controlling chaos (rudall30/Shutterstock.com)

Legacy tech, insufficient coordination hampered COVID relief

States faced challenges responding to the COVID-19 outbreak because of outdated software and an overwhelming number of benefits program applications, according to a new report from the Government Accountability Office.

The variance in state and local agencies’ “ability to easily modify data systems to incorporate new flexibilities” led to numerous delays and interoperability challenges across multiple CARES Act recovery programs, GAO found.

The Department of Health and Human Services reported that states had to coordinate data across different systems to serve existing beneficiaries and accommodate the surge of new applicants for programs like Electronic Benefit Transfer and Supplemental Nutrition Assistance Program payments. Meanwhile, states’ uneven technological sophistication made remote collaboration difficult while they tried to coordinate payments for the Women, Infants and Children program.

According to Department of Labor officials, many states processing unemployment claims (UI) were using IT systems “that date as far back as the 1970s" and crashed under the load of newly laid off workers filing for benefits. The department has provided federal grants, technical assistance and guidance to help modernize those systems, but "relatively few" states conducted adequate load-testing to handle the volume of claims they have received since March.

These systems was already straining, with federal and state governments overseeing more than $2.7 billion in improper unemployment payments in 2019, and overseers worry the numbers will look even worse this year as the government has rushed to respond to the economic fallout of the virus.

A rushed response also led the IRS to send more than a million stimulus checks to citizens who were deceased. The agency emphasized speed to get relief dollars into the hands of Americans as soon as possible, leading to processing errors and opening the door to potential fraud. Auditors suggested that implementing 2018 recommendations to align their authentication practices with cybersecurity guidance from the National Institute of Standards and Technology and making better use of death data housed at the Department of Treasury and other agencies could address the problem.

Auditors noted that "IRS has full access to the death data maintained by the Social Security Administration … but Treasury and its Bureau of the Fiscal Service, which distribute the payments, do not."

In a response attached to the audit, IRS Chief Risk Officer Tom Brandt said employees worked "around the clock since mid-March to develop new tools and new guidance" to handle economic impact payments but acknowledged that "our work is not done yet" and the agency will consider the GAO's recommendations further.

IT challenges and delays also reportedly hampered efforts by the Small Business Administration to process economic injury disaster loans, though details are scarce. The report painted a portrait of disorganized agency that at times was unresponsive to oversight. While auditors asked to meet with agency officials on April 13 to get more detailed information on individual loan data and other aspects of the response, SBA didn't agree to a meeting until June 1 and provided "primarily publicly available information in response to our inquiries" about loan data, GAO said.

In a statement, House Oversight and Government Reform Chairwoman Rep. Carolyn Maloney (D-N.Y.) said the report "provides a comprehensive and independent look at the Trump administration's incompetent and dangerous response to the coronavirus pandemic" and pressed for more information on IRS stimulus payments to dead Americans. She also called on SBA to address transparency concerns about its loan program "immediately."

SBA responded to a draft version of the report disputing GAO's claims, saying it offered staff for interviews and provided 420 pages, including "information on loan numbers and loan volume, the number and type of lenders participating in [the Paycheck Protection Program], loan numbers and loan volume for each type of lender, loan numbers and volume by industry and state" and other figures.

"To be clear, SBA has never refused to provide data to GAO," wrote William Manger, chief of staff for Administrator Jovita Carranza.

Federal agencies were of course not immune from technological troubles, and the audit suggested modernization efforts at the IRS, the Department of Housing and Urban Development and other agencies can better position them to process funds related to the CARES Act.

This article was first posted to FCW, a sibling site to GCN.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.


Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.