Skip Repetitive Navigation Links
California State Auditor Logo COMMITMENT • INTEGRITY • LEADERSHIP

Employment Development Department
Significant Weaknesses in EDD’s Approach to Fraud Prevention Have Led to
Billions of Dollars in Improper Benefit Payments

Report Number: 2020-628.2

Figure 1

Figure 1 is a combination of a line graph and a timeline that shows the volume of cumulative claims EDD received during the pandemic, for each month from January through October 2020, and compares this number of claims with key actions EDD took in response to fraud risks. The number of cumulative claims increases dramatically over the course of the timeline. Above the line graph, the figure highlights three points in time. First, in March—when cumulative claims had reached 2,040,000—the figure notes that UI claims began to surge. By the end of March, EDD had received more than 2 million claims since the start of 2020. Second, in July—when cumulative claims had reached 7,700,000—the figure notes that EDD automated its process to stop payments on certain suspicious claims. Finally, in September—when cumulative claims had reached 9,490,000—the figure notes that EDD took three actions: it stopped allowing claims to receive payments for previous weeks without additional action; it began taking action on addresses with unusually high numbers of claims; and it asked Bank of America to freeze 344,000 suspicious accounts.

Go back to Figure 1

Figure 2

Figure 2 illustrates that EDD continued to allow payments for claims at addresses it had determined were suspicious. The figure states that EDD identified 26,000 addresses that it determined were linked to suspicious claims but only stopped payments to claims associated with 10,000 of these addresses. Below this statement, there are several homes, three of which the figure highlights. It notes that upon examining three of the unblocked addresses, we found one had more than 80 total claims associated with it, 12 of which were still eligible to receive payment from EDD. Further, more than $300,000 had been paid to claims at this address.

Go back to Figure 2

Figure 3

Figure 3 breaks down the roughly $10.4 billion that EDD paid on claims for which it could not identify the claimant. At the top of the figure, it displays a claimant with “ID confirmed” and a claimant with “ID not confirmed,” and notes that validating claimants’ identities is a critical part of EDD’s fraud prevention efforts. For claimants with unconfirmed identities, the figure shows that EDD stopped payments to 1.6 million such claims. However, it also shows that EDD paid benefits to almost 597,000 other such claims, totaling about $10.4 billion in payments.

Go back to Figure 3

Figure 4

Figure 4 explains that EDD removed a fraud safeguard and paid $1 billion to claimants who had not confirmed their identities. The top of the graphic contains a claim form and notes that EDD normally applies stop payment alerts to claims with potential identity problems. Below that, the figure highlights that early in the pandemic, EDD removed these stop payment alerts and mistakenly believed that other safeguards would continue to stop payment on claims with potential identity issues. The bottom of the graphic shows a person with an unconfirmed identity receiving payment and states that EDD paid $1 billion to unknown claimants before eventually reinstating the stop payment alerts in August 2020.

Go back to Figure 4

Figure 5

Figure 5 is a graphic showing three situations in which EDD will likely need to assist identity theft victims, and the ways in which EDD would need to take action. The first situation, on the left side of the figure, describes how victims may be asked to pay taxes on benefits they did not receive or request. EDD would then need to determine the legitimacy of each complaint and coordinate with the IRS. The second situation, in the middle of the figure, describes how EDD could request repayment from victims on benefits they did not receive. EDD would then need to perform a manual identity verification process to remove such repayments. Finally, on the right side of the figure, the graphic describes how victims may attempt to submit their own claims to EDD and discover that fraudulent claims exist. EDD would then need to perform a manual identity verification process, stop payment on the fraudulent claim, and assign that claim a unique identifier that indicates it was fraudulent.

Go back to Figure 5

Figure 6

Figure 6 is a timeline that details EDD’s interactions with Bank of America from September 18th, 2020, to December 10th, 2020. At the top of the figure, on September 18th, the timeline notes that Bank of America sent EDD a list of more than 309,000 accounts that it believed were fraudulent. Beginning on September 23rd and through September 25th, EDD then directed Bank of America to freeze 344,000 accounts, which it did. Beginning on September 29th and through October 1st, Bank of America froze 53,000 additional accounts demonstrating indications of fraud, in addition to those on EDD’s list. On October 3rd, EDD’s director issued a memo to Bank of America directing it to unfreeze the accounts that do not meet EDD’s fraud criteria. On October 4th, Bank of America only unfroze 51,000 of the accounts it had originally frozen. On October 5th, EDD requested that Bank of America unfreeze the 344,000 accounts EDD had initially directed the bank to freeze. EDD then sent Bank of America three lists—on October 31st, November 17th, and December 2nd—of 2,270, 2,280, and 3,000 accounts, respectively, that EDD had verified and was requesting the bank to unfreeze. Bank of America also sent EDD a list on November 3rd of 104,000 suspicious accounts to review, and EDD informed the bank on December 10th that it had already stopped payments on 99,000 of those accounts. In addition, on December 7th, Bank of America notified the Legislature that it had identified more than 640,000 potentially fraudulent accounts.

Go back to Figure 6

Figure 7

Figure 7 is a timeline from November 2016 to January 2021 that chronicles and contextualizes EDD’s efforts to prevent fraud associated with inmates. At the top of the timeline, the figure notes that in November 2016, a national survey showed that UI administrators in 35 states cross-matched claims against incarceration data. EDD subsequently notified the Legislature in June 2018, June 2019, and June 2020 that it was considering adopting a cross-match of claims data against incarceration data.

In April 2020, EDD began receiving PUA claims that then began to spike in July 2020—when EDD’s criminal investigators also communicated with local law enforcement about specific cases of fraud related to incarcerated individuals. The timeline shows that in August 2020, EDD reached out to CDCR to request information that would allow it to cross-match data on incarcerated individuals against claim data. EDD also developed a contract with a private vendor in October 2020 that claimed it could provide access to incarceration records, such as data from local jails.

In November 2020, nine county district attorneys signed a letter announcing UI fraud involving tens of thousands of inmates and hundreds of millions of dollars. EDD and CDCR signed a data sharing agreement in December 2020 for CDCR to provide EDD with data on individuals incarcerated in state prisons. Finally, based on data from CDCR and the private vendor, EDD estimated in January 2021 that it had paid about $810 million in claims associated with incarcerated individuals.

Go back to Figure 7

Figure 8

Figure 8 is a flowchart that describes six EDD units that have roles in preventing and detecting fraud and shows how their roles interact. It shows that EDD has convoluted its fraud prevention and detection approach by spreading key efforts among its different units. The six units fall into two branches/divisions: the Investigation Division, which holds the Criminal Intelligence Unit and the Enforcement Operations Unit; and the Unemployment Insurance Branch, which houses the Integrity and Legislation Unit, the field offices, the Identity Verification and Technical Support Section, and the Benefit Claims Section. The figure describes the roles of each of these units and includes several arrows between them indicating how their roles interact.

The Criminal Intelligence Unit reviews reports of fraud from EDD’s online fraud report tool and determines whether to close the report, forward it to the Enforcement Operations Unit, or route it to the Integrity and Legislation Unit for administrative action. The Enforcement Operations Unit investigates allegations of fraud to pursue criminal charges; it may request that the Integrity and Legislation Unit mark claims as suspicious in a database and may inform the Benefit Claims Section when it identifies impostor claims.

The Integrity and Legislation Unit reviews reports of potential fraud forwarded by the Criminal Intelligence Unit and by field offices and forwards those reports for identity verification. This unit also assesses whether an impostor filed a claim and reports to the Benefit Claims Section. Field offices generally monitor for suspicious activity and forward weekly reports of potentially fraudulent claims to the Integrity and Legislation Unit; field office staff may stop payment on claims and require the claimants to provide identity information for the Identity Verification Unit to review.

The Identity Verification and Technical Support Section reviews identity documentation from potentially fraudulent claimants, assesses whether an impostor filed a claim, and reports to the Benefit Claims Section. The Benefit Claims Section assigns new unique identifiers to claims that other units have reported to it as likely fraudulent. This process removes the claim from the compromised SSN that the impostor used to file the claim in order to protect the true owner of the SSN.

Go back to Figure 8