system. I shouldn't opine too much.
Complexities of fraud detection and prevention
So here's what we did. The question for us is like, “Why was this so-obvious fraud so easy to perpetrate? Why did these organized crime syndicates extract these billions of dollars from the US system?”
One of the things we found is that the US tried to stop this in its normal way, which is, “Okay, we're going to pay the bills, but then if someone has committed fraud, we're just going to go after them” – what we call ‘pay and chase.’ Pay and chase is the kind of most canonical way that we deal with fraud in the United States: Spend the money, we can go after people afterwards.
And the issue is that, while Pay and Chase is a great system against hospitals – because if I go after a hospital for a million or $10 million or a $100 million settlement, no hospital's closing for a $10 million settlement. They just have to pay it; they have physical capital, you can go after them.
It's really hard to go after an ambulance company.
Patrick
This is related to the model that we use in tax collection, where we assume a long-time relationship with every taxpayer and that you are – in the great majority of cases – you and your assets are under the physical control of the government for an arbitrarily long time in the future. If you stiff Uncle Sam for $6,000, $600,000, or $60 million this year, Uncle Sam is annoyed by that, but someone will get around to it in the ordinary course – and if that happens in 2030, well, that's still within our acceptable windows, and given that you had that much money at one point, you probably have attachable assets so you're probably good for it.
But this works much less well when you're working with organized actors that can shuffle through… in industry we often see something called “synthetic identities.” [Patrick notes: I could give you the orthodox definition, but I prefer the one from Shawshank Redemption: “He’s a phantom. An apparition. Second cousin to Harvey the Rabbit. I conjured him out of thin air. He doesn’t exist.”]
You know, opening up companies which are real companies – you can ask your state of residence, State of Illinois, “Does this LLC exist?” and it will say, “Yes, there is absolutely a paper record of this LLC.” But the company is exactly as real as that paper record, and there will be a new LLC with a new nondescriptive name made six blocks away several months from now.
I don't say that as an indictment of the 50 states and their policies with regards to quickly allowing you to establish LLCs. That's an important technology for the United States of America. (Disclaimer: I've been responsible for causing more than a few LLCs in my life.) But this creates a fundamentally different substrate of actors than, say, the tax system does, and our government does not necessarily interact with that substrate optimally.
Jetson
The LL in LLC stands for “limited liability.” And that's one of the things we came to as one of the problems here: when the government does finally realize that some ambulance company in Camden, New Jersey or in Philly is committing this type of fraud and they go after them, they're a limited liability company. So when it comes to physical capital, they can go after the company, they can go after the ambulance, there's $10k back – that's like a week's worth of rides at most. Then for the other $25 million that a company stole, they're really hard to collect against. The federal government used three policy levers to try to attack this.
The first is they did these civil lawsuits we talked about, and my research shows that those were basically ineffective because at the end of the day, going after the money, you can't go after money that isn't there.
They used criminal investigations. We found that when criminal investigations come into an area, there was a 20% reduction in the behavior – but that's not enough.
Finally the government said, “enough is enough,” and they instituted a pre-payment review – in medicine it’s called “prior authorization.” Now, instead of just being able to go get the ambulance ride, you need a licensed physician to sign off on the fact that you are in fact bedridden and you are unable to get in a taxi that you pay for yourself or get on the subway – that you need an ambulance or you're going to die. Once we instituted that burden, we see a 67% immediate and persistent reduction in ambulance spending in the treated areas, relative to the control areas, that's persistent. So we estimated that if the government had rolled out prior authorization five, ten years earlier, they would have saved a few billion more dollars.
Patrick
So about what prevalence of dialysis patients in, I don't know, Philadelphia or any other area you examined were taking, or causing to be billed, ambulance rides.
Jetson
That's a great question. I don't think I know it as a share of the population. I can tell you what we spent per fraudulent patient, which is – we did the math on this in Philly, I love this story – looking at every dialysis patient that did ride in an ambulance in the Philly region, it would have been cheaper if we had bought them each an Audi, garaged it and paid for gas and inspections and registration for like 10 years per patient, than to do it through this ambulance fraud.
Patrick
Yeah, in many cases, we have different margins we could approach as the government, where we've decided due to complex moral intuitions of the polity of the United States that we do not countenance paying $15 for older or disabled people to take a Lyft to a medical facility that they will have to visit three times a week for the rest of their lives – but it is very possible that simply being more generous to all patients would have saved money, versus spending $6,000 a month per patient for a fraudulent subset.
[Patrick notes: Chicago has a program which partially covers for this use case, incidentally, via heavily subsidizing taxi rides. I was pleasantly surprised when I learned about it, from a family member who needs routine medical care and has mobility challenges.]
Jetson
So one thing that I think is that in order to have a functioning public benefits program of any form, you're going to have to draw the line at some things. And one of the issues in medicine is that the set of medical services that the United States covers and can provide is really huge – we're talking about, when I worked in claims data, there were thousands of billing codes and tens of thousands of diagnosis and procedure codes – and writing rules grows in complexity with the number of things it has to cover.
So we get this paperwork from the government that says, “We will pay for this particular type of test that your doctor can do, but only if you have one of these combinations of different symptoms that are also really complicated, et cetera.” When we think about the system, the system has rules and we can step back and say, “Well, should those rules be different? Maybe we should pay for transportation.”
And potentially that's the answer, but given that the rules exist, it is of the United States's interest to make sure that the, you know, crime syndicates don't drive a truck through any existing loopholes. It's hard because we do want to be able to both, we want to walk the line. We want to both be able to provide care for people who really need it and make that easy, and also to set boundaries on people that we think, “Look, we either can't afford it, or that's just not something that we pay for” – because it can't be infinite.
Patrick
Right. And I think there is a political economy question here. I have my own moral intuitions on where we should draw some of these boundaries, but speaking descriptively, the polity that is the United States of America has an extremely negative reaction to being made fools of. There are specific ways in which you can be made a fool of that we have an even more negative reaction to than ground truth might suggest is rational.
And like the specific symptom: that there are criminal actors operating in a geopolitical adversary of the United States who have taken not just a payments company, not just a private citizen, but the government directly, for a lot of money, causes a reaction.
The good case for the reaction is like, “We stop shipping several billions of dollars to state-affiliated criminals in Russia.” (Oh, I should disclaim that sentence – that's a thing you're not supposed to say, which is a true thing. Let me digress from a digression here.)
[Patrick notes: This topic deserves an essay and it is a difficult one to write, for social reasons.
Basically, in the human capital supply chain, fraudsters in Russia (and some companies in its sphere of influence) are downstream of the FSB, in the same fashion that many (legitimate) Israeli tech companies are downstream of Unit 8200. This causes fraudsters to be in a dense network with currently serving intelligence and military employees. Russia, as a policy matter, tolerates some… ambiguity here, partially to use private citizen actors as a reserve army for cyberwar, and partially to have plausible deniability for acts of the state (“Dang, patriotic cyberactivists must have hacked you! A pity we can’t find them, except for sending pension checks!”).
Occasionally the frauds are committed directly by currently serving government officials: see, for example, the decade-ago compromise of Yahoo.]
The moral intuitions of the polity of the United States are complicated. There was an actor within capitalism, Citibank, which detected a large fraud ring operating in a particular location, I believe it was in California. This community of criminal actors overlapped with a local ethnic population – in that case the Albanians – and Citibank documented in writing that they were extremely annoyed at their loss rate within this criminal community, but referred to them as ‘the Albanians.’ In doing so, that crossed the United States’, our intuition about what a bank is morally allowed to say, and Citibank ended up with an, I believe eight or nine figure settlement as a result of that action. [Patrick notes: $26 million.]
One of the tough things for government investigators and for private industry in interdicting this fraud is like, descriptively speaking, you know there are ex-KGB/FSB officers operating in Moscow who are attempting to take the United States government for a lot of money right now. You have to be aware of that fact, and you have to be able to say it to each other, including saying it to each other in places that are like available for open records requests. But you also can't use the wrong words in describing it. It became easier to say those words after the United States and Russia became more politically indisposed to each other due to the war in Ukraine… I'm getting very off topic at the moment.
Returning us to the discussion of complex intuitions: when we are taken by actors that embarrass us, that results in a political reaction, often a bit of an overreaction, which results in increased levels of bureaucracy and compliance that often hit actors that we did not intend to hit.
I can give a concrete example of that: a result of Russia invading Ukraine was that Ukraine lost territorial control of some portion of its territory, which had some mechanical consequences in the US banking system.
One is that, since Ukraine did not have full territorial control, the relevant regulators told the banking system, “People who reside in areas that are not currently under the control of the Ukrainian government are at an elevated risk for committing certain forms of money laundering on the behalf of geopolitical adversaries of the United States. You are a de facto policy arm of the United States government, and you will conduct enhanced due diligence on people who are in areas of Ukraine that are currently not controlled by the Ukrainian government.”
What the American financial industry heard in this was, “Do we have anyone here who is a defense expert with regards to which village is under control of Russia this week? No. Do we do a lot of business in Ukraine on a typical Tuesday? Not that much. Great, we are kicking out all Ukrainians or anyone with a Ukrainian passport because we simply don't have machinery in place to sift out who is a perfectly legitimate client getting perfectly legitimate services and perhaps even residing in the United States or Germany or similar, versus someone who might currently be a proxy for enemies of the United States.”
No actor making that decision said, “Yeah, today's my day to get into the office and consequence innocent Ukrainian software entrepreneurs.” But that happened, as a result of these institutional incentives.
So getting off my soapbox.
Jetson
Hmm.
No, that's very interesting. I think that to be clear, obviously there are both domestic fraudsters as well as foreign-sponsored fraudsters when it comes to federal program fraud; it's hard to know largely because we deal with a lot of this on an ad-hoc basis.
What you just discussed was sort of a Know Your Client-style regulation. What's really surprising when it comes to federal programs is we do not have the same level of Know Your Client-style regulation – So Know Your Client would basically be, you can't just walk into a bank these days, hand them a $5,000 watt of cash and say, “Put this in an account under John Doe.” They will not let you do it. There are requirements that you identify yourself in the banking system. This generally developed its stringency, as I understand, after 9/11 due to anti-money laundering and terrorism – is that a fair assessment?
Patrick
I would say that we've had these regulations since the late 70s, early 80s, and that there was a revision, tweaks of the dials, in response to the Patriot Act, 9/11, and various national security concerns, particularly around anti-terrorist financing, which is slightly different than anti-money laundering. [Patrick notes: I’ve written extensively about this topic at Bits about Money. The Bank Secrecy Act, which was the first modern formalization of much of this, dates to 1970; it percolated internationally by about a decade later. That percolation was an active process.]
An important distinction that is made for the financial industry is that there's a certain amount of money laundering that is acceptable to the United States of America – just have a program in place to manage it – but the amount of terrorist financing that is acceptable to the United States of America is zero dollars and zero cents, and so the same individuals operating very similar programs need to keep that distinction in mind, which has interesting implications within the financial industry.
[Patrick notes: This is one reason compliance officers winced when they read that Binance had a) funded Hamas and then b) wrote down the sentence “Can barely buy an AK47 with 600 bucks.” when reviewing the transaction. The outcome was predictable.]
Jetson
So it's easier to open, I think, a new home health agency or a new ambulance company or one of these federal program providers, than it is just to get a bank account.
Patrick
Yep, is drastically easier to open a company than it is to get a bank account for your own physical self, or even get a bank account for that for that company because each of the 50 states gets its authority to have the legislators set the requirements for how much information you need to give them to create a company.
Many of those states have decided “It's not really that much information at all, and we will do no checking on it.” Some states have decided that, you know, they have a difference of opinion with regards to certain actors within the United States government on how important privacy is, and they will be a privacy-maximizing state.
Wyoming is notorious for this. The state of Wyoming will intentionally let you say less to them and do less checking. Under the Constitution, Wyoming LLCs are granted full faith and credit by every other state in the nation; a state whose legislature has decided “Our LLCs need to be a little more KYC’d than the national standard, because that is the opinion of the citizenry of Illinois,” cannot, under the Constitution of the United States, treat a Wyoming LLC – which they know to be less KYC’d than their prevailing standards – as anything other than a fully equal member of the local community. [Patrick notes: They’re allowed to require you to go through foreign qualification, but this is a box ticking exercise (and a tickytack registration fee).]
Jetson
Yes. So one thing that's hard is when this comes to healthcare fraud or other frauds against public programs, we see nefarious actors not just do it, but then close and reopen as soon as they face accountability.
There was a kind of notorious case with this ambulance fraud I was telling you about in Philly, where I think the mother got busted running an ambulance company and three years later they found her son had opened another company with all the same people. It's hard to imagine how easy it is to become a payee of the government in some of these programs – and this has really negative consequences for public expenditure fraud, and ultimately for the health of the programs and their ability to pay for the things we want to pay for, when the money's being diverted.
And that takes me in some sense to talking about the pandemic.
Pandemic fraud
Patrick
Man, so many thoughts about the pandemic, but I was busy doing other projects on it, mostly not focused on fraud in it.
Okay, there is an intersection here. I worked a lot on vaccine availability during the pandemic. Doses – intended for other people, due to a complex calculation of the moral intuitions of the United States, – were notoriously diverted to people in positions of authority, friends of FBI agents, donors to hospitals, and similar in December of 2020 and January of 2021.
As a result of that, the blowback was so bad that Governor Newsom got on camera in California and said, “If you, a doctor, go against our tiering list, I will not merely fine you. I will aggressively go after your license and attempt to maximize the reputational impacts to you and your institution and reject your capability to do any business at all in the state of California in the medical field.” As a result of this, pharmacies who had 0.0001%, yada yada, of their business being COVID vaccines, and a lot being the routine provision of medical care, institutionally were unwilling to make rational medical decisions about the provision of medical care to people seeking the COVID vaccine because it was literally illegal to do so.
[Patrick notes: Quoting from the transcript to be fair to Newsom, and note that ‘skipping the line’ meant enabling line skipping because physicians were earliest in line:
“I just want to make this crystal clear. If you skip the line or you intend to skip the line, you will be sanctioned, you will lose your license. You will not only lose your license. We will be very aggressive in terms of highlighting the reputational impacts as well. We are going to be aggressive here.”]
Jetson
Yeah, I've heard stories, like they would have a little extra vaccine and then they’d just throw it away because they couldn't give it to someone who wasn't on the tier – is that true?
Patrick
That definitely happened in the world.
I ran an institution that was calling pharmacies across the state of California every day. We had any number of conversations with pharmacists who said, “Yes, I have three doses in a vial. Yes, they will expire in four hours. In principle, I'm willing to inject them into any eligible patient. However, my chain has made the decision to not keep a list of people to call at the end of the day as a business decision, and I need this job. So I'm very sorry, but if you know anyone and they can come in with an application through the county portal in the next four hours, I will absolutely inject them.” And we had that conversation, or ones which rhymed with it, hundreds of times. [Patrick notes: VaccinateCA did tens of thousands of phone calls to pharmacists, in addition to many other techniques for finding vaccine doses and eligibility criteria.]
So another thing happening during COVID was there was a great deal of money sprayed over the United States to deal with the socioeconomic consequences of the worst disaster that has happened in our lifetimes. And much of that money was stolen.
Findings on PPP loans fraud
Jetson
That's right. And I want to point everyone at a great paper that I did not write. It's by John Griffin and co-authors at the University of Texas. And this is a paper in the Journal of Finance that's on PPP loan fraud: Did FinTech Lenders Facilitate PPP Fraud?. He went and he looked at the PPP loans and he looked for companies that have some red flags, including, I think, things like ‘didn't exist before the pandemic’ –
Patrick
So as a brief aside for people who did not run a small business in 2020 or 2021, PPP, the Payment Protection Program, was a generous subsidy program instituted by the United States government, which we don't allow ourselves to call a subsidy program.
What the government said was, if you currently employ people and can't continue paying their wages during the pandemic, we will loan you money so that you can continue paying their wages to protect those paychecks.
Then in a while, after life gets back to normal, you will tell us that you did this and we will forgive the loan. And people said, “Is this free money?” “No, no, no, it's not free money – this is a loan from the government to you, and if you continue to pay the wages you will not have to pay a penny on this – you know, as long as you're as long as you're compliant, it's fine. This is absolutely not free money.” Wink wink wink wink wink.
Oh man, I've got many opinions on PPP, but let's talk about this wonderful paper first.
Jetson
Yeah, so Griffin and his co-authors find that there's a huge amount of the PPP money that went towards what appeared to be completely fictional companies – no presence before the pandemic. (They had data on the number of employees that they claimed… something about the number of employees that got you more money.)
So my co-authors and I decided to do a follow-up study on the unemployment insurance expansion. If you were not a small business during the COVID pandemic and instead you were an employed individual, we started offering individuals money through unemployment insurance systems.
In the United States, if you are formally employed through some company, generally you have some unemployment insurance protection, which means that if you get laid off, you file for unemployment, it goes through the state, your company pays some share, your taxes have paid some share (that you've already paid for when you're working there), and they'll write you a paycheck for a certain number of weeks.
We widely expanded this program during the pandemic to cover not just the formerly employed people, but also to increasingly cover people who are in the gig economy through a program called PUA, Pandemic Unemployment Assistance.
We made unemployment very widely available, and this has largely been shown through academic research to have been positive for the macrofinancial United States. I mean, it's pretty amazing that we popped right back out of COVID – and not only that, have caught up in terms of GDP growth to the trajectory of what we were before. If you look at the GDP chart, have you seen this, Patrick? It's like basically we're on the same, we're above where we would have been in just a simple projection from before the pandemic.
Patrick
We were living in a terrible world relative to the one that we were living in directly before the pandemic happened. If we had a magic wand, we would all choose to not have gone down those years. But when you look back at what informed people were thinking were possible futures for us in early 2020, we are in one of the best of those possible futures. You can see this in GDP growth statistics, you can see this in places like, processing volume for Internet businesses went up.
There’s a great line from the Hobbit, “‘Tis is an ill wind that blows no one good”: the redirection of economic activity from offline businesses to online businesses was greatly accelerative of some delivery services, groceries, online operations, and similar.
We're going to talk about tens of billions, potentially hundreds of billions of dollars that were diverted – but the people of the United States acting through their political representatives had a legitimate desire that the economic impact of COVID be as muted as possible, essentially, and for essentially the first time in United States political economic history, the legislators said, “Blank check, fix the problem by any means necessary. Do not prioritize reducing waste. Do not prioritize anti-fraud as much as the typical year. The economy cannot crash; figure it out.”
And then… (Patrick gestures like “there you go”).
Jetson
That's right. Again, taking your point from before, many of the actors in this space are sophisticated – and in their sophistication, they know a good deal when they see it. When the government decides that they're going to write a blank check to anyone who comes with their hand out, that's a risk for fraud.
During the expansion of unemployment insurance, the primary fraud we saw was basically an advanced form of identity theft – what you would do is you'd go and you'd buy a social security number on the dark web.
I don't know as much about this, I think, as you do, Patrick – how easy is it to buy a social security number on the dark web?
Patrick
Like, literally a high school student can accomplish this and it's perhaps not the most academically-oriented high school student in their class.
There is, by the way, a thriving genre on TikTok and other social media platforms of PPP loan-related jingles – again, there's a spectrum of actors, a spectrum of sophistication. Some of these people do fraud because it is their job. Some of them are very literally classmates to your children who were inspired by TikTok to, “Hey, press this button, get free money, what's not to like?” And it's slightly more advanced than pressing one button, but within the capabilities of someone who could successfully reinstall Windows.
[Patrick notes: Rapping about EDD fraud has given rise to memorable bars like “I’m smart and you ain’t.” though you will have to wait to hear it sung in concert.]
Jetson
And Griffin and his team actually have a follow-up paper on how PPP loan fraud spread through social media, go check that out – the figures in that paper are basically screenshots of telegram groups and Facebook groups called, like, “Commit Fraud for Fun” or something, it's amazing.
So going back to unemployment though, which is a different program than the PPP – unemployment's at the individual level, not at the business level; unemployment existed before the pandemic and it exists to this day. It's run by the states, generally by the State Department of Labor.
You may not know this, but your State Department of Labor is not the most technologically sophisticated organization in the country. And so they were tasked with getting a lot of money out the door really fast, and they succeeded along that front. But to do so, they widely compromised their standards for checking that the right money was going to the right person. We have to imagine that just the volume, sheer volume of claims they were getting relative to their historic systems was outstanding.
So I have a paper on this (Unemployment Insurance Fraud in the Debit Card Market) with Jialan Wang at the University of Illinois and two great PhD students, Umang Khetan at the University of Iowa and Yunrong Zhou at Purdue. We got this fantastic dataset – it's so cool. We got 1% of all debit card transactions in the country. And a lot of the unemployment money was spent through the debit card rails. And the reason for that is many states would issue prepaid debit cards as a way of getting the money out the door really fast.
So a nefarious actor would apply for these, sometimes on behalf of multiple people at the same time in the same state or in multiple states, get debit cards in the mail, and then they'd go out and take the money out of ATMs generally; now they have cash, they've now skirted the financial system.
We can see it. In our debit card data, we look for cards that are receiving inordinately high amounts of UI and then taking it out in cash, and we find billions of dollars worth of this behavior. Now, we have a small sample, so I should say that if our sample is representative, which we believe it to be, we find billions of dollars worth of this behavior.
Supply chain of fraud
Patrick
So, a very important mental model for people to have is that every human institution worth doing has a supply chain associated with it, and at least some people consider fraud worth doing, and so there's a supply chain associated with fraud. The perhaps-unobserved link here is that, after money gets taken out of an ATM at a convenience store in middle America, it has to get back to the fraudster, who may not physically be located in middle America – and there is a developed economy of people who will mule that money using either compromised identities or their own identities too. For example – there's many, many ways to do this and interdicting them is a game of unending whack-a-mole – but you could take the physical cash down to Western Union, give them your driver's license and say, you know, “Send it out to this person in this other country,” who will then get it one step closer to the money laundering apparatus, and then eventually it ends up in St. Petersburg, or wherever the ultimate destination is.
In some cases that money mule is a professional criminal. In other cases, it is someone who was recruited by something like a “Work-From-Home During The Pandemic Doing Accounts Receivable Processing on Behalf of an International Organization! So what's going to happen is we're going to cause money, you know, debit cards from our customers to arrive at your door. You're going to go out, get the money, keep 10% for yourself, and then wire us 90% through your own bank account, or go down to Western Union, use your own driver's license.”
[Patrick notes: Sometimes money launderers are unaware they’re laundering money because it is presented with different flavor text. Take Eric here: he believes he is buying gift cards to enable a Bitcoin arbitrage. Eric is a money launderer. So was SBF (for Tether, among others), and for many years, I didn’t know whether he understood that that was (what I believed at the time to be the main part of) his business model, or whether he had convinced himself he was just preternaturally good at getting arb opportunities.]
Patrick
Some of these people know that they are committing fraud and that the 10% is their cut for committing the fraud. But it is a policy goal of the United States that we distribute access to bank accounts in the economic system very widely, including to people who do not necessarily listen to podcasts about Medicare fraud for fun, so there exists many millions of people who do not understand that there is anything necessarily hinky in this transaction. And at the point where you have found that Gladys Smith, 65, grandmother of eight, in Normal-Bloomington, has been a conduit for $200,000 of fraud in this fashion, what do you do? [Patrick notes: This is an illustrative fictitious example, he says, perhaps unnecessarily.]
One thing that you could choose is to throw Gladys Smith in prison for the rest of her natural life. But historically, the United States has exercised prosecutorial discretion to not do that for someone who is in exactly that circumstance.
Jetson
Oh man, Patrick, this is great because, you know, going back to my ambulance story, you know, the companies were getting in trouble. What about these patients? The patients were riding in these ambulances, and in many cases they were receiving cash kickbacks, which is illegal. And the reason is, you know, the ambulance transporting the patient to and from the dialysis centers, they still need someone to ride in the ambulance. The patients were happy to have the ride.
Here's what I heard from a source at the Department of Justice: early on in the scheme, the patients were just happy to have a free ride. But then as the fraud grew, there started to be competition among the fraudsters for the patients. So the price rose from, “You get a ride,” to “You get a ride and a cup of coffee and a donut,” to “You get a ride and $20 per ride.” They started compensating the, in this case, Medicare patient to participate in the scheme.
So I asked the Department of Justice friend, “Why didn't you guys go after the patients?”
He said, “Well, these are dialysis patients. First of all, if I could get them in jail, they still need dialysis. There are six federal medical centers, one of them can provide dialysis consistently, so that's bad. But even before I can try to get them in jail, I'm going to, what, bring them up in front of a federal criminal jury? They're going to show up in a wheelchair, and they're going to say, ‘I really needed the ride that day.’ There’s no accountability.”
It's very hard. Like, your 65-year-old grandmother from Normal-Bloomington or whatever, it's very hard to hold individual, sympathetic small actors accountable in big frauds even if they're being used for the system.
Policy and enforcement challenges
Patrick
Yep – also, If one goes at it aggressively, if one does the best research project possible, if one successfully shines a light on our past behaviors, we will occasionally shine a light on things which our society would prefer not to know about itself. Many actors will say, you know, “It is incentive-incompatible for me to find out what will happen if I overturn this rock, and therefore I decide that there are other rocks that are higher on my priority list.” Sometimes that's a reasonable decision in a world with limited resources, and other times, it's a political reality.
Your discussion about free donuts and whatnot is topical in an election year. You're definitely not allowed to pay people to vote for your preferred candidate. You are allowed to give people a ride to the polls. You're not allowed to compensate them for voting.
Are you allowed to give people a donut? What if it develops that in 2024, in an election where candidates are almost certainly to have claims and counterclaims made about respect for the democratic process, that… some donuts were given out? Do you really want to make a count of how many donuts? Do you really want to make a count of where those donuts happened? These are tough issues.
[Patrick notes: Line warming and electioneering are surprisingly nuanced concepts, but when I’m saying “donuts” here, well, I can imagine things far more injurious to American sensibilities than donuts. And while I think U.S. elections are generally pretty surprisingly competently administered, I do worry that the political valence of claims of election fraud might discourage us from continuing competent administration.]
Jetson
Yeah. Super tough.
Going back to unemployment insurance. We see these – what I think are obvious frauds, I mean, we see people receiving thousands of dollars on a single day and later the same day, they're hitting a Bank of America ATM for $1,500, and then they go down the block to a TD ATM for another thousand dollars, and then they go down the block and get another $500 out of the credit union, et cetera, and then the next day somehow they've managed to get more money from the government.
It's fun that this is a Complex Systems podcast, because it's a systems problem. We show that midway through the pandemic, finally we decided, you know, “Maybe we should start identifying people before we give them this money.” Many states contracted with either LexisNexis or ID.me or one of these third party authenticators, where you basically prove who you are, and what we show in our data is that this cut out something like 30% of the cards that were receiving high amounts of money and taking it out as cash. And it's hard to know if the people left were legitimate and they just also liked cash – but in general we see a big treatment effect due to this behavior. And what it goes back to is like, we don't need to wait for a global pandemic and a trillion dollars of extra spending to have a simple verification app before we pay the money.
Patrick
Acting as a voice for some advocates who are in this discussion, the trade off of, “we're going to have a technological system underwrite whether these people are in possession of an ID and can take a selfie” (which is one way to get through ID.me, although there are others) – you are going to reject some people who are within society’s set for a receiving benefits, and they will disproportionately be less educated, they will have lower access to technology, they will be less sophisticated, yada, yada.
But you found when you did the math here that there is this group of people who are, let's say, a suspicious withdrawal pattern, and then there is a different group of people who are not in that pattern, and the treatment affected the suspicious withdrawal pattern but to my understanding did not affect the rest of the world.
Jetson
That's right. One of the things that is heartening, both about our detection method and also about the program, is that it seems like when we roll out ID.me, (without loss of generality, there are a few other vendors) that it seems like it really cuts out the most suspicious behavior, and it doesn't seem like it's that hard to get through for the people that appear to have legitimate purchases. I can see the people who are taking the money and going to the grocery store, and those people are much less affected than the people who only ever take out cash.
This speaks to a lack of investment in the US federal technological system for providing these services. I spoke with the CEO of a major provider of technological services to the government, who said that they had tried to pitch the government on identity verification systems years before the pandemic just to make the unemployment insurance system have less fraud, and they were told, “Sorry, not interested.”
I'm not saying that given the pandemic, we necessarily knew to do things differently – that's a hard call and it's certainly a hard call to make at the time of the pandemic, I wouldn't second-guess anyone who made hard decisions at the time – but certainly there will be crises in the future, and when those crises come and we want to prevent us inadvertently spending trillions of dollars, literally towards our state enemies. The worst part about this is a lot of this money is going to people who are also funding some of the international conflicts that are posing threats to United States security.
If we want to stop that, the investment should be upfront in functional verification through the Medicare program, through the unemployment insurance program, through the paycheck protection program, or through the small business agency that administers those loans. We have to do that now, so that when the next crisis comes around, we're not left with our mouths agape going, “What do we do? How do we spend money safely?”
Patrick
If I can recommend a book for people: Recoding America by Jennifer Pahlka. I do not have an unreserved recommendation for this book, but there is an extensive discussion of state level unemployment programs.
There is a saying in the technology industry to “fail closed,” versus fail open. This is a property of systems. We failed open in the case of pandemic unemployment fraud: we intentionally tried to set it up such that if the system doesn't know what to do, then it would default to paying out. This is not the normal decision. One reason we were not capable of bringing more competence to bear during a time of emergency was the well-founded political pressure to cut through backlogs and similar.
One reason that we had backlogs was that these are not organizations which in a good year would bring the United States's full competence and capabilities to bear. And this is one reason why Recoding America, I have a qualified endorsement of it: there's an individual who is referred to several times in that book who is a senior executive at one of these organizations, and if you replaced that individual with a 16-year-old who has just beaten Factorio, I think the state that they serve would be better served.
I think as people who look at the United States government, and who desire that we should have good things in the world, we occasionally need to be willing to say, you know, “much of the time this is about complex systems interacting with each other, this is about the incentives we set out, this is about the inability of the legislator to write the rules that they really want to enforce – and some of the times there is a person in a chair who needs to be exited from that chair immediately and replaced with someone competent.”
Read the book though – it will really shed some light on why those institutions found themselves so terribly underwater in a time where many people found themselves underwater during the pandemic.
Jetson
And I second that. I actually cite that book in this unemployment insurance paper.
I think Paulka is a fascinating voice. She did a great interview with Ezra Klein, if you guys prefer to listen to it. Paulka was brought in when the healthcare website for the exchange had failed, you guys might remember the healthcare.gov snafu, and she was brought in to try to fix it.
Some number of weeks into this, they said, “Where's the Spanish-language site?” And she's like, “we don't even have a working English site!” And they said, “Well, the contract says we have to have a Spanish site,” and I think she replied, “Do you want two sites that don't work, or one that does?” It's interesting, the nature of government contracts.
Patrick
I have literally had this discussion with people and so I have an immense amount of appreciation for it. I did not even, I did not self-consciously choose the same sentence, but I said that same sentence at one point! If I can give her and Dave Guarino one more shout out, they did a podcast with Bloomberg Odd Lots a few years ago, which is also a good entry point into some of these issues.
Jetson
That's right. So this underinvestment in our technological capabilities for fighting fraud, that's actually up and down the chain. I want to talk a little bit about this.
One of the things I've done a lot in my work is to try to understand the effects of various policies on reducing, eliminating, and deterring fraud. One of the results I find is that often when we do prosecute a fraud, I'm talking about how the fraud persists – actually, despite that, the return on investment for some of these anti-fraud actions is ridiculous.
Every year the Department of Justice will release a report on healthcare fraud and they say, “here's how much we spent, here's how much we got back” – that number is generally four to one. For every dollar we spend on healthcare fraud as a country, we're getting back $4. The point I've been making to the government is, actually what you need to count is the deterrence amount. That's how much money we didn't spend because of those actions. And in various work, I've quantified that amount, and I think that the deterrence numbers are somewhere like 5 or 10x.
It's not that we're spending a dollar and getting back $4. It's actually, I think, spending a dollar and saving more like $25. It's crazy to me to think that despite the fantastic work that is done by the Department of Justice, by the Office of the Inspector General, by the state Medicaid fraud control units, they are horribly underfunded. We do not spend enough money on the Department of Justice. The Department of Justice is staffed by largely career civil servants who are grossly underpaid relative to their private market value, that do it because they believe that the United States needs rule of law, and that if you were to take these people and you were to double their pay and triple how many of them there were, it would pay for itself in terms of what we save in administering law.
Patrick
Yep. I think it's incontrovertible that effective civil servants are underpaid relative to private industry. One of the things that I use is quoting the GS-whatever for technologists against what Google and similar will pay for engineering interns – meaning a college student.
Private industry doesn't hire engineering interns because we urgently need, you know, Google Search re-architected for tomorrow, it's mostly just to take an option on their future employment – and we pay people more for the option on their future employment than the United States pays for among its most specialized, most skilled senior technologists. Which is the decision of the United States polity, which we should reverse.
Jetson
So spending a lot of time talking to attorneys and law enforcement officials who are fighting fraud: there are people that work for the United States government who wake up every morning and try to catch as much fraud as we can. These are smart people, many of whom have Ivy League educations, that are working in very bad quality office buildings. (I don't know if you've ever been to a federal office building, but generally not the nicest places to hang out.) And we are paying them pennies.
Patrick
A thing I've remarked upon before is that no organization that charges people for coffee wants to win. You're fundamentally unserious if you do that. And that is de rigueur up and down the government. In some cases, I think that the dismal nature of the physical spaces that government employees work in is obviously intentional – no physical space has ever happened by accident.
But the reason it is intentional is because we are so worried about the perception of graft and the perception that these people are attached to an iron rice bowl that we won't give anything that looks bad for them on camera. On one hand, I can appreciate that; on the other hand, we want to attract and retain talent – perhaps we can attract and retain talent by not being openly contemptuous of them. Anyhow.
Jetson
I visited the Department of Justice as a PhD student to speak with people about my research and learn, and at the end of the day, I was not allowed to buy them a beer. And I'm like, I'm a PhD student at MIT. I've got no cases before any judge, and I'm here just taking notes. Thank you for meeting with me. And I can't buy you a burrito. It's sad. I mean, it's just the way in which we treat these people, I understand why many of them ultimately will move on to private law.
We don't value them, and the work they do is so impactful. I mean, we're talking about, you bust the big guy, we might scatter 10 other companies that are doing the big frauds, save the government potentially billions of dollars, and then these people are being told basically that their careers aren't valuable to the public. I think it's a real policy mistake. I think it's a failure, like you mentioned.
Patrick
Can I mention one reason why we continue making these policy mistakes? I hate to beat a dead horse, play a broken record, I don't know. (English is not my first language for the last 20 years.)
Our intuitions are complicated. The IRS is routinely said to under-invest in going after under-payers for taxes. One political economy reason why the IRS under-invests in this is that the investment is largely going to target marginal cases on people who have a couple of demographic commonalities to them.
One of those demographic commonalities is, “Do you file a Schedule C or not,” which means do you own a small business such as, I don't know, perhaps it's an LLC that transports patients to dialysis services, or perhaps it's an LLC which sells bingo card creation software over the internet to use the one that I have to file every year. (That LLC still exists and I diligently file a Schedule C every year.)
If the marginal burden of hiring these employees and having them intensify the IRS's efforts with regards to causing audits causes them to move up from, I believe the stat is 0.2% of schedule C's get examined for an audit to like, “What's the right number for society? Maybe it's 2%.” Then, you know, 2% of all small business owners in the United States have an uncomfortable conversation in the coming year, and of that 2%, many of them are perfectly legitimate people doing perfectly legitimate things. They are going to call their congressmen and complain like, “Why is the IRS being such a bastard to legitimate small businesses like us?”
And small business owners have political power in the United States, and there is a political party which considers itself extremely aligned with their interests. When that political party here is like, “increase enforcement efforts,” the thing that they say internally is, “A constituency group for ours is going to be impacted very negatively by this. We are not in favor of tax fraud, no one is in favor of tax fraud, but we're also not in favor of an organized constituency for us being negatively consequenced, and so we would like the margin drawn here versus here.”
Jetson
I think that's right. So two pieces. The first is, when we increase detection and enforcement efforts on potential fraud, we're going to potentially cause delays or administrative hassles for the legitimate people – and we're very sensitive to that, as we should be. One of the things I do in a lot of my work is I try to measure those costs. So for the example of ID.me, we show that even if we paid everyone $30 an hour for half an hour to fill out ID.me, which doesn't take that long, that it still saved the government tons of money to implement it.
So I'm sensitive to this idea – we don't want to make the system so hassleful that it's hard to be legitimate. I think in the case of the tax collection, maybe there are some political differences as well as to whether tax collection itself per se is a good thing or a bad thing. But I think that there's very little debate that we want a healthcare system that isn't rife with companies committing fraud.
It's one of the few things left. I feel like we can have actual political agreement across the aisle on – like, stealing government money, and particularly organized crime syndicates based outside of the United States stealing government money, is bad. That is not politically contentious. What's hard is that it's difficult for the government to do three things.
One of the things we're doing a bad job of is using data to both detect it and to measure it. A lot of this goes back to the way we pay for it. When we talk about using somewhat underpaid DOJ attorneys, it's very hard for them to get a good data analyst. I mean, if we can't pay the attorney salaries, imagine what we're paying the data analyst salaries. Generally, we're under-invested in people who do data work for the government overall, writ large.
The second is that because we're not using data well, we're also not quantifying the effects. We think about, “I ran this lawsuit, I got a judgment for a million dollars.” That's how they see the money. And I'm saying, “no, you guys saved $5 million from people who stopped committing fraud,” and you could see that if you looked at the data. They're just not equipped to do these kinds of very simple statistical projections of those numbers. Because of that, we are bad at executing the existing topics, but we're also really bad at measuring the return on investment – and because of that, we under invest. We're really, really under invested in anti-fraud.
Whistleblower programs
Patrick
A fascinating thing that you alluded to earlier, which you had mentioned to me in a prior conversation that I didn't know, was that, given that we have self-awareness, that it is very difficult for the United States to hire the United States' best data analysts. We have essentially reinstituted letters of marque and reprisal to go after fraud via the whistleblower program. Can you tell people about this mind-blowing fact about the world, and then they can do some reading on it?
Jetson
Yes. So the way that we catch the majority, by dollar value, of fraud in the United States is through a program called the False Claims Act. The False Claims Act is a federal law and it has this really unique structure.
If you are a nurse working at a hospital and you see that the hospital is committing fraud, you don't go tell the government. You actually go and you hire your own attorney – and there's a whole industry of these whistleblower attorneys, they're contingency attorneys – you sue the hospital on behalf of the United States government and you get into these super weird three-party lawsuits, they're civil lawsuits in federal court. (Civil means that it's just money.)
The damages are triple, so if the hospital stole $10 million for the government, they can be on the hook for $30 million. The whistleblower starts the case, the government chooses how much they participate, at the end of the day, the whistleblower gets back something like 20 to 25% – actually 25 to 30% if the government doesn't join the case and 15 to 25% if the government does join the case. (The more work the whistleblower does, the more they get paid.)
That money goes to the whistleblower, the government keeps the rest, there's this big damage. And so we have this market – it's a market for private enforcement. We've taken a lot of the federal enforcement capacity and outsourced it, basically, to private whistleblower attorneys, and this brings in billions of dollars a year for the government, it causes many more billions of dollars with their deterrence effects.
Patrick, did I mention that this thing is under threat right now?
Patrick
You did not mention that to me.
Jetson
I got a call from a reporter at the Wall Street Journal maybe a week and a half ago: a judge in Florida ruled that the use of these private individuals to pursue the government's benefit ostensibly violates the Appointments Clause of the Constitution because these individuals are acting in some sense like private law enforcement officers without an appointment.
The Wall Street Journal reporter, who was very kind, basically just wanted to know, what do we think this law does in terms of how much money are we getting? How much money are we saving? How many cases are there? I'm the most recent person that had requested data on this law from the Department of Justice; he got my number somehow, I think, from a colleague in a law school. Ultimately, I was like, “If this thing goes away, we are kicking ourselves in the shin. We are kicking out from under us one of the best legs of our anti-fraud support system.”
And so there is a real threat that fraud in this country could get worse because we're under-investing in public enforcement – not enough DOJ, not enough inspector general, not enough state Medicaid fraud people, not enough FBI agents working on healthcare fraud or other public fraud – [and] we've outsourced it to this weird kind of antiquated law (the thing dates all the way back to the civil war, [it] has like a very interesting legal history) and now we might get rid of this private thing.
Patrick
Yeah. On the one hand, I take the Constitution seriously – and it should be said, you know, a lot of people in government do as well; they carry it in their pockets. But on the other hand, this very clearly seems to be a better way to get access to the top talent than the system at the moment – it’s more incentive-compatible.
A thing that people might not appreciate outside the financial industry regarding whistleblowers is that like the typical image of a whistleblower is you get invited into a smoky backroom where bad stuff is being discussed, and you defect against the other bad actors in that room. That is not the only kind of whistleblower in the world.
Another kind of whistleblower is, you are an expert in your industry, and you realize something is like, “huh, that's odd.” You pull enough of a string on it and effectively do independent academic research, independent reporting, independent fraud investigation, to a point where you have developed a memo that is sufficient to outline the weirdness in the world, and then you give that to the authorities. That is also a form of whistleblowing, and the SEC and other government agencies under various authorities will pay you if you blow the whistle on frauds which you are not constructively involved in yourself – in which you do not work for an actor that is constructively involved in them.
Jetson
There's a third type of whistleblower. The third type of whistleblower is a low-level employee who happened to be in the right place at the right time. This is actually what I think is the value of this law. In your system, just think, you're not invited into the smoky back room at all for some nefarious deal that you defect on; at the end of the deal, they come and they hand you a piece of paper and say, “Hey, can you put this in the computer for us?” And that guy's the whistleblower.
And so in the case of the hospital system or the nursing home system or the DME system (durable medical equipment system), all these things that have been subject to whistleblower lawsuits in the United States, it is often some coder or biller or nurse or home health aide. It's not the super insider who's in on the fraud, they just kind of figured out that their boss was stealing from the government, and by creating a huge financial incentive for this person to turn state's witness – that's something we need. We don't want to wait for that person to call the FBI. The fact that they can get paid for running this lawsuit is, I think, a good thing.
Patrick
This is one of a class of technologies that we call the stochastic management of fraud, where we're not interdicting fraud on a fraud-by-fraud basis, on a release and a chase basis, but we're going to establish an incentive gradient under which things that you need to do to scale your frauds – and by dollar amount, a lot of the fraud is done by professional fraudsters who have scaled their operations and not teenagers in their bedrooms, for the same reason that a lot of cakes are baked by professional bakeries and not by teenagers in their bedrooms – the things that you need to do to scale the fraud, we are going to increasingly make those capable of causing huge capital losses to you via the stochastic management approach and thereby not merely get the restitution from the individuals that we identify as doing fraud, not merely have a deterrence effect, but literally break the engine of capitalism that makes fraud a lucrative business to be in.
I wish there was better literature on this concept. You are the practicing economist and I write occasionally on the internet, but I don't think that there is a broad literature about stochastic management in fraud specifically. (I think I coined that term when talking about why AML and KYC regulations actually work despite being so terrible, which is a fun two bits of opinion to keep in one's head at the same time.)
Jetson
You want to write a paper together, Patrick? Is that what you're saying?
Patrick
We could just write papers! Let's write a paper! (I don't have an employer, this is great.) There should be literature there, and we should be the change we hope to see in the world.
So you've given people some great entries into the existing literature on this. Where can they find you around the internet if they think, “I like the cut of Jetson’s jibs and would like to subscribe to his newsletter”?
Jetson
So I'm a professor, which means that largely my audience is other academics and policymakers. I don't do a lot of public-facing writing anymore. I'm a tenure-track fifth-year assistant professor, which means that sometime in the next few years, a group of shadowy figures will vote on whether I get to either keep my job for the rest of my life with guarantee or lose it, so a lot of my attention historically has been paid to writing papers.
(I think it's good that in society, we create this incentive structure for people like myself to just basically get it right and tell the truth – but it does mean that historically I've been of limited exposure.)
I do some media stuff; reporters call me or I go on podcasts or stuff like that. I speak a lot at policy conferences and such. If you're interested in reading my academic work, my website is jetson.org, which redirects to my BU site – but I will warn that what you're going to find is a bunch of nerdy economics papers about fraud. Some of them are very exciting – the ambulance taxis paper is there, the unemployment insurance fraud paper is there; other work, the hospice fraud paper I talked about is there – so you can go and you can read it.
If you're ever interested, if you know about fraud, if you're interested in learning more about fraud, if you want to chat about policy, if you are a policymaker and you happen to stumble across this, I'm very easy to get in touch with. My website has my cell number on it – I'll take a call from anyone, and I'm just excited to talk about these things. I think that there's a lot of low-hanging fruit in the policy space, in the way that we can fix this; I'm increasingly making inroads in talking to people in the right agencies in government that are able to effectuate much of this change.
I think that there is an increased political taste for this, and that's a good thing. I see, increasingly, popular media figures talking about government efficiency, talking about waste, fraud, abuse, losing money. I don't have a public political stance to take on how much money the government should be spending on various programs – that's a political choice, and I'm an economist, not a politician – but I do think that we all agree that if we're going to spend the money, we should do it well. We should quantify the effects. We should design effective policy. We should do what works. We shouldn't do what costs money and doesn't work.
So if you want to hear more from me, please visit my website or send me an email, I'm jetson@bu.edu.
Patrick
Awesome. And I will drop some links into some of my prior writing about fraud. (Unfortunately, a lot of it is behind the paywall that is joining the financial industry, but be that as it may.)
[Patrick notes: Bits about Money covers this frequently; see here for one entry.]
Thanks very much for coming on, Jetson. I hope interested individuals do take you up on your generous offer there of chatting about ways the United States could be more effective. I think all of us can agree that, you know, we have a contentious ongoing societal debate about what the aims of government should be, and then we should prosecute those aims competently – there should be widespread political consensus on the desirability of competence in government. Looking forward to seeing more of that, if now is indeed the season for it.
For the rest of you, thanks very much, and we'll see you next week.
