June 13, 2024


Law can do.

How government benefits programs became a nightmare for banks


For nearly a decade, citizens of almost all 50 states could get unemployment benefits loaded on a prepaid debit card. But not anymore.

In late December, the state of Illinois went back to cutting paper checks for jobless benefits instead of loading funds onto prepaid cards. Jobless claimants who had prepaid cards were forced to switch to direct deposit or paper checks after KeyBank, a unit of the $186.3 billion-asset KeyCorp in Cleveland, decided to stop providing prepaid cards for jobless benefits in the state.

Last year Maryland gave its public beneficiaries the same choice after the $2.2 trillion-asset Bank of America, of Charlotte, North Carolina, elected not to renew its contract to issue benefits on prepaid cards. KeyBank and BofA declined to comment for this story.

A decade ago it seemed like a win-win solution for state agencies to team up with banks to deliver government benefits on prepaid debit cards. States could reduce the costs of cutting checks and paying for stamps. They could push the customer service function of dealing with the public off to a bank partner and also reach people with no permanent address or bank account. Consumer advocates hailed prepaid cards as the next frontier in delivering benefits efficiently.

But the COVID-19 pandemic scrambled the economics of delivering jobless benefits on prepaid cards. State jobless benefits systems were not designed for a massive uptick in claims and the rampant fraud that ricocheted through the system, increasing risks for banks.

ABM0422_Cover Image.jpg

“Banks are payment processors and they are being asked to get involved in stopping the fraud,” said Haywood “Woody” Talcove, a fraud expert and the CEO of LexisNexis Special Services. “States were not using the tools that banks have to address the fraud risk, and it goes back to how the states are paying for these services. Why would a bank continue to provide a service when they’re losing money?”

Though the pandemic may have helped spur the growth of innovative payments in the broader economy, the heightened risks of providing prepaid card services to the jobless has forced some states in the opposite direction. And it isn’t clear whether banks, fintechs or states themselves have a strategy to turn that trend around.

“The pandemic turned a lot of chronic problems into acute problems, such as the neglected spending on state infrastructure and technology for these programs,” said Ben Jackson, chief operating officer at the Innovative Payments Association, a trade group for prepaid card issuers.

Bank of America became the poster child for the kind of regulatory and economic blowback that can result from administering government benefits. BofA faces investigations by federal regulators and lawsuits filed on behalf of dozens of jobless claimants in California who were unable to access their benefits during the pandemic as both the bank and the state sought to curb rampant fraud.

The pullbacks by Bank of America and KeyBank are a warning sign that government benefits contracts can be risky, unprofitable and, at times, dangerous to a bank’s reputation. Before the pandemic, jobless benefits programs were seen as an obscure administrative function tucked inside a government services unit or the municipal banking division of a large bank.

Seemingly overnight, state jobless agencies and banks were in the line of fire, working around-the-clock to address fraud while also fielding calls from disgruntled, anxious jobless beneficiaries trying to get their money to survive. The situation was so dire in California U.S. District Judge Vince Chhabria wrote in class-action litigation last year, that the harm being suffered by tens of thousands of beneficiaries was “irreparable.”

“Continual denial of these benefits will seriously hinder the ability of many class members to feed their families and keep a roof over their heads,” Chhabria wrote.

Looking back, some experts are trying to identify what worked and how to bring state systems more in line with those of banks. Many experts say that another crisis could be just around the corner and that state agencies need to build on what they learned from the pandemic to address cybersecurity and other risks.

Jeff Ficke, CEO and founder of Russell Allen Partners, a Cincinnati consulting firm, helped lead a public-private partnership that tapped Ohio CEOs for their expertise and advice on cybersecurity and the use of Big Tech analytics.

Jeff Ficke, CEO and founder of Russell Allen Partners
Jeff Ficke, CEO and founder of Russell Allen Partners

Emma Lou Photo

“We used advanced analytics to identify citizens who needed to get paid immediately,” said Ficke, a former senior vice president of the enterprise payments division at Fifth Third Bank. “It wasn’t always to catch the bad guys, it was to get money to people who needed it now.”

Trial by fire

In Ohio, fraud was so widespread that Gov. Mike DeWine, his wife, Fran, and Lt. Gov. Jon Husted all had fraudulent jobless claims filed in their names. (They weren’t the only ones. A California woman collected jobless benefits in the name of Sen. Dianne Feinstein.)

Under pressure to address the fraud, DeWine turned to the private sector for help. He enlisted former Rep. Pat Tiberi, the president and chief executive of the Ohio Business Roundtable, to line up bankers, insurance executives and others with expertise in payments and large-scale call centers to help the state agency tackle the problem.

“There was unprecedented activity around fraud and the backlog of unprocessed claims,” Ficke said. “There was a lack of ability to just answer phone calls from the massive number of people calling in.”

In Ohio, nearly 800,000 of the 1.4 million jobless claims filed were flagged for potential fraud.

“The kind of fraud we were experiencing was not the traditional kind of fraud that any state would see in unemployment in the past,” said Matt Damschroder, director of the Ohio Department of Job and Family Services. “We were hit hard as a result of the pandemic, and Ohio wasn’t alone in this.”

Fraud experts fault the federal Pandemic Unemployment Assistance program, which did not require income or employment verification in the push to get benefits out quickly to millions of people who became jobless virtually overnight. Without verification requirements, fraudsters were able to self-certify their eligibility for state benefits, experts said.

A key issue Ficke identified is that there is no federal system that allows state payment platforms and banks that administer jobless benefits to track payments, fraud and other issues.

The sheer volume of government benefits money attracted fraudsters like moths drawn to a light.

Larger pandemic payments made it worthwhile for scammers to target state agencies because benefits rose to more than $1,000 a week, from a previous $300 to $400 a week. Many states that were already struggling with outmoded computer systems admitted they were targeted by organized crime syndicates.

The Federal Reserve found that state and federal government offices disbursed $408.9 billion through government-administered prepaid cards in 2020, more than triple the $135 billion in 2019.

That total figure includes a wide range of initiatives such as Supplemental Nutrition Assistance Program (formerly known as food stamps), not just jobless benefits. It excludes disbursement by direct deposit.

“Many states did not have rudimentary protections for fraud,” Talcove said. “It wasn’t just California, it was across the country.”

California became a target because of the sheer amount of pandemic relief given out with few restrictions. The state estimates that $20 billion of the $180 billion in benefits paid out since March 2020 went to fraudsters. Among these were prison inmates who applied for and received benefits from the state’s Employment Development Department.

Fraud experts and state officials point out that the vast majority of fraud in state jobless programs occurred at the front-end, in the state enrollment process. Banks then had to deal with fraud on the back end as well.

Many legitimate beneficiaries alleged they were the victims of identity theft and that money was stolen from their prepaid accounts through unauthorized transactions. Banks struggled and did not have the staff to cope with the various types of fraud that led to an onslaught of calls and complaints.

“Banks don’t want to engage in manually and operationally intensive research and investigation as part of their processes,” said Tom Miller, CEO of ClearForce, a data analytics and risk management firm in Vienna, Virginia, who has expertise in fraud in the government’s Paycheck Protection Program.

A deluge of fraud

Like other states, Ohio was hampered by a more than 20-year-old IT system, one the Department of Job and Family Services was in the process of replacing.

“We were at a point where we had huge numbers of claims coming in, a huge backlog of claims to process and then all of the contact centers for the public were also swamped,” Damschroder said. “The claims that were fraudulent came into the state system. We tried to lock the front door, lock the windows, and prevent it on the front end because every fraud claim that came in was taking away from a legitimate claimant.”

The net result of outdated state systems and minimal fraud protections was that banks had to pay vastly more claims than expected, primarily due to fraud. That turned a business that made modest profits into one that generated horrendous losses.

ABM0422_US Map.jpg

For BofA, the pandemic skewed the cost of administering California jobless benefits, which the bank started handling in 2010. In its best year, BofA said it earned $1 million in pretax income from its benefits contract with the Golden State.

BofA lost a total of $240 million on California’s Employment Development Department over a 10-year period that ended in 2020, bank executives told Sacramento lawmakers last year. At the height of the pandemic, BofA faced a deluge of 40,000 fraud claims a month just in California.

At the federal level, the Office of the Comptroller of the Currency and the Consumer Financial Protection Bureau began scrutinizing BofA’s actions. Bank of America’s woes were exacerbated by a half-century-old law governing electronic transfers that lacks a clause for dealing with a tsunami of claims deluging a bank.

The bank also faces more than a dozen potential class-action lawsuits and a court-ordered review of tens of thousands of fraud claims. BofA has denied wrongdoing and has asked for the lawsuits to be dismissed.

Last month, in a regulatory filing with the Securities and Exchange Commission, Bank of America warned that processing unemployment benefits in California and other states may lead to “judgments, orders, settlements, penalties and fines.”

The bank listed a range of issues — from litigation and investigative costs to regulatory actions — that could have a “material adverse effect” on the bank’s financial condition. It emphasized that the programs could also cause “significant reputational harm.”

Though California’s jobless benefits program became a messy and expensive debacle for BofA, the reason for its pullback from state benefits programs becomes clearer by looking at the volume of claims it had to deal with. In addition, banks have legal requirements to promptly investigate and respond to consumer fraud claims, which, for Bank of America, led to millions in losses.

Coming back for seconds

As BofA and California’s jobs agency were trying to stop fraud on the front end, many of the criminals who had first duped the state into paying them jobless benefits sought to double-dip by filing fraud claims themselves with BofA.

When a cardholder reports fraud on a prepaid card, banks are required by the Electronic Fund Transfer Act to give provisional credit within 10 days of being notified of an error, typically a purchase the consumer claimed it didn’t authorize. Banks typically have 45 days to conduct an investigation, and if fraud isn’t found the credit becomes permanent.

Fraudsters were well aware of the law, known by its implementing statute Regulation E. After first duping the state employment agency into paying jobless benefits, thousands of fraudsters then sought to double-dip by filing claims to get provisional credits from the bank. BofA told state lawmakers in December 2020 that it had paid “hundreds of millions of dollars,” in credits to fraudsters.

Before the pandemic, BofA distributed jobless benefit programs in 12 states. Today it serves only two — California and New Jersey. Last year, BofA tried to get out of its contract with California, but was denied by the state.

While some agencies have adopted best practices, others have not. It is also unclear what impact there will be on consumers if banks bail out of the programs.

“It’s going to create a crisis for beneficiaries if banks don’t do this work,” Talcove said.

BofA’s exit leaves just a few large banks in the mix. The $567 billion-asset U.S. Bancorp, of Minneapolis, is the largest player in state benefits programs, operating in more than 20 states, followed by the $73.4 billion-asset Comerica Bank in Dallas, which operates in nearly a dozen states. U.S. Bank and Comerica declined to comment.

Experts in government benefits often point to the federal Direct Express program as an example of the government subsidizing a prepaid card program. Direct Express is a Treasury program that allows Social Security, veterans and federal disability beneficiaries who do not have a bank account to get their funds on a reloadable prepaid card.

Comerica has run the program since it began in 2008. In recent years, beneficiaries alleged that Comerica failed to investigate fraud and the Treasury’s Office of the Inspector General recommended that Comerica’s compensation be cut for poor performance. But Treasury has always renewed Comerica’s contracts and has made payments to the bank to operate the program.

Managing costs

Government benefits programs are tricky because states want to reduce costs and keep fees at a minimum. There are often restrictions by states on what fees banks can charge jobless cardholders.

“Governments don’t want the programs to charge any fees because it’s politically untenable,” Jackson said. “Banks may have reached the point where the programs do not always cover their costs.”

State agencies typically negotiate with banks based on the lowest fees to cardholders. While contracts vary from state to state, many states also share in any revenue from fees and get a percentage of the interchange fees paid by merchants with every swipe of a prepaid card.

During the pandemic, online purchases skyrocketed and interchange income did as well. Issuers of government-administered prepaid cards collected roughly $1 billion in interchange fees in 2020, and roughly $272 million in cardholder fees, according to a Federal Reserve report last year.

Banks collected roughly $190 million in ATM fees from government prepaid cards, which were the largest source of revenue, followed by $39 million in account servicing fees and $21 million in customer service inquiry fees in 2020, the Fed found.

“Everyone wants government programs to be a steady, reliable business,” Jackson said. “But these are not huge money makers for banks.”

While state agencies benefit from outsourcing the customer service and call center costs to banks, banks typically absorb many other costs including operating ATMs, keeping them stuffed with cash and processing data requests, such as when cardholders check the balance on their card.

States usually provide at least two payment options for receiving benefits. One of those options, direct deposit, helps to significantly reduce fraud and costs a penny a transaction. Only two states — California and Nevada — do not offer direct deposit as an option.

The return to mailing paper checks means states could be spending more on stamps and delivery charges of roughly $2.50 or more per check.

“Writing checks costs a fortune!” Talcove said.

Solutions to fight fraud

Ohio is one example of a state in which a public-private partnership helped the state’s jobs agency turn the tide. With the input from bankers and others, the state agency added ReCaptcha, multifactor authentication, one-time passwords, challenge questions and identity verification to its online and phone systems. Monthly claim volume subsequently dropped by more than 90%.

“When we started putting additional fraud detection technology in, we were able to prioritize claims that had few fraud flags, and the inbound claim volume dropped incredibly,” Damschroder said. “We could tune these systems to not block legitimate claims but also stay ahead of potential bad guys.”

The agency also was able to adopt customer service changes such as a callback feature and predictive routing to get callers to a specific individual for help.

“We need to have some of the same approaches from a customer-service standpoint and customer experience design standpoint that the private sector already has,” Damschroder said.

Ficke says there’s more potential now to create improved systems and services. Ohio contracted with LexisNexis to prevent identity theft in the frontend enrollment process, and with Google Cloud’s government division to help differentiate real citizens from cybercriminals.

“Ohio had to use Big Data to assess where the likelihood was of real citizens versus fraudsters, and it prioritized the way we adjudicated claims and helped us accelerate it by months,” Ficke said.

His hope is that the industry will come up with solutions that could make state benefits programs attractive again for banks. There currently is no centralized system to track payments and trend across multiple government payment platforms, which opens the door to the potential for change ahead.

“There are a lot of people doing a lot of hard work on this,” Ficke said. “It’s an opportunity to focus on a type of payments platform that benefits the state agencies, banks and consumers.”


Source link