SOCIAL SECURITY ADMINISTRATION

THE SOCIAL SECURITY
ADMINISTRATION'S REGIONAL
OFFICE PROCEDURES FOR
ADDRESSING EMPLOYEE-RELATED
ALLEGATIONS IN REGION VIII

June 2004

06-04-14075

AUDIT REPORT

Mission

We improve SSA programs and operations and protect them against fraud, waste, and abuse by conducting independent and objective audits, evaluations, and investigations. We provide timely, useful, and reliable information and advice to Administration officials, the Congress, and the public.

Authority

The Inspector General Act created independent audit and investigative units, called the Office of Inspector General (OIG). The mission of the OIG, as spelled out in the Act, is to:

Conduct and supervise independent and objective audits and investigations relating to agency programs and operations.
Promote economy, effectiveness, and efficiency within the agency.
Prevent and detect fraud, waste, and abuse in agency programs and operations.
Review and make recommendations regarding existing and proposed legislation and regulations relating to agency programs and operations.
Keep the agency head and the Congress fully and currently informed of problems in agency programs and operations.

To ensure objectivity, the IG Act empowers the IG with:

Independence to determine what reviews to perform.
Access to all information necessary for the reviews.
Authority to publish findings and recommendations based on the reviews.

Vision

By conducting independent and objective audits, investigations, and evaluations, we are agents of positive change striving for continuous improvement in the Social Security Administration's programs, operations, and management and in our own office.

SOCIAL SECURITY

MEMORANDUM

Date: June 22, 2004

To: James Everett
Regional Commissioner Denver

From: Assistant Inspector General for Audit

Subject: The Social Security Administration's Regional Office Procedures for Addressing Employee-Related Allegations in Region VIII (A-06-04-14075)

OBJECTIVE

Our objectives were to evaluate the adequacy of the Social Security Administration's (SSA) policies and procedures for addressing employee-related allegations, determining how well SSA complied with these policies and procedures, and determining whether SSA referred all employee-related allegations warranting further investigation to the Office of the Inspector General (OIG).

BACKGROUND

SSA receives various types of allegations related to its programs, the misuse of Social Security numbers and employee conduct. Some examples of employee-related allegations include time and attendance, service issues, and the theft of Government property. SSA receives allegations from employees, the public, and the OIG. Allegations concerning SSA employees are significant because of the potential monetary losses to SSA's programs and the corresponding negative public impact.

Office of Management and Budget (OMB) Circular A-123, Management Accountability and Control defines management controls, including organization, policies, and procedures, as "…tools to help program and financial managers achieve results and safeguard the integrity of their programs." Also, management controls are the organization's, policies, and procedures used to ensure that programs and resources are protected from waste, fraud, and mismanagement.

SSA has management controls in place with respect to the development and resolution of employee related allegations. To determine the validity of allegations, SSA is required to obtain sufficient evidence to support or remove suspicion that criminal violations may have been committed. SSA's policy states,

Prior to referral to the Office of the Inspector General, Office of Investigations Field Division, each potential violation and allegation must be developed by the field office, processing center, or other SSA office to the point where enough evidence has been secured to either remove suspicion or substantiate the violation.

In the Denver Region, the Office of the Regional Commissioner (ORC) and the Center for Security and Integrity (CSI) review employee conduct and program-related allegations. The ORC reviews all allegations that do not appear to involve fraud. CSI reviews all allegations that appear to involve fraud or employee misconduct that may result in an adverse action. CSI is responsible for supporting field office managers in developing potential fraud issues by using computer system analysis and providing other technical support. Employee allegations, which have the potential to be criminal violations, must be referred to the OIG for appropriate action. Cases involving employee misconduct that do not have the potential to be criminal violations are referred to the Labor and Employee Relations (LER) staff for adverse actions. The allegation referral workflow is illustrated at Appendix C.

In Fiscal Years (FY) 2001 and 2002, OIG referred 11 employee-related allegations to SSA's Denver Region for action. Ten of these were provided to the ORC for review and action and one to CSI. In addition, the Denver Region received nine employee related allegations from sources other than the OIG.

RESULTS OF REVIEW

The Denver Region's ORC and LER appropriately referred all cases with potential criminal violations to the OIG that warranted further investigation and maintained documentation to support development of allegations received from the OIG and other sources. However, we were unable to assess the adequacy of CSI's compliance with SSA policy because CSI did not maintain documentation for allegations received. Also, the ORC's and CSI's tracking process for allegations received needed improvement.

CASE DEVELOPMENT DOCUMENTATION

ORC's documentation for employee-related allegations received from the OIG and other sources was adequate; however, CSI did not maintain documentation for allegations received from any source except for the one case referred by OIG. Consequently, for employee related allegations, CSI could not demonstrate that it complied with SSA policies and procedures requiring that sufficient evidence be obtained to support or remove suspicion that a criminal violation may have occurred.

According to CSI staff, if allegations were substantiated, they forwarded case documents to the OIG if it involved a potential criminal violation. For substantiated cases involving non-criminal violations, CSI forwarded the documentation to field office managers who in turn contacted LER for appropriate administrative action. For allegations that were not substantiated, CSI said they shredded the documentation. CSI added that the OIG and LER staff maintained the official files. CSI, however, did not keep a record of the cases it had forwarded to the OIG or to field office managers.

Because CSI shredded files for allegations it considered unsubstantiated and did not maintain documentation to identify which cases it may have forwarded to the OIG or to field office managers, we could not review the adequacy of CSI's documentation or verify that CSI actually complied with SSA policy.

TRACKING ALLEGATIONS RECEIVED

The ORC's control log for tracking cases omitted 3 of 10 referrals it received from the OIG. Two referrals were not tracked because the allegation involved a manager and such cases are directly sent to an area director for development. The ORC was unable to explain why the third allegation was not on the control log. We noted that the ORC did not enter allegations in its log immediately upon receipt.

CSI was responsible for one allegation received from the OIG; however, CSI did not have a process for tracking allegations received from any source. According to CSI personnel, they were not required to control allegations because the Agency did not have a "system of records" for allegations and that to create such a system would be subject to approval by SSA's Central Office. CSI management added that it did not want to establish a written document or log of incoming allegations.

Without a system for tracking allegations received, there is no assurance that CSI is investigating the allegations to remove suspicion or substantiate the violation. Further, there is an increased risk that allegations with potential criminal violations are not being referred to the OIG. CSI received one case from the OIG during the 2-year period of FYs 2001 and 2002. This case was left pending for 279 days before CSI took action to resolve it. It discovered the allegation when a staff member was in the process of cleaning out archived emails during FY 2003.

CONCLUSION AND RECOMMENDATIONS

The Denver Region's ORC and LER appropriately referred all cases with potential criminal violations to the OIG that warranted further investigation and maintained documentation to support development of allegations received from the OIG and other sources. The ORC's tracking of allegations received needs improvement since it was unable to explain why one case was omitted from the control log and it did not immediately enter allegations in its control log. The CSI component did not have adequate management controls to ensure it complied with SSA policy for documenting development of evidence, tracking allegations received, and referring potential criminal cases to the OIG. Without adequate management controls, the Denver Region's overall effectiveness in guarding against waste, fraud, and mismanagement is diminished.

Accordingly, we recommend SSA's Denver Regional Office ensure:

1. CSI maintain documentation to support actions taken on allegations received.

2. ORC improve its tracking process by entering allegations in the control log immediately upon receipt.

3. CSI establish a tracking process to account for allegations received from the OIG and from other sources.

AGENCY COMMENTS

SSA agreed with our recommendations. See Appendix D for the full text of SSA's comments.

Appendix A
Acronyms

CSI Center for Security and Integrity
FY Fiscal Year
LER Labor and Employee Relations
MOS Management and Operations Support
OIG Office of the Inspector General
OMB Office of Management and Budget
ORC Office of the Regional Commissioner
POMS Program Operations Manual System
SSA Social Security Administration

Appendix B
Scope and Methodology

We limited our review to Fiscal Years (FY) 2001 and 2002. This included 11 referrals from the Office of the Inspector General (OIG), 9 employee-related allegations from sources other than the OIG, and 4 potential criminal violation cases identified from the list of adverse actions processed by Labor and Employee Relations (LER) staff.

To accomplish our objectives, we:

Reviewed the following criteria:

o The Privacy Act of 1974 (5 United States Code § 552a),
o Office of Management and Budget Circular A-123, Management Accountability and Control,
o Program Operations Manual System,
o the Social Security Administration's (SSA) Administrative Instructions Manual System,
o Annual Personnel Reminders, and
o Standards of Ethical Conduct for Employees of the Executive Branch.

Obtained the database of allegations processed by the OIG during FYs 2001 and 2002 and identified those listed as employee-related.

Interviewed officials within the Office of the Regional Commissioner (ORC), Center for Security and Integrity, and LER in Denver, Colorado.

Reviewed ORC's control log to identify employee-related allegations from sources other than the OIG.

Reviewed ORC documentation for the development of evidence related to allegations received from the OIG and other sources.

Reviewed the 20 adverse actions processed by the LER staff to identify potential employee-related allegations.

We performed field work at the SSA Regional Office in Denver, Colorado, and the OIG office in Dallas, Texas from November 2003 through February 2004. We determined that the computerized data used were sufficiently reliable to meet our audit objectives. The entity reviewed was the Denver Regional Office under the Deputy Commissioner for Operations. We conducted our review in accordance with generally accepted government auditing standards.

Appendix C
Allegation Referral Workflow

Appendix D
Agency Comments

ICN: 33321-24-1172

OIG DRAFT REPORT, "THE SSA'S REGIONAL OFFICE PROCEDURES FOR ADDRESSING EMPLOYEE-RELATED ALLEGATIONS IN REGION VII" (A-06-04-14075) AUDIT NO. 22004015

Mr. Schaeffer,

Please see the following DCO comments on the above named report.

Maurice Norwood
Audit Liaison
For Operations

We have carefully reviewed the OIG draft report, the SSA's Regional Office Procedures for Addressing Employee-Related Allegations in Region VIII, (A-06-04-14075) Audit No. 22004015. We appreciated the review of our procedures and have taken steps to tighten our control over these allegations. We have the following comments regarding the report.

TRACKING ALLEGATIONS RECEIVED

We agree that three cases were not placed on the electronic tracking system, and that for one case there was no apparent explanation. Regarding the two complaints about managers, the Region's policy during the timeframe reviewed was to have the Executive Officer manually track complaints about managers because of the accessibility of the electronic system. These cases were adequately tracked and the results of the investigation forwarded to the responsible OIG unit. However, this policy has since been changed and all cases are placed on the electronic control system when received.

We also agree with the findings that CSI did not have a formal process to control and document the results for the one allegation received in FY 2001 and 2002 from OIG. Our unstated policy was that allegations were to be treated as that - allegations. No documents/records were kept if the allegation was found to be unsubstantiated. No new system of record was to be established for these. For those cases where there was sufficient evidence for further investigation or prosecution, CSI's policy was to rely on the file maintained by either OIG or the Labor and Employee Relations staff as the official file.

CSI has now established a system that will track and control all allegations received. In addition, official files will be established for each future allegation regardless of the outcome. Documentation will be maintained in accordance with established agency guidelines.

We appreciate the professional manner in which this audit was conducted. If you have any questions, please contact Don Ketcham, Executive Officer, at (303)844-2388.

Appendix E
OIG Contacts and Staff Acknowledgments

OIG Contacts
Paul Davila, Director, (214) 767-6317
Ronald Gunia, Audit Manager, (214) 767-6620

Acknowledgments
In addition to those named above:
Lela Cartwright, Auditor-in-Charge
Annette DeRito, Writer-Editor

For additional copies of this report, please visit our web site at www.ssa.gov/oig or contact the Office of the Inspector General's Public Affairs Specialist at (410) 966-1375. Refer to Common Identification Number A-06-04-14075.

Overview of the Office of the Inspector General

Office of Audit

The Office of Audit (OA) conducts comprehensive financial and performance audits of the Social Security Administration's (SSA) programs and makes recommendations to ensure that program objectives are achieved effectively and efficiently. Financial audits, required by the Chief Financial Officers' Act of 1990, assess whether SSA's financial statements fairly present the Agency's financial position, results of operations and cash flow. Performance audits review the economy, efficiency and effectiveness of SSA's programs. OA also conducts short-term management and program evaluations focused on issues of concern to SSA, Congress and the general public. Evaluations often focus on identifying and recommending ways to prevent and minimize program fraud and inefficiency, rather than detecting problems after they occur.

Office of Executive Operations

The Office of Executive Operations (OEO) supports the Office of the Inspector General (OIG) by providing information resource management; systems security; and the coordination of budget, procurement, telecommunications, facilities and equipment, and human resources. In addition, this office is the focal point for the OIG's strategic planning function and the development and implementation of performance measures required by the Government Performance and Results Act. OEO is also responsible for performing internal reviews to ensure that OIG offices nationwide hold themselves to the same rigorous standards that we expect from SSA, as well as conducting investigations of OIG employees, when necessary. Finally, OEO administers OIG's public affairs, media, and interagency activities, coordinates responses to Congressional requests for information, and also communicates OIG's planned and current activities and their results to the Commissioner and Congress.

Office of Investigations

The Office of Investigations (OI) conducts and coordinates investigative activity related to fraud, waste, abuse, and mismanagement of SSA programs and operations. This includes wrongdoing by applicants, beneficiaries, contractors, physicians, interpreters, representative payees, third parties, and by SSA employees in the performance of their duties. OI also conducts joint investigations with other Federal, State, and local law enforcement agencies.

Counsel to the Inspector General

The Counsel to the Inspector General provides legal advice and counsel to the Inspector General on various matters, including: 1) statutes, regulations, legislation, and policy directives governing the administration of SSA's programs; 2) investigative procedures and techniques; and 3) legal implications and conclusions to be drawn from audit and investigative material produced by the OIG. The Counsel's office also administers the civil monetary penalty program.