OFFICE
OF
THE INSPECTOR GENERAL
SOCIAL SECURITY ADMINISTRATION
THE SOCIAL
SECURITY
ADMINISTRATION'S REGIONAL
OFFICE PROCEDURES FOR
ADDRESSING EMPLOYEE-RELATED
ALLEGATIONS IN REGION III
September
2004
A-03-04-14044
AUDIT REPORT
Mission
We improve SSA programs and operations and protect them against fraud, waste, and abuse by conducting independent and objective audits, evaluations, and investigations. We provide timely, useful, and reliable information and advice to Administration officials, the Congress, and the public.
Authority
The Inspector General Act created independent audit and investigative units, called the Office of Inspector General (OIG). The mission of the OIG, as spelled out in the Act, is to:
Conduct and supervise independent and objective audits and investigations
relating to agency programs and operations.
Promote economy, effectiveness, and efficiency within the agency.
Prevent and detect fraud, waste, and abuse in agency programs and operations.
Review and make recommendations regarding existing and proposed legislation
and regulations relating to agency programs and operations.
Keep the agency head and the Congress fully and currently informed of problems
in agency programs and operations.
To ensure objectivity, the IG Act empowers the IG with:
Independence to determine what reviews to perform.
Access to all information necessary for the reviews.
Authority to publish findings and recommendations based on the reviews.
Vision
By conducting independent and objective audits, investigations, and evaluations,
we are agents of positive change striving for continuous improvement in the
Social Security Administration's programs, operations, and management and in
our own office.
SOCIAL SECURITY
MEMORANDUM
Date: September 23, 2004
To: Laurie Watkins
Regional Commissioner Philadelphia
From: Assistant Inspector General for Audit
Subject: The Social Security Administration's Regional Office Procedures for Addressing Employee-Related Allegations in Region III (A-03-04-14044)
OBJECTIVE
Our objectives were to evaluate the adequacy of the Social Security Administration's (SSA) policies and procedures for addressing employee-related allegations, determine how well SSA complied with these policies and procedures, and determine whether SSA actually referred all employee-related allegations that should have been referred to the Office of the Inspector General (OIG).
BACKGROUND
SSA receives various types of allegations related to its programs, the misuse
of Social Security numbers (SSN), and employee conduct. Some examples of employee-related
allegations include standards of conduct, ethics violations, theft of Government
property and rude behavior and/or poor service to SSA's customers. SSA receives
allegations from employees, the public, and the OIG. Allegations concerning
SSA employees are significant because of the potential losses to SSA's programs
and the corresponding negative public impact. In determining the validity of
allegations, SSA is required to conduct sufficient development to support or
remove suspicion that criminal violations may have been committed.
SSA's policy states:
Prior to referral to the Office of the Inspector General, Office of Investigations Field Division, each potential violation and allegation must be developed by the field office, processing center, or other SSA office to the point where enough evidence has been secured to either remove suspicion or substantiate the violation.
In the Philadelphia Region (Region), the Office of the Regional Commissioner
(ORC) and the Center for Security and Integrity (CSI) receive employee conduct
and program-related allegations (see diagram). The ORC receives and reviews
allegations that do not appear to involve fraud and forwards the allegations
to the appropriate field office or component to be developed. CSI receives and
reviews allegations that appear to involve fraud or employee misconduct that
may result in an adverse action. CSI is responsible for supporting field office
managers in developing potential fraud issues by using computer system analysis
and providing other technical support. Employee allegations that are potential
criminal violations must be referred to the OIG for appropriate action. Cases
involving employee misconduct that are not potential
criminal violations are referred to the Center for Human Resources' (HR) Employee
Relations Staff for adverse actions. The ORC and CSI workflow processes are
illustrated in Appendix C.
In Fiscal Years (FY) 2001 and 2002, OIG referred 44 employee-related allegations
to the Region for action - most related to poor customer service. In addition,
the Region received 19 employee-related allegations from sources other than
the OIG - many related to unauthorized system access. The table below provides
a summary of the 63 employee-related allegations referred to the Region in FYs
2001 and 2002 by type of violation.
Table: Type of Employee-Related Allegations
Type of
Violation Number
of OIG
Referrals Number of Non-OIG Referrals
Poor Customer Service 38
Time and Attendance Abuse 2
Discrimination 1
Mismanagement 1
Assault/Harassment 1
Employee Ethics Violation 1
Unauthorized System Access 8
Potential Fraud 7
SSN Misuse 3
Sale of Narcotics 1
Total 44 19
RESULTS OF REVIEW
Our review disclosed that the Region generally (1) had adequate policy and procedures in place to address employee-related allegations and (2) referred potential criminal violations to the OIG as required. However, we found the following areas needed to be addressed.
There was inadequate documentation to support whether employee-related allegations were properly resolved for 11 of the 63 allegations received.
The ORC's tracking system did not include all employee-related allegations.
CSI did not maintain a tracking system to document the receipt, review, and clearance of employee-related allegations.
CASE DEVELOPMENT AND DOCUMENTATION
The Region did not have adequate documentation to either remove suspicion or substantiate the violation, as required by SSA policy, for 8 of the 44 employee-related allegations referred by the OIG. In addition, case files for 3 of the 19 employee-related allegations received from other sources were not adequately documented to support whether they were resolved.
Figure: Adequacy of Documentation
Allegations from the Office of the Inspector General
Six case files for allegations referred by the OIG did not include sufficient evidence to support whether the allegations were developed. For two additional OIG referrals, the ORC could not locate the case files.
Insufficient Evidence - For the six allegations, which involved poor customer service, the files did not include evidence that the allegations were developed. The ORC's procedure for OIG referrals is to review each referral and then forward it to the appropriate field office or component for development. When the ORC receives a response from the field office or component describing the actions taken, the response is reviewed to determine if the resolution appears appropriate. If so, the ORC forwards a copy of the response to the OIG to close the referral. Although we found that the ORC maintained copies of the actual referrals for the six employee-related allegations, it could not provide evidence to show that the appropriate field office or component had developed the allegations. As a result, these allegations remained unresolved.
Missing Case Files - For the two allegations, which involved time and attendance abuse and poor customer service, the ORC could not locate the referrals or evidence that showed the allegations had been developed.
Allegations from Other Sources
CSI's case files for the three allegations received from other sources did not include sufficient evidence to determine the status of the allegations. According to CSI staff, when they investigate an employee-related allegation, one of three actions should occur when the case is resolved.
If the allegation is unsubstantiated, the case file is annotated, and a response may be sent to the employee's manager indicating nothing was found and the case was closed.
If employee misconduct is substantiated, the case is referred to HR for administrative or disciplinary action.
If criminal activity is suspected, the case is referred to OIG for appropriate action.
Although the case files for the three allegations contain evidence that CSI had conducted investigations and found the three employees were guilty of employee misconduct, there was no evidence in the files that the cases were referred to HR for administrative or disciplinary action. For example, in one case an employee was arrested by local law enforcement for suspicion of driving under the influence. While in custody, the local law enforcement found four Medicare cards in his possession. CSI's case file indicated that the employee had admitted to removing the Medicare cards from various case folders and gave the cards to individuals at no cost to obtain discounted fares from the local transportation authority. While the file contained evidence that the OIG was notified about the case, it did not contain clear evidence that the case was referred to HR for an adverse action.
We reviewed HR's personnel files to determine if the three employees had received an adverse action and we found that two of the employees were suspended for 14 days and the other employee resigned before an adverse action could be taken. Although it appears CSI referred the cases to HR, it needs to ensure that the case files accurately reflect the status of the allegation.
RECEIPT AND CONTROL OF ALLEGATIONS
SSA's procedures require the Region to preserve records that (1) adequately and properly document the organization, functions, policies, decisions, procedures, and essential transactions of the Agency and (2) protect the legal and financial rights of the Government and persons directly affected by its activities. In addition, SSA's procedures require that control logs be retained for a 2 year period.
Our review found that the ORC's tracking system was inadequate because it did not include all employee-related allegations. Also, we found that CSI did not maintain a control log to track the receipt and disposition of employee-related allegations.
Office of the Regional Commissioner
The ORC's Correspondence Tracking System, which is used to track all correspondence received by the ORC including OIG referrals, was incomplete because 37 of the 44 OIG referrals were not logged and the ORC did not track allegations received from other sources. According to ORC staff, the OIG referrals were not logged because the employee responsible for entering the data into the tracking system was not aware of the requirement to log the referrals. The employee has since been instructed to log all OIG referrals into the Correspondence Tracking System. Further, in November 2003 the ORC issued written policy regarding OIG referrals where it requires all OIG referrals to be logged into the tracking system. In addition, the policy requires the ORC to maintain copies of the OIG referrals and supporting documentation for 2 years.
We found that the ORC did not track allegations received from other sources because it did not have formal procedures in place to address these allegations. According to ORC staff, a majority of the allegations received are service-related complaints (e.g. timeliness of payments) that are resolved by ORC staff or the appropriate office and are not tracked due to the volume or lack of severity of the complaint. SSA established a new policy in July 2004 that requires the regions to track customer complaints to identify trends to improve customer service. The tracking system should include the status of complaints until they are resolved. Given that the allegations were not tracked, the ORC was unable to account for or provide evidence that the allegations were resolved. By not tracking the allegations, the ORC increases the risk that the allegations may not be properly developed and resolved.
Center for Security and Integrity
Our review found that CSI did not maintain a tracking system or control log to document the receipt, review, and disposition of employee allegations. CSI's policy is to create a case file only when an allegation is investigated. CSI provided us with case files for 19 employee-related allegations referred from other sources during FYs 2001 and 2002. Since CSI did not have a tracking system, we cannot be assured that the 19 case files represent a complete accounting of all employee allegations received and resolved. Furthermore, maintaining an adequate control system could assist CSI to ensure appropriate follow-up, eliminate duplication of efforts, and allow for the establishment of management information related to allegation trends.
CONCLUSION AND RECOMMENDATIONS
While the Region's policies and procedures for addressing employee-related allegations were generally adequate, we found the Region could improve in the areas of case development and documentation and receipt and control of allegation. Therefore, we recommend the Philadelphia Regional Office:
1. Maintain evidence (that is, case development, documentation, and control logs) that supports the clearance of employee-related allegations.
2. Develop and implement written policies and procedures for allegations from non-OIG sources to ensure appropriate information is recorded in the control system.
3. Develop and implement a control system that documents the receipt, development, and disposition of employee-related allegations.
AGENCY COMMENTS
The Region generally agreed with our first recommendation. The Region stated that it agreed that evidence supporting the resolution of employee-related allegations should be retained. However, it suggested that for allegations received from the OIG Hotline, Regional Offices should be provided the capability of using the existing Allegation Management Division (AMD) system to show jurisdictional transfers and case resolution.
The Region agreed partially with our second recommendation. The Region stated that it agreed that documentation used to take an administrative action should be maintained to support the action and that the current HR system does, generally, meet that need. However, due to the sensitive and confidential nature of the documentation, it does not agree that this information should appear on another system beyond the official adverse action file.
The Region generally agreed with our third recommendation. The Region stated that it agreed that it is important to control all allegations for resolution and it believes its current process of controlling non-OIG allegations is effective. Further, the Region stated that the creation of a separate and new system of record (SOR) using personal identifiers to track on-going allegations is an issue that it suggests be discussed at the national, rather than regional level, given the requirement that SORs must first be published in the Federal Register according to the Privacy Act requirements.
The Region disagreed with the narrative comment section stating there was no evidence in three files that the cases were referred for administrative or disciplinary action. According to the Region, the three files were working papers and not official files. Each file contained working paper notes and annotations indicating the names of people notified and the notification dates. Further, the Region stated that the cases were referred to the Center for Human Resources for administrative action and the employees received a disciplinary action. However, the Region did concede that the case files lacked a clear statement such as "referred to HR." The text of the Region's comments is included in Appendix D.
OIG RESPONSE
We appreciate the Region's comments on our report. Further, the Region provided technical comments that we considered and incorporated, where appropriate.
In regards to our first recommendation, we appreciate the Region's suggestion that Regional offices be provided access to AMD's system. However, due to the confidential and sensitive information maintained in the database, the OIG cannot provide the regional offices with access to the system. We believe the current process, which involves the Regions sending electronic responses to AMD is adequate for resolving the OIG referrals.
In reference to our second and third recommendations, we agree that the official
adverse action file should include documentation used to take an administrative
action against an employee. However, for those employee-related allegations
where an administrative action is not warranted, an adverse action file would
not be established. Therefore, we believe all employee-related allegations should
be part of an allegation control process that documents the receipt, development,
and disposition of all allegations. Further, we agree with the Region that the
creation of a new system of records, if needed, should be addressed at the national
level and that SSA should ensure that such a system is uniform throughout the
Agency.
Concerning our narrative comments about the status of the three allegations,
we acknowledged in the report that CSI had referred the three cases to HR for
administrative action based on our review of HR files. However, since CSI did
not maintain a tracking system or control log, the status of these allegations
was unclear
based on our review of the case files. We believe a control log would assist
CSI in ensuring the receipt, development, and disposition of its cases. We made
a similar recommendation in our June 2004 audit report, The Social Security
Administration's Regional Office Procedures for Addressing Employee-Related
Allegations in Region VIII (A-06-04-14075), where we found Region VIII's CSI
did not maintain a tracking system for allegations received. Region VIII agreed
to implement our recommendation by establishing a system that would track and
control all allegations received.
Steven L. Schaeffer
Appendices
APPENDIX A - Acronyms
APPENDIX B - Scope and Methodology
APPENDIX C - Flowcharts for Employee-Related Allegations
APPENDIX D - Employee Violations
APPENDIX E - Agency Comments
APPENDIX F - OIG Contacts and Staff Acknowledgments
Appendix A
Acronyms
AMD
CSI Allegation Management Division
Center for Security and Integrity
FY Fiscal Year
HR Center for Human Resources
OARS Operational and Administrative Records Schedules
OIG Office of the Inspector General
ORC Office of the Regional Commissioner
POMS Program Operations Manual System
Region Philadelphia Region
SSA Social Security Administration
SSN Social Security Number
Appendix B
Scope and Methodology
We limited our review to employee related allegations received by the Office of the Regional Commissioner (ORC), the Center for Security and Integrity (CSI), and adverse actions processed by the Center for Human Resources (HR) for Fiscal Years (FY) 2001 and 2002. To accomplish our objectives, we:
Reviewed the following criteria:
Office of Management and Budget Circular A-123, Management Accountability and
Control,
Program Operations Manual System,
The Social Security Administration's (SSA) Administrative Instructions Manual
System,
Annual Personnel Reminders, and
Standards of Ethical Conduct for Employees of the Executive Branch.
" Obtained a database of allegations received by the Office of the Inspector General (OIG) in FYs 2001 and 2002 to identify the universe of employee related allegations in Region III.
Reviewed 44 employee-related allegations received from the OIG Hotline.
Reviewed the 19 employee-related allegations received from sources other than
the OIG.
Interviewed officials within the ORC, CSI, and HR in Philadelphia, Pennsylvania.
Reviewed ORC and CSI documentation for the development of evidence related to allegations received from the OIG and other sources.
Reviewed documentation processed by HR for the development of evidence applicable to the adverse actions.
We performed fieldwork in Philadelphia, Pennsylvania from September 2003 through
April 2004. The entity audited was the Philadelphia Regional Office within the
Office of the Deputy Commissioner for Operations. We conducted our review in
accordance with generally accepted government auditing standards.
Appendix C
Flowcharts for Employee-Related Allegations
Appendix D
Employee Violations
LIST OF POTENTIAL EMPLOYEE VIOLATIONS
Employee violations include but are not limited to situations in which an employee
is suspected of willfully:
acting as an agent or attorney for prosecuting any Social Security claim before
the Commissioner while an employee;
disclosing without authorization any confidential information in violation of
the Social Security Act or the Privacy Act of 1974;
obtaining or attempting to obtain confidential information under false pretenses;
making or causing to be made any false representation concerning the requirements
of the Social Security Act or related provisions of the Internal Revenue Code;
asking for, accepting, or agreeing to accept anything of value from a third
party in return for executing or influencing the performance of official duties;
participating in the planning or execution of any scheme or other activity under
which a financial or other advantage improperly accrues or could accrue to any
person or organization at the expense of the Government or parties with whom
the Government may contract or otherwise deal;
stealing or otherwise illegally disposing of refund remittances, Government
checks, cash, directly deposited funds, or other obligations;
illegally generating Social Security checks or depositing funds electronically
to oneself or another;
stealing or mutilating Government records, or destroying or removing them without
authorization;
violating conflict of interest laws as described in the Ethics in Government
Act, the Standards of Ethical Conduct for Employees of the Executive Branch,
and the Social Security Administration's Guide on Employee Conduct;
making or causing to be made any false statement or representation about wages,
earnings, or self-employment income in connection with claims or the maintenance
of earnings records;
making or causing to be made any false statement or representation of a material
fact in an application for payments or for a disability determination, or at
any other time for use in determining rights to payments;
concealing or failing to disclose a fact or event affecting initial or continued
eligibility for payment;
furnishing or causing to be furnished false information about identity in connection
with a claim, issuing a Social Security number (SSN), or maintaining an earnings
record;
selling SSNs/cards; or
unlawfully disclosing, using, or compelling the disclosure of an SSN.
Source: SSA, Program Operations Manual System GN 04112.005D.
Appendix E
Agency Comments
SOCIAL SECURITY
MEMORANDUM
Date: August 24, 2004
To: Steve Schaeffer
Assistant Inspector General
From: Laurie Watkins
Regional Commissioner
Thank you for the opportunity to comment on the subject draft report. Please find our remarks below.
We agree that evidence supporting the resolution of employee-related allegations should be retained. For allegations received through the Hotline, Regional Offices should be provided the capability of using the existing AMD system to show jurisdictional transfers and case resolution. Regions should also have the capability of making interim notes. This would then eliminate the need to develop an entire subsystem to control work. Documentation of employee-related allegations resulting in administrative remedy should be retained with the Center for Human Resources (CHR), as CHR is responsible for the adjudication of the issue. CHR routinely does this in all cases. This parallels the documentation repository by the OIG Office of Investigation when issues of fraud are adjudicated.
We agree that documentation used to take an administrative action should be maintained to support that action. The current HR system does, generally, meet that need. The documentation is retained in an HR file specific to each employee. Due to the sensitive and confidential nature of the documentation, we do not agree that this information should appear on another system beyond the official adverse action file.
We agree that it is important to control all allegations for resolution. Controlling issues for receipt can be effectively accomplished in many ways. Currently, all allegations from sources other than OIG are controlled in the region, and we do an excellent job of controlling those cases. All cases are routed to one person who immediately establishes a secure file. That case file is housed in a separate locked location. Because of the limited number of cases in any year and the limited number of cases pending at any time (fewer than 10), this method provides for both an effective and secure control.
The creation of a separate and new system of record (SOR) using personal identifiers to track on-going allegations is an issue that we suggest be discussed at the national, rather than regional level, given the requirement that SORs must first be published in the Federal Register according to the Privacy Act requirements.
From a technical perspective, we disagree with the narrative comment section stating there was no evidence on three cases that the files were referred for administrative or disciplinary action. The three files in question contained only working papers and were not official files. As such, each file contained working paper notes and annotations indicating the names of people notified and the notification dates. In each case, the notification was given to the assigned staff member in CHR who eventually was responsible for the administrative action. Further evidence that the cases were referred are the resulting disciplinary actions. We do concede the file lacked a clear statement such as "referred to HR", but, again, the audit team reviewed a working file.
If you wish to discuss our comments on the draft report, please call me or have your staff contact Patricia Feinstein, Center Director for Security and Integrity at (215) 597-7740.
Laurie Watkins
Regional Commissioner
[In addition to the items listed above, SSA also provided technical comments
which have been addressed, where appropriate, in this report.]
Appendix F
OIG Contacts and Staff Acknowledgments
OIG Contacts
Walter Bayer, Director, Mid-Atlantic Division, (215) 597-4080
Cylinda McCloud-Keal, Audit Manager, (215) 597-0572
Acknowledgments
In addition to those named above:
Mary Dougherty, Auditor-in-Charge
Annette DeRito, Writer/Editor
For additional copies of this report, please visit our web site at www.ssa.gov/oig
or contact the Office of the Inspector General's Public Affairs Specialist at
(410) 965-3218. Refer to Common Identification Number A-03-04-14044.
Overview of the Office of the Inspector General
The Office of the Inspector General (OIG) is comprised of our Office of Investigations
(OI), Office of Audit (OA), Office of the Chief Counsel to the Inspector General
(OCCIG), and Office of Executive Operations (OEO). To ensure compliance with
policies and procedures, internal controls, and professional standards, we also
have a comprehensive Professional Responsibility and Quality Assurance program.
Office of Audit
OA conducts and/or supervises financial and performance audits of the Social
Security Administration's (SSA) programs and operations and makes recommendations
to ensure program objectives are achieved effectively and efficiently. Financial
audits assess whether SSA's financial statements fairly present SSA's financial
position, results of operations, and cash flow. Performance audits review the
economy, efficiency, and effectiveness of SSA's programs and operations. OA
also conducts short-term management and program evaluations and projects on
issues of concern to SSA, Congress, and the general public.
Office of Investigations
OI conducts and coordinates investigative activity related to fraud, waste,
abuse, and mismanagement in SSA programs and operations. This includes wrongdoing
by applicants, beneficiaries, contractors, third parties, or SSA employees performing
their official duties. This office serves as OIG liaison to the Department of
Justice on all matters relating to the investigations of SSA programs and personnel.
OI also conducts joint investigations with other Federal, State, and local law
enforcement agencies.
Office of the Chief Counsel to the Inspector General
OCCIG provides independent legal advice and counsel to the IG on various matters,
including statutes, regulations, legislation, and policy directives. OCCIG also
advises the IG on investigative procedures and techniques, as well as on legal
implications and conclusions to be drawn from audit and investigative material.
Finally, OCCIG administers the Civil Monetary Penalty program.
Office of Executive Operations
OEO supports OIG by providing information resource management and systems security.
OEO also coordinates OIG's budget, procurement, telecommunications, facilities,
and human resources. In addition, OEO is the focal point for OIG's strategic
planning function and the development and implementation of performance measures
required by the Government Performance and Results Act of 1993.