1 / 36

Introduction

Continuous Auditing & the Search for Fraud Presented to: The Association of Governmental Accountants by: Charles W. Lawver, Virginia DMAS October 20 , 2009. Introduction.

fleur
Download Presentation

Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Continuous Auditing & the Search for FraudPresented to:The Association of Governmental Accountantsby:Charles W. Lawver, Virginia DMASOctober 20, 2009

  2. Introduction The Virginia Department of Medical Assistance Services (DMAS) administers the Federal & State sponsored health care programs for eligible persons with limited income and resources. These programs include Medicaid, Family Access to Medical Insurance Security (FAMIS), Medical Assistance for Low Income Children (FMIS Plus) and a number of other programs benefiting children, the aged, blind and disabled: • DMAS provided services to over 1,000,000 persons during Fiscal Year 2008. • General population growth, especially the growth of the aging population are key factors affecting our client base.  The number of Virginians 65 and older will increase 5 times faster than the general population over the next 10 years.  Access to health care for uninsured children is a DMAS priority.

  3. Introduction • Medicaid is the largest health care system in Virginia and in the U.S. as a whole. • In FY 2007, the Department’s Medicaid Management Information System (MMIS) issued provider reimbursement to 55,000 active providers benefiting an average of 691,000 recipients per month at a total cost of $4.4 billion. • In FY 2008, Medicaid claim payments increased to $5.3 billion. • Medicaid program costs are shared by the state and Federal government-the Federal share is higher in states with lower per capita income. • Eligibility categories – aged blind or disabled, member of a family with children , certain Medicare beneficiaries.

  4. Opportunity: Fraud Auditing Timely Enough to Make a Difference • This immense claim and transaction volume can only be effectively audited on a concurrent basis, employing risk guided, automated approaches to pre and post payment review. • DMAS must pay quickly and, when we are defrauded, chase quickly, hence the need for the concurrent approach.

  5. Opportunity: Fraud Auditing Timely Enough to Make a Difference • The Program’s Medicaid Management Information System (MMIS) applies almost 1,000 separate edits to every claim prior to payment. • Since 1985, at its inception, DMAS Internal Audit has used a variety of tools, many internally developed, to concurrently audit claims and the Department’s 143 other business processes for irregularities and suspected fraud.

  6. Internal Control Evaluation System (ICE) --The Internal Control Evaluation System (ICE), an Access data base application listing internal controls and related management objectives for all 144 DMAS business processes. ICE contains a full risk assessment and scoring module, work paper templates and audit control reports. --It also tracks and reports on the status of all audit findings of Internal Audit, the Auditor of Public Accounts (APA) and the Centers for Medicaid and Medicare Services (CMS)….

  7. ICE System Structural Organization Risk Assessment Module Audit AdministrationAudit PlanningStaff AssignmentsTime Keeping Internal Control Description BP Objectives Control Numbers Control Descriptions Reporting Work Paper Formats ICE System Business Process TablesReporting Policies & Procedures

  8. Internal Control Evaluation System (ICE) Objectives Business Process Name Internal Controls

  9. Internal Control Evaluation System (ICE) Audit Finding Audit Name

  10. Internal Control Evaluation System (ICE) Auditee Response

  11. Business Process Performance Review System (BPPRS) --The Business Process Performance Review System (BPPRS, contains in excess of 200 concurrent tests of all aspects of the internal control of Virginia Medicaid. --Each audit year, Internal Audit includes tests from the BPPRS in its Annual Audit Plan based on the outcome of its Annual Risk Assessment which calculates a test frequency score for each test and related business process

  12. Business Process Performance Review System (BPPRS) --Most BPPRS tests, are conducted using SAS and ACL routines complemented by use of the Microsoft Office components Excel and Access. --Staff members specialize in areas of the Program and are assigned a series of tests each audit year which they are expected to independently conduct supported by our full time Systems Analyst whose job it is to support them and maintain the data base.

  13. Audit Control Language (ACL) --DMAS Internal Audit has been using ACL for approximately eight years. --We initially purchased two desktop copies to help perform the complex stratified sampling of claims involved in a Federally mandated recipient eligibility project. --The software performed so well, was so easy to use and the telephone support was so good, we decided to use it to address an opportunity which we had been trying to address for a number of years.

  14. Audit Control Language (ACL) The Problem:--DMAS Operating Divisions were requesting the ability to run copies of IA concurrent tests to improve their own operations, specifically to identify aberrant medical providers and other problem Program suppliers. This was especially true of the DMAS Fiscal and Program Integrity (fraud investigation) Divisions.

  15. Audit Control Language (ACL) -- Although very powerful, SAS routines can be difficult to bundle into testing suites. --To effectively run SAS, a certain degree of expertise is required which is not typically available within DMAS operating divisions.--DMAS IA employees only a single systems analyst so we lack the staff to support our operating divisions in their use of SAS and concurrent tests.--The Solution was to purchase and install server based ACL. --Let’s consider current detection of several apparent frauds…

  16. Cross-Over Duplicate Claims Concurrent Test Cycle

  17. Potentially Fraudulent Provider Activity

  18. Duplicate Cross over Claims Test Results • Critical MMIS edits were found not be working resulting in duplicate • cross-over payments between Medicare and Medicaid. • As a result transportation providers were erroneously overpaid $10,000,000. • From claim payment patterns it was apparent that certain providerswere gaming us. We referred these providers to the DMAS Program Integrity Division for further analysis and possible criminal referral.

  19. Crossover Claims Concurrent Testing Plan Step 1 – Determine the Automated Procedures & Objectives Step 2 – Make Arrangements with the Auditee(s) to Obtain Data Step 3 – Transfer Auditee Data Step 4 – Verify Auditee Data Step 5 – Run Test & Report Results

  20. Potentially Fraudulent Provider Activity

  21. Crossover Claims – Overstated Co-Insurance --In this example the provider overstates the amount of co-insurance. --Instead of the correct amount of $18.73, the amount of $18,373.00 was entered. --Medicaid paid the overstated amount which the provider certified as correct on the crossover claim. --Our investigation revealed that, upon receipt of the payment, the provider failed to notify DMAS and never sent a subsequent refund. --This matter was referred to our Program Integrity Unit.

  22. Two Billings for the Same Service

  23. Two Billings for the Same Service --Both of these charges were submitted by the same provider at the same time. --One as a hospital bill and one as a special facility bill. --One claim is for 9/28/07 only and the other is for 9/28-30/07. --A provider cannot bill Codes 111 and 857 for the same day. --This matter was referred to our Program Integrity Unit.

  24. Internal Control Scoring – Cost Recovery/Cost Avoidance

  25. Internal Control Scoring – Cost Recovery/Cost Avoidance

  26. Internal Control Scoring – Cost Recovery/Cost Avoidance

  27. Internal Control Scoring – Cost Recovery/Cost Avoidance

  28. Internal Control Scoring – Cost Recovery/Cost Avoidance Cost Recoveries

  29. Continuous Auditing for Fraud Advantages Audits Go Deeper & Broader DMAS can perform deeper and broader audits since we can look at both preventive and detective controls on a universal basis with automated alerting for exception based reporting.This significantly improves audit coverage while reducing the costs of compliance over time.

  30. Continuous Auditing for Fraud Advantages Audits Take Less Time In the past, it could take weeks just to assemble the proper documentation & data to start an audit.With continuous auditing, DMAS can assemble multiple individual tests of a single business process or a group of processes and perform them as a single testing suite. The suite can be performed at any time, at the drop of a hat.

  31. Continuous Auditing for Fraud Advantages Internal Auditors Provide a Value Added Service The rapidity and range of the tests we can perform allowed us to identify over $7 million dollars in recoverable Medicaid and Medicare claims in 2008. Our total budget for the Internal Audit function is less than $400,000; a value added return of 17.5 times cost.We have experienced a like level of return for the past 15 years.

  32. Continuous Auditing for Fraud Advantages Increased Transparency with Auditees The auditees become accustomed to receiving frequent, short form reports on the high risk controls associated with their business processes. This increases IA visibility and relevance while removing much of the mystery surrounding the traditional audit process. Findings follow up is streamlined and enhanced.

  33. Continuous Auditing for Fraud Advantages Enhanced Communication with External Auditors We have shared our approach and data with the staff of the Auditor of Public Accounts. The APA can review our test library and test results and gauge their level of reliance assuring less duplication of effort.DMAS IA can perform rapid, customized data extractions for the APA in support of the annual audit.

  34. Continuous Auditing for Fraud Advantages Improved Utilization of Specialized Audit Skills Our test library includes ACL and SAS code which can be executed by any auditor. This frees up staff with special expertise to design new tests and consult with management and auditees on more complicated control situations and emerging issues.This saves time and money and ultimately results in a higher quality work life for the audit staff.

  35. Continuous Auditing for Fraud Advantages Key Controls are Rationalized With the frequent testing of key controls, it has been possible to identify those which are truly vital to our critical business processes and de-emphasize those which are not.This has allowed for the identification of controls which are no longer relevant or which over.

  36. Questions?

More Related