Social Security Administration Office of the Inspector General
Consent Based Social Security Number Verification Program
To assess the results to date of the pilot and interim consent- and fee-based verification programs and determine lessons learned that could be applied to the Consent Based Social Security Number Verification (CBSV) program.
Since October 2002, the Social Security Administration (SSA) has assisted registered companies that provide identity verification services by verifying an individual’s name and Social Security number (SSN) with SSA’s records. The Agency developed an automated process that quickly responds to these requests and also reduced the burden on SSA resources. There have been three iterations of the program: Social Security Number Verification Pilot for Private Businesses (Pilot), Interim Verification Process (IVP), and the current CBSV Program.
To view the full report, visit http://www.ssa.gov/oig/ADOBEPDF/A-03-08-18067.pdf
While we found that SSA generally applied best practices learned from its Pilot and IVP programs to the CBSV, we believe improvements are still needed for the CBSV program. We are concerned that the first year program estimates for CBSV were not in line with the actual number of companies participating in the CBSV program and the related number of verification requests submitted to SSA. As of August 2007, SSA anticipated it would receive about $5.6 million based on 90 participating companies submitting about 10 million transactions and these funds were expected to cover SSA’s costs for the program. As of February 2009, SSA was scheduled to receive about $1.1 million from 86 participating companies, to process about 1.1 million verification requests. Moreover, as of April 2009, SSA’s total cost for developing the CBSV program had increased to about $7.8 million. Thus, SSA would not recoup $6.7 million of its costs during the first year of the program.
Additionally, we determined for the CBSV program, SSA did not: (1) comply with its policy requiring proof of parental and legal guardianship; (2) have requirements for compliance reviews to ensure uniformity in reporting of results; and (3) require the date of birth as part of the matching criteria, which could increase the risk that SSA will not detect instances of SSN misuse.
Among our five recommendations, we recommended that SSA:
SSA agreed with the recommendations