Main Banner

NEWS from the Office of the New York State Comptroller
Contact: Press Office 518-474-4015


State Comptroller DiNapoli Releases Audits

July 31, 2023

New York State Comptroller Thomas P. DiNapoli announced today the following audits have been issued.

State Education Department (Preschool Special Education Audit Initiative) – Step Up Therapy Services, PLLC – Compliance With the Reimbursable Cost Manual (2021-S-31)

Step Up, a New York City-based not-for-profit organization, is approved by the State Education Department to provide preschool special education itinerant teacher services to children with disabilities who are between the ages of three and five years. For the three fiscal years ended June 30, 2015, Step Up reported approximately $7.4 million in reimbursable costs for the SED preschool cost-based program. Auditors identified $810,382 in reported costs that did not comply with requirements.

Department of Health – Improper Supplemental Maternity Capitation Payments to Managed Care Organizations (Follow-Up) (2023-F-3)

Many of the State’s Medicaid recipients receive their services through managed care, whereby the Department of Health (DOH) pays managed care organizations (MCOs) a monthly premium for each enrolled recipient and, in turn, the MCOs pay for services their members require. In addition to the monthly premiums, MCOs can receive a one-time Supplemental Maternity Capitation Payment (SMCP) for the prenatal and postpartum physician care and hospital or birthing center delivery costs associated with the maternity care of a recipient. MCOs are not eligible to receive SMCPs for maternity cases that end in termination or a miscarriage, as these are considered reimbursed to the MCO through the monthly premium for the recipient, and must submit encounter claim data as evidence of the delivery and any other inpatient and outpatient maternity services provided.

A prior audit report, issued in November 2021, found about $55 million in improper and questionable SMCPs to MCOs. Auditors also determined DOH’s eMedNY claims processing system did not have access to maternity encounter data to verify that SMCP claims were eligible for reimbursement. Instead, DOH relied on audits by the Office of the Medicaid Inspector General (OMIG) to identify and recoup inappropriate SMCPs. However, auditors found OMIG was not performing these audits in a timely manner and the audits did not capture all improper SMCPs.

The follow-up found that DOH made some progress in addressing the problems identified in the initial audit report, but additional actions are still required. For example, a significant portion of the questionable claims identified have not been reviewed, and DOH has not followed up with the 10 MCOs identified in the initial audit to ensure issues with their claims processing systems were resolved. Of the initial report’s six audit recommendations, three were partially implemented, and three were not implemented.

Metropolitan Transportation Authority – Fare Evasion (Follow-Up) (2022-F-23)

For 2018, the Metropolitan Transportation Authority (MTA) reported a total of $225 million in revenue loss due to fare evasion at New York City Transit (Transit) and MTA Bus. Among other actions, the MTA launched the Fare Enforcement and Worker Safety Program (Program) to deter fare evasion. A prior report, issued in April 2021, found that the MTA did not provide assurance that the Program was effective in achieving its goal of reducing annual fare evasion losses below 2017 levels ($150 million). Instead, Transit estimated that it lost more than $300 million to fare evasion in 2019. Since the initial report was issued, the subway and bus fare evasion rates have increased. The first quarter of 2023 (January–March) saw an increase of 11.1% (± 0.9%) for subways and an estimated increase of 37.6% for buses. After the audit’s release, the MTA created a Blue-Ribbon Panel to reduce fare evasion across the MTA system. On May 17, 2023, the panel released its report, which incorporates several of the recommendations of the initial audit report. The follow-up found that the MTA made progress in addressing the issues identified in the initial audit. Of the initial report’s 19 audit recommendations, 13 were implemented, four were partially implemented, one was not implemented, and one is no longer applicable.

State Board of Elections – Use of Federal Funding for Election Technology and Security (Follow-Up) (2022-F-35)

The Help America Vote Act of 2002 (HAVA) was enacted to help reform the nation’s voting process. In June 2018, the Board of Elections (BOE) received $19.5 million in HAVA funding to improve and enhance election administration, technology, and security, including $3.3 million that it designated to reimburse County Boards for their remediation activities. A prior audit, issued in September 2021, found the BOE utilized HAVA funding appropriately. However, of the 57 County Boards, only seven had submitted claims for reimbursement, showing that they had moved forward with the needed security measures. The follow-up found that BOE has made significant progress addressing the issues identified, having implemented the one recommendation from the initial report to ensure County Boards take the necessary action to improve security.

New York City Department of Buildings – Oversight of Sidewalk Sheds (Follow-Up) (2022-F-36)

The New York City Department of Buildings (DOB) is responsible for regulating the safe and lawful use of more than 1 million buildings and construction sites in the city, including sidewalk sheds (sheds) – temporary structures installed and maintained to protect people and property on city sidewalks during the construction, demolition, and maintenance of buildings. A prior audit report, issued in July 2021, found that DOB was not adequately overseeing and monitoring the timely installation and removal of sheds or ensuring that sheds were properly maintained. For example, the audit found unsafe façades with no installed sheds, sheds with hazardous conditions, and sheds without valid operating permits. The follow-up found that DOB has made limited progress in addressing the problems identified in the initial audit. Of the initial report’s 15 recommendations, four were implemented, two were partially implemented, and nine were not implemented.

Division of Homeland Security and Emergency Services – Cyber Incident Response Team (Follow-Up) (2023-F-8)

In 2017, the Cyber Incident Response Team (CIRT) was created within the Division of Homeland Security and Emergency Services (DHSES) to provide cybersecurity support to more than 2,800 non-Executive agencies, local governments, and public authorities in New York. A prior audit report, issued in November 2021, found that CIRT developed lines of service to guide its work – cyber incident response services, technical cyber services, and information sharing and outreach – but did not establish specific and measurable objectives or quantifiable goals that could be measured to evaluate its accomplishments. The follow-up found that DHSES made progress in addressing the issues identified in the initial audit report; however, additional actions are needed. Of the initial report’s two audit recommendations, one was implemented and one was partially implemented.

New York State Health Insurance Program – UnitedHealthcare Insurance Company of New York: Improper Payments for Acupuncture and Acupuncture-Related Services (Follow-Up) (2023-F-14)

The Department of Civil Service (Civil Service) contracts with UnitedHealthcare Insurance Company of New York (United) to administer the Empire Plan’s medical/surgical benefits, including acupuncture and acupuncture-related services such as heat and massage therapy. A prior audit report, issued in October 2021, identified $7.3 million in actual and potential overpayments for services that were not supported by provider documentation and for duplicate payments. The follow-up found that United made minimal progress in addressing the issues identified in the initial audit. At the time of the follow-up, United had recovered only $14,281. Further, United was not able to provide evidence of additional control enhancements designed to prevent duplicate payments. Of the initial report’s four recommendations, one was implemented, two were partially implemented, and one was not implemented.