SSA needs sufficient authentication controls in place to prevent the processing of potentially
unauthorized changes to a beneficiary's direct deposit records. Confirming a beneficiary's PII
does not guarantee the caller is the beneficiary; SSA has beneficiary-specific information in its
systems it could request for additional verification purposes.
In another review, we have found that the Agency's controls over direct deposit account
changes made in SSA field offices were not fully effective. We found that SSA's procedures to
redirect Social Security payments required a lower level of identity verification than for other
business transactions. SSA should implement more robust identity verification procedures
before processing account changes.
Beneficiaries may also make direct deposit changes through automated enrollment with
financial institutions; in Calendar Year 2011, this method accounted for a large number of
account changes, including initiating direct deposit. The financial institutions then forward the
account information to SSA through the Treasury. However, we found several financial
institutions provided SSA unauthorized direct deposit changes through automated enrollment
requests, which the Agency then processed. SSA has stated its systems are not designed to
prevent processing unauthorized automated enrollment changes. Moreover, financial institutions
perform identity verification at their own discretion; they themselves must implement reasonable
procedures to verify the identities of individuals who open new accounts. Because SSA relies on
the financial community for accurate and secure information, but is not directly involved with the
individual institutions, the Agency must work with the Treasury to improve banks and credit
unions' identity verification controls for account changes.
In addition to what appeared to be unauthorized direct deposit changes using traditional bank
accounts, we found that some financial institutions provided potentially fraudulent direct deposit
changes to prepaid debit cards. Beneficiaries can use any of SSA's direct deposit change
methods to redirect their benefits to a prepaid debit card. These cards are purchased at retailers
or online. Financial institutions issue these cards through many different service providers. In
August, a major pre-paid debit card vendor informed my office that it would add additional
authentication controls to its online Federal-payment enrollment process by the end of the year.
The Treasury should also consider the option of developing unique routing numbers for pre-paid
debit cards, as these cards are particularly tempting tools for benefit thieves.
We have also reviewed the Treasury's Direct Express debit card program. Direct Express is a
low-cost program, administered by Comerica Bank, which allows beneficiaries who do not have
a bank account to access their Federal benefit payments with a debit card.
We found that SSA could improve its controls over the enrollment and post-entitlement process
for beneficiaries in the Direct Express program. When Comerica initiates and verifies
identification for Direct Express enrollments with SSA, the Agency matches a limited amount of
beneficiary information against the Direct Express record to verify and approve the enrollment.
SSA should work with the Treasury and Comerica to enhance identity verification for enrollment
and incorporate SSA policies into the Direct Express program. For example, Direct Express
should not allow multiple beneficiaries to enroll on the same card without SSA's explicit
approval; and debit cards should not be sent to foreign addresses if residency is a factor in
continuing eligibility for benefits, as in the Supplemental Security Income program.
We are working on one additional report that will quantify the cost of replacing Social Security
benefit payments that were lost due to unauthorized direct deposit changes.