[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[H.R. 9537 Introduced in House (IH)]
<DOC>
118th CONGRESS
2d Session
H. R. 9537
To amend title 31, United States Code, to establish the Federal Real
Anti-fraud Unified Directorate, to require agencies implement anti-
fraud controls for programs susceptible to significant improper
payments and high-priority programs, and for other purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
September 11, 2024
Mr. Connolly introduced the following bill; which was referred to the
Committee on Oversight and Accountability
_______________________________________________________________________
A BILL
To amend title 31, United States Code, to establish the Federal Real
Anti-fraud Unified Directorate, to require agencies implement anti-
fraud controls for programs susceptible to significant improper
payments and high-priority programs, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Strengthening Tools to Obstruct and
Prevent Fraud Act of 2024'' or the ``STOP Fraud Act of 2024''.
SEC. 2. FEDERAL REAL ANTI-FRAUD UNIFIED DIRECTORATE.
Subchapter I of chapter 5 of title 31, United States Code, is
amended by adding at the end the following:
``Sec. 508. Federal Real Anti-fraud Unified Directorate
``(a) Establishment.--
``(1) In general.--There is established within the Office
of Management and Budget an office to be known as the Federal
Real Anti-fraud Unified Directorate or the FRAUD.
``(2) Administrator.--There shall be at the head of the
FRAUD an Administrator who shall be--
``(A) appointed by the President; and
``(B) compensated at the rate of pay in effect for
level III of the Executive Schedule under section 5314.
``(b) Duties.--The Administrator shall do the following:
``(1) Carry out the duties prescribed to the Administrator
under section 3360.
``(2) Coordinate activities related to reducing and
preventing fraud and improper payments--
``(A) sharing leading practices and tools with
agencies;
``(B) providing technical assistance to agencies in
implementing the fraud risk management activities
described in the GAO Fraud Risk Management Framework;
and
``(C) assisting agencies in the collection and use
of data, including by assisting agencies in--
``(i) working to overcome data sharing
barriers; and
``(ii) establishing metrics and
methodologies to measure the effectiveness of
programs and activities employed by agencies to
prevent and reduce fraud and improper payments.
``(3) Establish an online, publicly accessible dashboard on
the implementation of proactive analytics in programs
designated as susceptible to significant improper payments
under section 3359 that--
``(A) promotes transparency;
``(B) assists in the oversight of the
implementation of proactive analytics in such programs;
and
``(C) tracks cost savings, cost avoidance, and the
administrative burden attributable to such programs.
``(4) Refer any fraud, waste, or abuse discovered by the
Administrator to the appropriate Inspector General.
``(5) Carry out any additional duties that may be
prescribed by the Director.
``(c) Additional Authorities.--The Administrator may--
``(1) require agencies administering programs susceptible
to significant improper payments to submit information as may
be necessary to administer the dashboard required to be
established by subsection (b)(3), and promulgate regulations
that set standards for--
``(A) the type of information to be submitted; and
``(B) the format in which such information is to be
submitted;
``(2) provide technical assistance to agencies
administering a high-priority program, including by--
``(A) working on behalf of an agency administering
the program to overcome any issues that prevent the
agency from receiving or using data from other
governmental and non-governmental entities, including
by notifying Congress on behalf of the agency of any
Federal laws that prevent the agency from receiving or
using such data;
``(B) facilitating the collection of real-time data
to implement proactive analytics, including by--
``(i) identifying governmental or
commercial solutions to facilitate such
collection; and
``(ii) supporting the agency in identifying
potential sources of funding to facilitate such
collection;
``(C) providing non-reimbursable or reimbursable
services to agencies administering the programs; and
``(D) identifying strategies that may help the
program hire individuals with the requisite skills to
implement proactive analytics; and
``(3) refer any fraud, waste, or abuse discovered by the
Administrator to the appropriate Inspector General.
``(d) Definitions.--In this section, the terms `administrative
burden', `agency administering a high-priority program', `agency
administering a program susceptible to significant improper payments',
`anti-fraud control', `data', and `proactive analytics' have the
meanings given those terms in section 3360.''.
SEC. 3. ANTI-FRAUD CONTROLS FOR PROGRAMS SUSCEPTIBLE TO SIGNIFICANT
IMPROPER PAYMENTS AND HIGH-PRIORITY PROGRAMS.
Subchapter IV of chapter 33 of title 31, United States Code, is
amended by adding at the end the following:
``Sec. 3359. Proactive analytics with respect to programs susceptible
to significant improper payments
``(a) Designation of Programs Susceptible to Significant Improper
Payments.--Not later than October 1 of each year, for that fiscal year
and the next fiscal year, the head of each executive agency shall
designate as a program susceptible significant improper payments each
program that meets the following criteria:
``(1) With respect any program of the agency established
during the preceding two fiscal years, any such program making
more than $100,000,000 in payments in any one fiscal year.
``(2) For any program of the agency not established during
the preceding two fiscal years, any such program that had
outlays that exceeded $1,500,000,000 in the preceding fiscal
year.
``(b) Implementation of Proactive Analytics for High-Risk Area.--An
agency administering a program susceptible to significant improper
payments shall implement proactive analytics for one high-risk area of
the program.
``(c) Reports on Actions To Reduce Improper Payments.--Not later
than two years after a head of an agency has designated a program as
susceptible to improper payments, the head of the agency administering
the program shall submit a report on efforts of the agency to reduce
and prevent improper payments and fraud with respect to the program,
including the following:
``(1) With respect to a program that is not a high-priority
program at the time of the submission of the report, the
following:
``(A) A description of the proactive analytics
implemented in the two fiscal years preceding the
submission of the report to reduce improper payments
and fraud with respect to such program.
``(B) Metrics demonstrating the effectiveness of
the proactive analytics implemented.
``(C) An analysis of whether the agency anticipates
the program will remain `susceptible to improper
payments' and require continued designation as such.
``(D) A plan for--
``(i) continuing to use proactive analytics
with respect to that program;
``(ii) improving the proactive analytics
used with respect to that program; and
``(iii) identifying, in consultation with
the Administrator of the FRAUD, additional
fraud and improper payment mitigation
strategies, that could be employed by the
agency if the program is redesginated as a
program susceptible to significant improper
payments.
``(2) With respect to a program that is a high-priority
program at the time of the submission of the report, the
following:
``(A) A copy of the plan approved under section
3359 for the program.
``(B) Analysis of whether implementation of that
plan has reduced and prevented improper payments and
fraud.
``(C) If the plan has not reduced or prevented
improper payments or fraud--
``(i) an explanation of why the plan has
not reduced or prevented improper payments or
fraud; and
``(ii) a new plan with a different strategy
developed in consultation with the
Administrator of the FRAUD, to reduce or
prevent improper payments or fraud.
``(D) A statement of whether the agency has what is
needed with respect to internal controls, human
capital, and information systems and other
infrastructure, to implement the requirements described
in sections 3359 and 3360.
``(E) Estimates of--
``(i) any costs avoided and dollars saved
by the implementation of sections 3359 and
3360;
``(ii) any change in administrative burden
because of the implementation of sections 3359
and 3360; and
``(iii) the number of persons eligible to
obtain a thing of value that did not receive
such thing of value because of the
implementation of sections 3359 and 3360.
``(3) Whether the information technology (as defined in
section 11101 of title 40) used by the agency with respect to
the program is capable of delivering real-time data--
``(A) to the Administrator of the FRAUD for
inclusion in the dashboard required to be established
by section 508(b)(3); and
``(B) for the purpose of implementing proactive
analytics, as required under section 3359 and 3360.
``(4) A description of the quality of any improper payment
estimates and methodology of the agency relating to the
program, including--
``(A) challenges to accurately estimating improper
payments for the program; and
``(B) plans to improve the quality of the
estimates.
``Sec. 3360. Anti-fraud controls for high-priority programs
``(a) Designation.--By January 31 of each fiscal year, the
Administrator shall designate for the remainder of that fiscal year and
the next full fiscal year, any program with outlays in an amount equal
to or in excess of $50,000,000,000 with respect to the preceding fiscal
year as a high-priority program.
``(b) Plan To Implement Anti-Fraud Policy for Each High-Priority
Program.--
``(1) Plan.--The head of an agency administering a high-
priority program shall develop a plan to implement anti-fraud
controls for that program, that--
``(A) at a minimum includes a plan to use--
``(i) any solution that verifies and
authenticates identity, known as `digital
identity-proofing solutions', if determined
necessary by the Administrator to effectively
reduce and prevent fraud and improper payments
in the high-priority program;
``(ii) threat intelligence, including open
source intelligence and intelligence collected
from locations on the internet referred to as
the `deep web' and `dark web', to identify and
mitigate emerging fraud threats; and
``(iii) proactive analytics; and
``(B) takes into consideration the administrative
burden of implementing such anti-fraud controls,
including considering the fraud risk profile (as
defined in the study of the Government Accountability
Office titled `Framework for Managing Fraud Risks in
Federal Programs') of the program.
``(2) Initial submission of plan to administrator for
approval.--
``(A) Initial submission.--Not later than 90 days
after the date on which a program is designated as a
high-priority program under subsection (a), the agency
administering the high-priority program shall submit to
the Administrator the plan developed under paragraph
(1).
``(B) Approval or denial of plan.--Not later than
60 days after the date on which the plan is submitted
pursuant to subparagraph (A), the Administrator shall
approve or deny such plan.
``(3) Resubmission of plan to administrator for approval in
case of denial.--
``(A) In general.--An agency that submits a plan
that is denied by the Administrator under paragraph (2)
shall, until such time as the Administrator approves
the plan--
``(i) revise the plan; and
``(ii) submit the plan as revised under
clause (i) to the Administrator.
``(B) Approval or denial of revised plan.--The
Administrator shall approve or deny a plan submitted
under subparagraph (A) not later than 60 days after the
Administrator receives the plan.
``(C) Technical assistance.--The Administrator may
provide technical assistance to any agency required to
revise a plan under subparagraph (A).
``(4) Criteria for the approval or denial of plan.--Not
later than January 31 of each year, the Administrator shall
provide to each agency administering a high-priority program
criteria on the basis of which the Administrator will approve
or deny a plan under this subsection.
``(5) Report to congress.--An agency required to submit a
plan for approval under this subsection with respect a high-
priority program, and has such plan denied by the Administrator
three times, shall submit a report to Congress on why the plan
has not been approved by the Administrator.
``(c) Program Integrity Fund.--
``(1) Establishment.--There is established in the Treasury
of the United States a fund to be known as the Program
Integrity Fund.
``(2) Use of fund.--Amounts in the fund may be allocated by
the Administrator to agencies to implement plans approved by
the Administrator under subsection (b).
``(3) Management of the program integrity fund.--
``(A) Application process.--Not later than 90 days
after the date of the enactment of this paragraph, the
Administrator shall--
``(i) establish a process through which the
head of an agency may request that funds be
allocated from the Program Integrity Fund to
the agency; and
``(ii) submit to Congress a report that
describes the process established pursuant to
clause (i).
``(B) Award of funds.--In determining the amount,
if any, of funds to be allocated to an agency from the
Program Integrity Fund under paragraph (2), the
Administrator shall consider the extent to which the
plan approved by the Administrator under subsection (b)
of the agency--
``(i) implements the use of proactive
analytics;
``(ii) is likely to significantly reduce or
prevent improper payments and fraud; and
``(iii) considers the administrative burden
of implementing the plan, including whether
there is a clear indication that the agency
considered whether there are any anti-fraud
controls other than the anti-fraud controls to
be implemented under the plan that could be
implemented by the agency with less of an
administrative burden on individuals who
interact with the program.
``(4) Authorization of appropriations.--There are
authorized to be appropriated $1,000,000,000 for fiscal year
2025 for the Program Integrity Fund, to remain available until
expended.
``(d) Definitions.--In this section:
``(1) Administrator.--The term `Administrator' means the
Administrator of the FRAUD.
``(2) Administrative burden.--The term `administrative
burden' means a cost that a person incurs in interacting with
the agency to obtain a thing of value from the agency,
including the following:
``(A) The amount of time and effort expended by the
person to learn about--
``(i) the nature of the thing of value; and
``(ii) how to gain access to the thing of
value, including--
``(I) any program or service of the
agency through which the person may
obtain the thing of value from the
agency; and
``(II) any requirement and
condition that must be satisfied for
the person to obtain and maintain
possession of the thing of value from
the government program or service.
``(B) The amount of time it takes to--
``(i) provide information and documentation
to satisfy requirements to obtain and maintain
possession of the thing of value; and
``(ii) respond to discretionary requests of
program administrators for the purpose of
obtaining and maintaining possession of the
thing of value.
``(C) Any financial cost to access services that
may be necessary to receive the thing of value (such as
fees, legal representation, and travel costs).
``(3) Agency administering a program susceptible to
significant improper payments.--The term `agency administering
a program susceptible to significant improper payments' means
an agency that is responsible for administering at least one
program that is designated as susceptible to significant
improper payments under section 3359.
``(4) Agency administering a high-priority program.--The
term `agency administering a high-priority program' means an
agency that is responsible for administering at least one
program that is designated as high-priority under this section.
``(5) Anti-fraud control.--The term `anti-fraud control'
means a process, system, or technology that can be implemented
to prevent fraud and improper payments.
``(6) Data.--The term `data' has the meaning given the term
in section 3502 of title 44.
``(7) Device metadata.--The term `device metadata' means
structural or descriptive data about a connected device (as
defined in section 902(a) of the Consolidated Appropriations
Act, 2021 (47 U.S.C. 1306(a))), such as data about the type,
model, IP address, and geolocation of the device.
``(8) Fraud.--The term `fraud' means obtaining a thing of
value through willful misrepresentation.
``(9) Proactive analytics.--The term `proactive analytics'
means the collection and analysis of data (including data that
is device metadata, administrative data controlled by the
agency, and data from other governmental and non-governmental
sources) to prevent fraud and improper payments from occurring,
including by identifying anomalous or suspicious patterns that
might warrant further investigation.''.
SEC. 4. AMENDMENTS RELATED TO IMPROPER PAYMENTS PROVISIONS.
(a) In General.--Chapter 33 of subtitle III of title 31, United
States Code, is amended--
(1) in section 3351--
(A) in paragraph (2), by adding at the end the
following:
``(D) has satisfied the requirements of section
3360 with respect to each high-priority program
administered by the agency; and
``(E) has implemented proactive analytics for one
high-risk area in accordance with section 3359(b).'';
(B) by redesignating paragraphs (4), (5), (6), (7),
and (8) as paragraphs (5), (6), (8), (9), and (10),
respectively;
(C) by inserting after paragraph (3) the following:
``(4) High-priority program.--The term `high-priority
program' means a program designated under section 3360(a).'';
and
(D) by inserting after paragraph (6), as so
redesignated, the following:
``(7) Program susceptible to significant improper
payments.--The term `program susceptible to significant
improper payments' means a program designated under section
3359(a).'';
(2) in section 3352--
(A) by striking subsections (a), (b), (d), and (e);
(B) by redesignating subsections (c), (f), (g),
(h), and (i) as subsections (a), (b), (c), (d), and
(e), respectively;
(C) in subsection (a)(1), as so redesignated, by
striking ``With respect to each program and activity
identified under subsection (a)(1), the head of the
relevant executive agency shall'' and inserting ``With
respect to each program or activity with outlays
exceeding $1,500,000,000, the head of the relevant
executive agency shall ?'';
(D) in subsection (b)(2), as so redesignated--
(i) in subparagraph (A), by striking ``and
recovery actions'';
(ii) in subparagraph (D), by striking ``;
and'' and inserting a semicolon;
(iii) in subparagraph (E), by striking the
period at the end and inserting ``; and''; and
(iv) by inserting after subparagraph (E),
the following:
``(F) Governmentwide--
``(i) any cost avoided by implementing
sections 3359 and 3360;
``(ii) any change in administrative burden
by implementing sections 3359 and 3360; and
``(iii) the number of persons eligible to
obtain a thing of value that did not receive
such thing of value because of the
implementation of sections 3359 and 3360.'';
and
(E) in subsection (e), as so redesignated--
(i) in paragraph (1)(A), by striking
``shall'' and inserting ``may'';
(ii) by striking paragraph (3);
(iii) by redesignating paragraphs (4) and
(5) as paragraphs (3) and (4), respectively;
and
(iv) in paragraph (4), as so redesignated,
by striking ``paragraph (4)'' and inserting
``paragraph (3)'';
(3) in section 3353(a)--
(A) by striking ``Annual'' before ``Compliance'';
and
(B) in paragraph (1), by striking ``Each fiscal
year'' and inserting ``Not less frequently than once
every 3 fiscal years'';
(4) by striking section 3355; and
(5) by amending section 3357(d) to read as follows:
``(d) Reports.--For each fiscal year, the head of each agency shall
submit to Congress, in the report containing the annual financial
statement of the agency, a report that includes the following:
``(1) The progress of the agency in--
``(A) implementing--
``(i) the financial and administrative
controls required to be established under
subsection (c);
``(ii) the fraud risk principles in the
standards established by the Government
Accountability Office in the Standards for
Internal Control in the Federal Government
(commonly known as the Green Book); and
``(iii) the requirements in the Office of
Management and Budget Circular A-123 with
respect to the leading practices for managing
fraud risk;
``(B) identifying fraud risks and vulnerabilities,
including with respect to payroll, beneficiary
payments, grants, large contracts, and purchase and
travel cards; and
``(C) establishing strategies, procedures, and
other steps to curb fraud.
``(2) In accordance with the report of the Government
Accountability Office titled `Framework for Managing Fraud
Risks in Federal Programs,', published on July 28, 2015, the
following:
``(A) An identification of--
``(i) the entity of the agency and the
personnel of the entity dedicated to leading
the fraud risk management activities of the
agency;
``(ii) roles and responsibilities of the
personnel of such entity, including any program
or operation for which the personnel is
responsible for overseeing;
``(iii) capacity, including any limitation,
of such entity to strategically manage fraud
risks; and
``(iv) any program or operation for which
there is not personnel dedicated to leading
fraud risk management activities, along with a
detailed justification for why the agency does
not have an dedicated personnel to lead fraud
risk management activities.
``(B) The status of the fraud risk profiles of each
program and operation of the agency, including--
``(i) the date on which the profiles were
last updated; and
``(ii) the date on which the agency plans
to next update the profile.
``(C) Any program or operation for which there is
not a fraud risk profile, along with a detailed
justification for why such program or operation does
not have a fraud risk profile.
``(D) The status of any anti-fraud strategy for
each program and operation of the agency, including--
``(i) the date on which any such strategy
was last updated; and
``(ii) the date on which the agency plans
to next update each such strategy.
``(E) Any program or operation for which there is
not any anti-fraud strategy, along with a detailed
justification for why there is not any anti-fraud
strategy for such program or operation.''.
(b) Recovery of Costs.--Section 3806(g)(1) of title 31, United
States Code, is amended to read as follows:
``(1) Recovery of costs.--
``(A) Except as provided in paragraph (2)--
``(i) any amount collected under this
chapter or chapter 33 shall be used to
reimburse any authority that obligated funds in
support of efforts of the authority to reduce
or prevent improper payments or fraud,
including prosecution of the action, any court
or hearing costs, investments in information
technologies, or the hiring of additional staff
related to such efforts; and
``(ii) amounts reimbursed under clause (i)
shall--
``(I) be deposited in--
``(aa) the appropriations
account of the authority from
which the funds described in
subparagraph (A) were
obligated;
``(bb) any other similar
appropriations account of the
authority; or
``(cc) if the authority
obligated nonappropriated
funds, an appropriate account
other than any account under
item (aa) or (bb); and
``(II) remain available until
expended.
``(B) Any amount remaining after reimbursements
described in subparagraph (A) shall be deposited as
miscellaneous receipts in the Treasury of the United
States.''.
(c) Delegation to FRAUD.--The Director of the Office of Management
and Budget shall delegate to the Administrator of the FRAUD any
function of the Director under subchapter IV of chapter 33 of title 31,
United States Code, relating to the identification, analysis, and
reduction of improper payments and fraud.
SEC. 5. TECHNICAL AND CONFORMING AMENDMENTS.
(a) Section 3351.--Section 3351 of title 31, United States Code, is
amended--
(1) in paragraph (2)--
(A) in subparagraph (C), by striking ``programs and
activities identified'' and inserting ``programs
described under'';
(B) in subparagraph (F), by striking ``section
3352(c)'' and inserting ``section 3352(a)'';
(C) by striking subparagraphs (B), (D), and (E);
and
(D) by redesignating subparagraphs (C) and (F) as
subparagraphs (B) and (C) respectively; and
(2) in paragraph (9), by striking ``section 3352(i)'' and
inserting ``section 3352(e)''.
(b) Amendment to Table of Contents.--The table of contents for--
(1) subchapter I of chapter 5 of subtitle I of title 31,
United States Code, is amended by adding at the end the
following:
``Sec. 508. Federal Real Anti-fraud Unified Directorate.'';
and
(2) subchapter IV of chapter 33 of subtitle III of title
31, United States Code, is amended by--
(A) striking the item related to section 3355; and
(B) adding at the end the following new item:
``Sec. 3359. Proactive analytics with respect to programs susceptible
to significant improper payments.
``Sec. 3360. Anti-fraud controls for high-priority programs.''.
<all>