SOCIAL SECURITY ADMINISTRATION
THE SOCIAL SECURITY ADMINISTRATION'S
PROCEDURES FOR ADDRESSING
January 2009 A-13-08-18077
By conducting independent and objective audits, evaluations and investigations, we inspire public confidence in the integrity and security of SSA's programs and operations and protect them against fraud, waste and abuse. We provide timely, useful and reliable information and advice to Administration officials, Congress and the public.
The Inspector General Act created independent audit and investigative units, called the Office of Inspector General (OIG). The mission of the OIG, as spelled out in the Act, is to:
Conduct and supervise independent and objective audits and investigations
relating to agency programs and operations.
Promote economy, effectiveness, and efficiency within the agency.
Prevent and detect fraud, waste, and abuse in agency programs and operations.
Review and make recommendations regarding existing and proposed legislation and regulations relating to agency programs and operations.
Keep the agency head and the Congress fully and currently informed of problems in agency programs and operations.
To ensure objectivity, the IG Act empowers the IG with:
Independence to determine what reviews to perform.
Access to all information necessary for the reviews.
Authority to publish findings and recommendations based on the reviews.
We strive for continual improvement in SSA's programs, operations and management
by proactively seeking new ways to prevent and deter fraud, waste and abuse.
We commit to integrity and excellence by supporting an environment that provides
a valuable public service while encouraging employee development and retention
and fostering diversity and innovation.
Date: January 20, 2009 Refer To:
To: The Commissioner
From: Inspector General
Subject: Follow-up: The Social Security Administration's Procedures for Addressing
Employee-related Allegations (A-13-08-18077)
Our objective was to determine the extent to which the Social Security Administration (SSA) had implemented recommendations from a series of reports on employee-related allegations we issued in Fiscal Years (FY) 2004 and 2005.
Employee-related allegations can originate from various sources, including SSA employees, the public, congressional inquiries, internal security reviews, or the Office of the Inspector General (OIG). These allegations are referred to the Offices of the Regional Commissioners (ORC) and/or SSA Headquarters components for review.
Examples of employee-related allegations include standards of conduct violations; ethics violations; potential criminal violations; the theft of Government property; and allegations of rude, discourteous, or poor service where a specific employee is named. Allegations concerning SSA employees are significant because of the potential losses to SSA's programs and the corresponding negative impact on the public.
Generally, the ORCs review those allegations that involve an employee in that region. ORCs review allegations that do not appear to involve fraud, for example, service delivery issues. The Centers for Security and Integrity (CSI) within the ORCs, review employee-related allegations that appear to involve fraud. Employee-related allegations that are potential criminal violations must be referred to the OIG for appropriate action.
In FYs 2004 and 2005, we issued 11 reports on SSA's procedures for addressing employee-related allegations. We issued 1 report to each of the 10 Regional Commissioners and 1 report to the Deputy Commissioner for Systems. In each report, we discussed the management of employee-related allegations. In the report issued to the Boston Regional Commissioner, we indicated employee-related allegations were addressed and potential criminal violations were referred to the OIG. However, in the remaining 10 reviews, we identified deficiencies in the Agency's management of employee-related allegations. To address these deficiencies, we made specific recommendations in each of the reports. Most of these reports had similar recommendations focusing on three specific issues:
" implementing a control system to document the receipt, development,
and disposition of allegations (8 reports);
" retaining documentation related to employee-related allegations (7 reports); and
" referring potential criminal violations to the OIG for investigation (5 reports).
To determine the extent to which SSA had implemented the recommendations for these three issues, we examined data from (1) ORC and CSI employee-related allegation control logs; (2) our Office of Investigations' National Investigative Case Management System (NICMS); and (3) Office of the Deputy Commissioner for Operations and Office of Systems (OS) documentation supporting the allegations. We also reviewed data pertaining to adverse personnel actions provided by the Office of Personnel under the Deputy Commissioner for Human Resources. In total, we reviewed 10 control logs; selected and examined 123 employee-related allegations; and assessed 32 adverse actions. See Appendix B for a detailed discussion of our scope and methodology and Appendix C for our sampling methodology.
RESULTS OF REVIEW
Generally, we found SSA implemented the recommendations most often made in our FY 2004 and 2005 series of reports on employee-related allegations.
Issue 1: We made recommendations in eight reports concerning SSA implementing
a control system that documents the receipt, development, and disposition of
employee-related allegations. The seven Regional Commissioners agreed with our recommendations. However, OS did not agree with our recommendation.
Our prior reviews found problems with the Agency's receipt, development, and/or disposition of employee-related allegations. Several ORCs monitored and tracked activities only for allegations referred by the OIG. Oversight did not always occur for allegations received from sources other than the OIG. In many of our prior reviews, we found that SSA did not preserve records to support the Agency's actions on allegations. SSA did not always retain those records for the required time period.
During our follow-up review, we requested copies of employee-related allegation control logs from ORCs, CSI and OS for January 1, 2006 through September 10, 2007. Specifically, we requested from each ORC and OS copies of control logs that identified employee-related allegations received from sources other than the OIG. All ORCs provided control logs. However, OS did not.
As indicated in our October 2004 report, the Deputy Commissioner for Systems, in coordination with staff in the Office of Human Resources, did not concur with our recommendation. Rather, it stated that "Any control system as described in the OIG recommendations would have to be part of a system of records established under the provisions of the Privacy Act." It was further stated "Any system of records would have to be consistent with existing and future collective bargaining agreements." However, based on the prior acceptance of related recommendations by the regional offices and use of allegation control logs by the ORCs, we continue to believe OS should implement our recommendation.
Of the 10 controls logs we received and reviewed, we found 8 ORCs had control systems to track employee-related allegations received from sources other than the OIG. Staff from the Kansas City and Chicago ORCs explained employee-related allegations from sources other than the OIG had not been received for the period related to our data request. In addition, staff indicated such allegations, if received, would be controlled in a tracking system.
With the exception of OS, our follow-up review found appropriate actions had been taken regarding tracking the receipt, development, and disposition of employee-related allegations. However, the use of allegation control logs, including allegations received from sources other than the OIG, should be made uniform Agency-wide.
Issue 2: We made recommendations in seven reports about SSA retaining documentation related to employee-related allegations. All regions agreed with our recommendations.
Our prior reviews identified concerns in retaining documentation on employee-related
allegations. For example, we reported 1 ORC did not retain complete records
4 (19 percent) of the 21 allegations received from OIG. The lack of documentation limits management's ability to determine whether appropriate actions were taken to resolve an allegation. We believe SSA management should be able to verify whether staff complied with its applicable policies and procedures. Insufficient documentation hampers management's ability to identify recurring problems related to specific locations and/or employees.
For our follow-up audit, we reviewed a random sample of 123 employee-related allegations. The allegations were selected from NICMS and the control logs provided by the ORCs. Allegations selected from NICMS pertained to employee-related allegations our Office of Investigations had referred to the Agency for further review. Our current review found documentation was retained related to the employee-related allegations. Of the 123 allegations, the ORCs and OS provided documentation related to 116 (94 percent). See Table 1 for more information.
Table 1: Employee-related Allegation Documentation
Allegations Reviewed Documentation Not Provided for
NICMS ORCs' Logs Total NICMS ORCs Logs Total
Atlanta 11 7 18 1 4 5
Boston 3 10 13 -- -- --
Chicago 8 -- 8 1 -- 1
Dallas 4 10 14 -- -- --
Denver 1 5 6 -- -- --
Kansas City -- -- 0 -- -- --
New York 9 10 19 -- -- --
Philadelphia 5 10 15 -- 1 1
San Francisco 8 10 18 -- -- --
Seattle 1 9 10 -- -- --
Office of Systems 2 -- 2 -- -- --
Total 52 71 123 2 5 7
Of the seven allegations for which no documentation was provided, five were referred to the ORCs from sources other than the OIG, and two pertained to allegations referred from OIG to the ORCs for further development. Staff from the Atlanta ORC explained records were not available for four allegations because, at the time, the ORC was not scanning paper records containing information about the allegations. Staff also explained documentation was not provided for one of the OIG-referred employee-related allegations, because they were advised by the Allegation Management and Fugitive Enforcement Division (AMFED) that it preferred the ORC no longer provide documentation unless fraud was involved. While documentation is not required by AMFED unless fraud is involved, it was not AMFED's intent that Agency staff not retain documentation related to employee-related allegations. For the remaining two allegations for which documentation was not provided, staff from the Chicago and Philadelphia ORCs did not provide explanations.
Our follow-up audit concluded that the documentation the ORCs and OS retained was sufficient and reliable to support ORC and OS dispositions of the allegations reviewed. The Atlanta ORC did not provide documentation for about 28 percent of its items included in our sample. However, we believe the ORC's new process for scanning paper records will improve the ORC's document retention.
Issue 3: We made similar recommendations in five reports to ORCs that SSA refer allegations with potential criminal violations to the OIG. Four Regional Commissioners agreed with our recommendations. However, the New York Regional Commissioner did not agree with our recommendation.
In our prior reviews, we found that ORCs did not refer all potential criminal cases to the OIG for investigation. For example, we previously reported that an SSA beneficiary alleged that a field office employee had stolen her identity. The employee subsequently retired, and ORC took no other actions. The ORC did not believe pursuing an administrative suspension was feasible since the employee had retired. While administrative sanctions were limited after the employee retired, criminal action may still have been possible. Our Office of Investigations indicated this case should have been referred to OIG for investigation.
During our follow-up audit, we requested the Office of Personnel provide information about adverse personnel actions involving SSA employees from January 2006 through September 2007. A total of 162 adverse actions were taken during this period. Of these, 130 actions pertained to employee performance issues. We reviewed additional information for the remaining 32 actions to determine whether these instances were employee-related allegations that potentially involved criminal violations.
For the period reviewed, we did not identify any adverse personnel actions involving potential employee criminal violations that had not been referred to OIG. Of the 32 actions identified, we determined 15 had been referred to the OIG for investigation. We reviewed additional documentation provided by the Agency's Human Resources offices for the remaining 17 adverse personnel actions and determined none involved potential criminal violations.
For the period January 2006 through September 2007, nothing came to our attention that led us to believe the ORCs and OS did not refer employee-related allegations with potential criminal violations to the OIG.
CONCLUSION AND RECOMMENDATION
Based on the results of our review, we believe the Agency acted on the recommendations made most often in our FY 2004 and 2005 reports on employee-related allegations. SSA acted on the recommendations pertaining to control systems, document retention, and potential criminal violation referrals to the OIG. Although the Atlanta ORC did not provide information concerning five allegations, we believe the practice of scanning paper records will improve its retention of employee-related allegation documents.
During our review, we found all ORCs used control systems for their employee-related allegations, but OS had not yet implemented a control system. These systems enabled the ORCs to document the receipt, development, and disposition of allegations. We believe the resolution of employee-related allegations should be monitored and tracked Agency-wide. As such, we again recommend OS use a control system to ensure all employee-related allegations are tracked and monitored.
The Agency agreed with our recommendation. The Agency has established a workgroup to assist with the implementation of the recommendation. The control system will be used to track and monitor employee-related allegations referred to the Deputy Commissioner for Systems.
Patrick P. O'Carroll, Jr.
APPENDIX A - Acronyms
APPENDIX B - Scope and Methodology
APPENDIX C - Sampling Methodology
APPENDIX D - Agency Comments
APPENDIX E - OIG Contacts and Staff Acknowledgments
CSI Centers for Security and Integrity
FY Fiscal Year
NICMS National Investigative Case Management System
OIG Office of the Inspector General
ORC Office of the Regional Commissioner
OS Office of Systems
SSA Social Security Administration
Scope and Methodology
Our objective was to determine the extent to which the Social Security Administration (SSA) had implemented recommendations from a series of reports on employee-related allegations we issued in Fiscal Years 2004 and 2005. The recommendations contained in these 11 reports pertained to the operations of the Offices of the Regional Commissioners (ORC) and Systems (OS). The scope of work completed was not based on whether we recommended a specific action be implemented by a specific ORC or OS. Instead, we reviewed allegations for all ORCs and OS concerning the three employee-related allegation issues we identified as the most common in our prior reports. This was done so we could, if appropriate data were provided, determine whether certain problematic conditions existed in any ORC or in OS during our review period.
To accomplish our objective, we:
" Identified and reviewed SSA's policies and procedures related to the management of employee-related allegations.
" Reviewed prior Office of the Inspector General (OIG) reports.
" Coordinated with SSA personnel familiar with the employee-related allegation management process.
" Analyzed employee-related allegation control logs provided by the ORC, containing allegations received in the region from sources other than the OIG. We requested control logs from the ORCs and OS for the period January 1, 2006 through September 10, 2007. We received 10 logs from the ORCs. We reviewed a sample of 123 allegations and selected 71 employee-related allegations from the control logs (see Appendix C for our Sampling Methodology).
" Obtained and analyzed an electronic data extract of employee-related
allegations from our Office of Investigations' National Investigative Case Management
System (NICMS). The allegations were referred from OIG to the ORCs and OS for
further development. The dispositions for these allegations were made by the
Agency and returned to our Office of Investigations from January 1, 2006 through
September 10, 2007. There were 300 OIG-referred, employee-related allegations
during this period. We reviewed a sample of 123 allegations, of which
52 employee-related allegations were selected from NICMS. (See Appendix C for our sampling methodology.)
" Obtained and reviewed an electronic data extract of adverse personnel actions taken against SSA employees from the Office of Personnel under the Office of the Deputy Commissioner for Human Resources during the period January 2006 through September 2007. There were 162 adverse actions processed during this period. We reviewed information pertaining to 32 adverse actions.
" Requested ORCs, OS and the Office of Personnel provide documentation to support the employee-related allegations and adverse actions reviewed.
We determined the NICMS electronic data used in this report to be sufficiently reliable given our audit objective and the intended use of the data. Further, any data limitations were minor in the context of this assignment, and the use of the data should not lead to an incorrect or unintentional conclusion. The accuracy of the data extract was tested by tracing individual data fields needed to meet our objective from the electronic data extract to information recorded in SSA's information systems including the Master Beneficiary Record, Supplemental Security Record, Representative Payee System, and/or the Microsoft Outlook employee email listing. Validity of the data was assessed by determining whether data fields that should have specific data types contained those data types. Lastly, we assessed completeness by reviewing the data extract for illogical data entries, unrealistic values or dates, or missing data entries.
We did not determine the reliability of the adverse personnel action data file received from the Office of Personnel. However, we were able to use the data for our intended purpose. The data obtained were used to verify whether potential criminal violations were referred to OIG.
We conducted this audit in accordance with generally accepted government auditing
standards. Those standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our findings
and conclusions based on our audit objectives. We believe the evidence obtained
provides a reasonable basis for our findings and conclusions based on our audit
objectives. We conducted this review between January and November 2008. The
entities reviewed were the Offices of the Deputy Commissioner for Operations
and the Deputy Commissioner for Systems.
We reviewed a sample of 123 allegations using 2 sampling frames. Of the 123 allegations, we selected 71 from the Offices of the Regional Commissioner (ORC) employee-related allegation control logs and 52 from the electronic data extract from our Office of Investigations' National Investigative Case Management System (NICMS). Selected allegations were reviewed to determine whether SSA retained documentation related to employee-related allegations.
During our current review, we requested copies of employee-related allegation control logs from the ORCs and the Office of Systems (OS) for the period January 1, 2006 through September 10, 2007. Specifically, we requested from the 10 ORCs and OS copies of control logs that identified employee-related allegations received from sources other than the OIG. The 10 ORCs provided control logs. Of the 10 controls logs reviewed, 8 tracked both employee-related allegations received from OIG and those received from sources other than the OIG. Employee-related allegations recorded in these logs comprised the first sampling frame. We excluded the remaining two control logs from the sampling frame because both logs contained only employee-related allegations referred by OIG to the ORC. A total of 666 allegations were included in this sampling frame.
We selected random samples of 10 allegations from each of the 8 control logs. If the log contained fewer than 10 allegations, we reviewed 100 percent of the employee-related allegations that were recorded in the log. We reviewed a total of 71 allegations. The following table provides the details of the first sampling frame selection.
Table1: Employee-related Allegation Control Log Data
Region/ Component Location Total Allegations in Control Log Sample
Region I Boston 70 10
Region II New York 219 10
Region III Philadelphia 145 10
Region IV Atlanta 7 7
Region V Chicago
Region VI Dallas 112 10
Region VII Kansas City
Region VIII Denver 7 5
Region IX San Francisco 97 10
Region X Seattle 9 9
Headquarters Office of Systems
Total 666 71
For the second sampling frame, we obtained an electronic data extract of employee-related allegations from NICMS. Specifically, these were allegations that (1) OIG had referred to the ORCs and OS for further development and (2) SSA determined dispositions for the allegations and notified OIG of the dispositions during the period January 1, 2006 through September 10, 2007. A total of 300 allegations were included in this sampling frame. Of the 300, we reviewed a sample of 52 allegations. We randomly selected 50 employee-related allegations previously referred to the ORCs. In addition, we reviewed the two allegations referred by OIG to OS during our review period.
We forwarded a total of 123 employee-related allegations to the Office of the
Deputy Commissioner for Operations for distribution to the appropriate office.
We requested copies of the documentation related to the allegations. We reviewed
the documentation provided by the offices and determined whether the documentation
reasonably supported the ORCs' conclusions and development pertaining to the
allegations. Development includes actions to determine whether allegations can
be substantiated. SSA's policies and procedures provide guidance for the appropriate
development activities. Of the 123 allegations reviewed, we received documentation
for 116. We found the documentation provided was sufficient and reliable to
support ORC and OS dispositions of these allegations. Documentation was not
provided for the remaining seven allegations.
Date: January 7, 2009 Refer
Refer To: S1J-3
To: Patrick P. O'Carroll, Jr.
From: James A. Winn /s/
Chief of Staff
Subject: Office of the Inspector General (OIG) Draft Report, "Follow-up: The Social Security Administration's Procedures for Addressing Employee-related Allegations" (A-13-08-18077)--INFORMATION
Thank you for the opportunity to review and comment on the draft report. We appreciate the comprehensive work that the OIG auditing team did on this report and the prior related audits. Our response to the report findings and recommendation is attached.
Please let me know if we can be of further assistance. Please direct staff
Ms. Candace Skurnik, Director, Audit Management and Liaison Staff, at (410) 965-4636.
COMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL (OIG) DRAFT REPORT "FOLLOW-UP: THE SOCIAL SECURITY ADMINISTRATION'S PROCEDURES FOR ADDRESSING EMPLOYEE-RELATED ALLEGATIONS"
The Office of Systems should use a control system to ensure all employee-related allegations are tracked and monitored.
We agree. We have established a workgroup to assist with the implementation of this recommendation. The control system will be used to track and monitor employee-related allegations referred to the Deputy Commissioner for Systems.
OIG Contacts and Staff Acknowledgments
Shirley E. Todd, Director, Evaluation Division 410-966-9365
Randy Townsley, Audit Manager, Evaluation Division 410-966-1039
In addition to those named above:
Nicole Gordon, Auditor
Parham Price, Auditor
For additional copies of this report, please visit our web site at www.socialsecurity.gov/oig
or contact the Office of the Inspector General's Public Affairs Staff Assistant
at (410) 965-4518. Refer to Common Identification Number
Commissioner of Social Security
Office of Management and Budget, Income Maintenance Branch
Chairman and Ranking Member, Committee on Ways and Means
Chief of Staff, Committee on Ways and Means
Chairman and Ranking Minority Member, Subcommittee on Social Security
Majority and Minority Staff Director, Subcommittee on Social Security
Chairman and Ranking Minority Member, Committee on the Budget, House of Representatives
Chairman and Ranking Minority Member, Committee on Oversight and Government Reform
Chairman and Ranking Minority Member, Committee on Appropriations, House of Representatives
Chairman and Ranking Minority, Subcommittee on Labor, Health and Human Services, Education and Related Agencies, Committee on Appropriations,
House of Representatives
Chairman and Ranking Minority Member, Committee on Appropriations, U.S. Senate
Chairman and Ranking Minority Member, Subcommittee on Labor, Health and Human Services, Education and Related Agencies, Committee on Appropriations, U.S. Senate
Chairman and Ranking Minority Member, Committee on Finance
Chairman and Ranking Minority Member, Subcommittee on Social Security Pensions and Family Policy
Chairman and Ranking Minority Member, Senate Special Committee on Aging
Social Security Advisory Board
Overview of the Office of the Inspector General
The Office of the Inspector General (OIG) is comprised of an Office of Audit
(OA), Office of Investigations (OI), Office of the Counsel to the Inspector
General (OCIG), Office of External Relations (OER), and Office of Technology
and Resource Management (OTRM). To ensure compliance with policies and procedures,
internal controls, and professional standards, the OIG also has a comprehensive
Professional Responsibility and Quality Assurance program.
Office of Audit
OA conducts financial and performance audits of the Social Security Administration's
(SSA) programs and operations and makes recommendations to ensure program objectives
are achieved effectively and efficiently. Financial audits assess whether SSA's
financial statements fairly present SSA's financial position, results of operations,
and cash flow. Performance audits review the economy, efficiency, and effectiveness
of SSA's programs and operations. OA also conducts short-term management reviews
and program evaluations on issues of concern to SSA, Congress, and the general
Office of Investigations
OI conducts investigations related to fraud, waste, abuse, and mismanagement
in SSA programs and operations. This includes wrongdoing by applicants, beneficiaries,
contractors, third parties, or SSA employees performing their official duties.
This office serves as liaison to the Department of Justice on all matters relating
to the investigation of SSA programs and personnel. OI also conducts joint investigations
with other Federal, State, and local law enforcement agencies.
Office of the Counsel to the Inspector General
OCIG provides independent legal advice and counsel to the IG on various matters,
including statutes, regulations, legislation, and policy directives. OCIG also
advises the IG on investigative procedures and techniques, as well as on legal
implications and conclusions to be drawn from audit and investigative material.
Also, OCIG administers the Civil Monetary Penalty program.
Office of External Relations
OER manages OIG's external and public affairs programs, and serves as the principal
advisor on news releases and in providing information to the various news reporting
services. OER develops OIG's media and public information policies, directs
OIG's external and public affairs programs, and serves as the primary contact
for those seeking information about OIG. OER prepares OIG publications, speeches,
and presentations to internal and external organizations, and responds to Congressional
Office of Technology and Resource Management
OTRM supports OIG by providing information management and systems security.
OTRM also coordinates OIG's budget, procurement, telecommunications, facilities,
and human resources. In addition, OTRM is the focal point for OIG's strategic
planning function, and the development and monitoring of performance measures.
In addition, OTRM receives and assigns for action allegations of criminal and
administrative violations of Social Security laws, identifies fugitives receiving
benefit payments from SSA, and provides technological assistance to investigations.