It's been a bad few years for Michigan's Unemployment Insurance Agency.
The pandemic forced thousands of Michiganders to look for help when they couldn't work, and the agency saw a flood of need it was woefully unprepared for.
Adapting as quickly as they could, the Department of Labor and Economic Opportunity (LEO) as well as the UIA missed the mark by a shockingly wide margin.
First, it was discovered that the UIA had overpaid nearly $8.5 billion in improper benefits. Now, more information has come out in a report from the office of the state's auditor general — it's not pretty.
To deal with the increased need, the LEO and the UIA brought on more people. In March of 2020 the agency had 754 employees. The peak staffing during the pandemic came in April of 2021 when the agency employed 4,410, a 485% increase.
Those staffers were responsible for handling the more than 5.2 million claims filed between March 2020 and June 2021, adding up to more than $36.5 billion in benefits to Michiganders. In order to do that job, they needed access to MiDAS, the state's data system. That's where the cracks start to show.
According to the audit done by the Office of the Auditor General, the UIA failed to conduct routine background checks on 5,508 employees. Of those employees, 169 had criminal history which included a misdemeanor and/or felony conviction. Forty seven of them had multiple felony convictions, including financial crimes like embezzlement, identity theft, illegal sale/use of financial transaction devices, false pretenses with intent to defraud, armed robbery and identity theft.
"It just does not make any sense," said State representative Steven Johnson, R-Wayland. "It’s standard practice to do background checks, and they just failed to do it. The people of Michigan deserve better." Johnson Chairs the house oversight committee, and says there will be another joint hearing with the Senate to review the findings of this audit.
The audit also found glaring issues when it came to data security. Sixty two of 139 workers sampled in the audit had access to MiDAS while working, and on average, access to the system lasted 32.6 days once their employment ended.
The data issues don't end there. LEO contracted three temporary worker agencies and 16 Michigan Works agencies to find staff. For two of the three agencies, they did not sign a data security agreement, and the third was did not sign one in a timely manner. It also took an average of 40 days for the third party employees to sign data sharing agreements.
Part of the audit is a requirement for the agencies investigated to submit their plan to the state for how they will improve on the findings. You can read the entire audit below.
These are the responses to each individual finding in the audit from a UIA representative:
Finding 1: Contracting
- LEO/UIA will work to ensure that all agreements and extensions are processed timely, signed by all parties and cover the entire period of performance.
- LEO has a new Chief Operating Officer in place and improved internal communications to assurework changes are processed in a timely manner.
- Future conflict of interest and ethics provisions are incorporated into terms of purchase orders.
- On future contracts, certificates of insurance will name State of Michigan as an insured party and federal provisions addendums will be in place when contracts are signed.
Finding 2: Removal of information system access
- UIA has improved the removal process so that every day it completes offboarding of permanent and contract staff.
- We will implement process to review timely removal of system access for all contract workers and UIA employees.
Finding 3: Data security
- UIA will develop a more standardized process for the establishment of data sharing agreements before granting access to MiDAS to outside workers.
- All contract agencies currently assisting the UIA have DSAs in place and their employees have taken the required compliance trainings and sign confidentiality agreements.
- UIA will improve its documentation to demonstrate workers have completed all required training.
Finding 4: Criminal history checks
- UIA has worked with contracting agencies to ensure background checks for all contract employees were completed.
- UIA is working with LEO HR to strengthen UIA-specific background check policy and process, including defining types of history/convictions that would preclude someone from gaining access to MiDAS.
Finding 5: Training
- All contracted agency workers are required to complete job training courses before starting their assigned job duties.
- UIA is purchasing a new learning management system which will provide a transcript for each employee or contractor who completes any training module through our Center for Learning Development.
Finding 6: Least privilege
- MiDAS access user rights for all contractor groups based on job functionality and following the principle of least privilege have been developed.
- UIA began updating user access rights in July 2021, completing the process by December 31, 2021
Read the full report here: