Transcript - Transaction monitoring and fraud detection in the post-COVID era

Mike, thank you for joining me here on the podcast. I really appreciate it. How are you doing today?

I’m doing very well, Josh, and thank you for having me. I’m really excited to be part of your new podcast. I think the platform that you have created is really worthwhile, and I’m happy to be part of it.

Thank you, Mike. I really appreciate it. A number of financial crime professionals are listening to the podcast. Would you be able to discuss your career journey from the government to Goldman Sachs and back?

Well, I can try, but it’s certainly not been a straight line of a career. Before I do, I want to just get a quick disclaimer out of the way, if that’s OK. That is just that the views, thoughts and opinions expressed by me in this podcast are solely mine and don’t necessarily reflect those of the New York State Attorney General’s Office. Your question about government, private sector and back to government – it seems like I couldn’t make my mind up along the way, but it’s all worked out in the end.

It usually does.

Yes. In my unique circumstance, what it’s done for is, it’s really given me an appreciation for the hard work that’s being done on all sides. As a former bank regulator, I helped to enforce the Bank Secrecy Act in the United States on financial institutions that we regulated. Just to give your listeners an idea of what a bank regulator does to enforce the rules around anti-money laundering, I was part of the team within the Department of Financial Services that read every single SAR filing by our covered financial institutions. I know that maybe by today’s standards on how many – the numerous filings that are made – that might not be possible, but we did it. We had a good-size group that would be assigned to different financial institutions and read every one of their filings, and then we would meet on a monthly basis. We would talk them over.

I think it’s really great to hear, because a lot of people today within the industry sometimes feel like they file a Suspicious Activity Report, or here in Hong Kong, a Suspicious Transaction Report, and it just goes into the ether sometimes. To hear that from a regulatory perspective, I think, is really comforting to a lot of the audience.

Yes. That’s incredibly important. The STRs or SARs, wherever you happen to be, are so useful. We opened up formal investigations based on the filings. We were a smaller group, so we couldn’t open up investigations in everything that we thought was worthwhile. We referred some SARs and STRs to other partners in law enforcement just to make sure that good ones didn’t fall through the cracks. The other thing, Josh, that I want to mention is that – and, especially, this is true today – is that there is always an analytics part of looking at SAR filings, looking at the big picture, looking at trends, and that is useful information for law enforcement to have.

It’s also very helpful for those that enforce the rules to be able to see what financial institutions are doing and, maybe more importantly, what are they not doing. There was once instance I recall where we were sitting around the room and going through all the SAR filings, and there was a bank that had been in the news, and the question came up, “Have you seen any filings from that financial institution lately?” No one could remember one. We went back because we have the ability to go into the repository of all filings, and we did a search on that bank. Sure enough, there hadn’t been any filings.

You can imagine what a regulator thinks when a financial institution has never filed. It’s certainly not because there was never a suspicious transaction going through their account. That generated a separate investigation into that financial institution, with noteworthy outcomes.

I think it’s interesting that you mention something like that as well, because there’s been a sea change here in Asia. I’d say when I first got out here, most financial institutions looked at Suspicious Transaction Report filings or Suspicious Activity Report filings as a black mark that you didn’t want to have any. You didn’t want to get on the regulator’s radar. Really, over the last five to eight years, it’s changed dramatically that a lot of institutions that had never filed before are filing now, and the regulators have to talk about overfiling in some areas.

Interesting, yes. When I was in the private sector, my leadership teams were always advocating for filing to demonstrate that, number one, we had a programme that identified and reported activity when it was appropriate. The other thing we hoped it did was generate some goodwill, good faith, because with the thousands and tens of thousands of transactions going through accounts every day, there are going to be things that occur that you were unable to detect even though you had reasonable tools to identify risk. When a regulator would come up and, like I used to do in the past, we would look at filings as one of the things to give us an idea, a sense of, “Well, was this financial institution making a good-faith effort in identifying or reporting risk?” That would give us a sense going in the door, “How are they doing?”

You’ve gone from the public sector to the private sector; now, you’re back. I think it’s been a great career journey, but what makes you good at finding issues in those places? I mean, how do you go about uncovering potential suspicious activity or fraud?

Well, Josh, that’s a great question, and I don’t think there’s any one single right answer for it. I can share with you my own perspective and my own observations working in the government in seven different jobs I had with government, and then the private sector, and what I think works. One is just having a good nose for issue spotting. That could be something you’re born with or something that can be learned, I think. Having some life experience is also good, and everybody has their own perspective. You don’t have to have been a detective or an enforcement regulator to really understand risk when it comes across your desk.

Sometimes, it’s just a matter of effort. I remember my mentors from the Manhattan District Attorney’s Office would tell me, “Hey, Mike, you make your luck.” I didn’t really understand what that meant at that time, but I understand it now. It’s basically, if you work at something hard enough, good things are going to come from it. So, just sitting back and looking at alerts passively probably isn’t going to make you shine at the end of the day in finding a really noteworthy risk. Having natural curiosity, I think, is important too, and related to that is your ability to think creatively. I term it thinking suspiciously about what you’re looking at. This is something I also learned way back in the day when I worked in the Manhattan DA’s office.

I’ve been through a police academy. I’ve been through the FBI National Academy. I have a law enforcement mentality in terms of looking at things potentially suspiciously. I remember my first day out of the academy, I was in the field. I was with a senior investigator, and we’re just getting coffee heading out in the field, sitting in a car across from a coffee shop. We had gotten our coffee, and we’re sitting there. We were looking at the front door, and out walks a gentleman with a baseball cap shielded over his eyes with a bag in his hand, and he’s walking quickly out of the store. The senior detective asked me, “Well, Mike, what do you see there?” I go, “I see somebody with coffee running late for work.”

He said, “Well, yes, that’s probably what it is. But it could be that he just held up that store, and he’s running out with a bag of cash.” Look, I want to make something clear about thinking suspiciously, because sometimes people get the wrong idea. At the end of the day, most of the things that we look at in government and in the private sector turn out to be benign, right? We know that, but if you don’t ask the question, if you don’t put the effort in, if you don’t apply your life experience and your sense of issue spotting that you’ve developed, it’s going to be less likely that you actually uncover something. That’s what I mean by thinking suspiciously about what we’re looking at.

I think that’s really true, Mike. I mean, even in coming out here to Asia, the way that I look at things now just by having been out here and seeing the lay of the land is completely different from when I was looking at them working in New York. You see a transaction. You see what’s going on, but to get that real understanding and what might be going on here, it almost takes being in that place a lot of times.

That’s right. We’ve all worked in different environments. One thing, I think, is always sort of the same, which is, you’re going to have certain people on the team who, over time, seem to catch more things, whether you’re a detective or working for the government, or you’re an AML officer looking at alerts and identifying risks. It’s the people that are really dedicated and have developed these skills that seemed to consistently come up with those things that are really worthwhile. Josh, I don’t know if I ever told you this, but we were just saying we worked together. I do miss those days. I’ve got to say you were the most tenacious investigator I have ever worked with. That resulted in finding very interesting things, I remember. That was a really good experience. I know that has served you well.

Oh, definitely. I mean, I learned a lot from you. I think most of the way I write, and most of the way that I continue to look at issues with clients today, is based on that time. I can remember still a number of times when we were looking into the exchange control laws, and I had no idea about exchange controls. I think you had some understanding. It’s a matter of ultimately looking at the transactional activity and then saying, “Well, this seems a little weird that guys who have millions and millions of dollars might be transferring money from a money exchange into a private bank.” You’re like, “Well, let’s do a little bit of digging, and let’s try to uncover it.” I think that’s something that definitely, as a mentor, you always fostered in me, that we were not necessarily looking to close out an investigation or close out an alert with what might be the easiest response.

Well, Josh, you have me blushing here. I appreciate those kind words.

Your focus right now is definitely a little bit different. You’ve moved into the healthcare fraud space. How has the recent pandemic, with COVID and everything, changed your focus around how you’re looking at fraud and what you’re doing now?

Well, it’s been very interesting. If you have me back in a year, I might be able to talk to you about some publicly available information on specific cases that we are working on today. I can tell you this, that after every major event, there are fraudsters that come out of the woodwork. It could be an earthquake. It could be a typhoon. It can be 9/11. These major events invite the fraudsters to come out and see if they can’t leverage that event and make some money from it.

The healthcare industry isn’t any different. It’s a massive industry, as we all know. Even if a small, very small, percentage of it represents fraud, you could be talking about significant funds. We have a data analytics team. We’re looking at spikes in activity that wouldn’t be explained through a reasonable way of looking at things. A spike in activity – for example, when the pandemic began, office visits to providers slowed down pretty rapidly, as you can imagine. Certain types of procedures slowed down very rapidly. Yet, there could be providers out there who have an unfettered continuation of business, which could raise a question worth looking into.

Outlier behavior – something that we’re always looking for, and certainly true in the pandemic. Looking at similarly situated providers, maybe they share a specialty in the same region, yet one of those providers seems to be doing something differently. We look at a combination of procedures sometimes as an outlier behavior, where I have a provider billing things in combination which their other colleagues aren’t doing. That generates a question. It’s not necessarily fraud, but it’s something that causes us to start looking at it more carefully.

It’s something that’s new for our agency in this time is telemedicine, which hadn’t previously been covered by New York State Medicaid, and now it is. We know from our colleagues that worked in Medicare that there are opportunities for fraud in telemedicine. We’re looking at that. If, for example, a provider last year had just – making up numbers – a thousand patients, and now, all of a sudden, they’re billing at a rate of 5,000 or 10,000 patients, something is different. Something happened. How? Did they legitimately expand their business that quickly, or is there something else going on?

With COVID, you have testing for the COVID virus. There are accepted healthcare-approved tests, and then there are other tests which are used when there are more health-related complications, which are much more expensive, and this is an opportunity for what we would term unnecessary testing, unnecessary billing and overbilling. We’re looking at all these issues. One other thing that a good investigator or a good analyst, I feel, can look for is the obvious. Don’t ignore the obvious, right?

Sure.

In financial institutions – bringing it back to your audience for a second – it’s oftentimes the client that everybody knew about. It’s the one that everybody knew was going to be a problem but was difficult to tackle either because of the revenue stream or for some other reason. Those are the ones that make the difference between a really good compliance officer and an OK one, where the compliance officer doesn’t back down. They make a record of, “Hey, I’m not satisfied with these explanations. Obviously, something is going on here. We need to escalate it within the financial institution and get more people involved.” I think that’s really important for your listeners to follow. It is the hardest thing, I think, for a compliance officer.

Absolutely. I think that going after those things that are difficult clients, significant clients or areas that you might not have a good understanding of, but you have to learn about – the business is always going to challenge you. Front office is going to challenge you. You need to be able to back up your questions with a real understanding of the industries and what you’re talking about. It’s interesting when you talk about the healthcare industry – it jumps out in my mind around trade finance. You see spikes in activity. You see clients that are maybe operating in the same type of business but transacting in a completely different way – outlier behavior, like you mentioned.

Now, while banks don’t necessarily have telemedicine, the rise in remote onboarding during the pandemic, in particular, here in Hong Kong, but all over the world, where you don’t see clients, where you have transactional activity taking place outside of a branch – all of these things have led to a rise in fraud. A lot of fraud associated with, whether it’d be business-email compromise or other types of IT support schemes, and it’s not only necessarily directed at customers. It could also be directed at the employees themselves.

Then, you mentioned the overbilling piece. You have a lot of potentially overinvoicing or multiple invoicing that you might be able to see now that might not have been occurring previously because you have new trade flows. While you expect new trade flows or you expect additional trade flows from some of the PPE providers in particular, or businesses that have maybe recently got into that industry, you might not see it in the same way across that peer group. So, that’s something that you would want to question.

Exactly. Josh, one of the other things, getting back to your question about “What are we doing during COVID?” is actually, one of our highest priorities is to identify patient abuse and neglect. We have many Medicaid recipients in nursing facilities, and they are some of the most vulnerable of our population. Of course, during the pandemic, they’re a high-risk population. So, we’re doing everything we can to ensure that they are getting proper treatment by the facilities that they are residing in. We set up a hotline to take calls from family members who may become aware of issues in a facility. Quite often – surprisingly, maybe, to some – we hear from staff that work in these facilities because they are trying to do the right thing, but they aren’t being adequately staffed.

We use that to trigger investigations. When we go in, there are a couple of things we look for: One is, we want to ensure that proper safeguards have been taken to protect the residents and, actually, the staff. Are they wearing personal protective equipment? Has the facility purchased that stuff? Is there enough qualified staff? This costs money. Having qualified staff is going to dip into the revenue of the facility. If it’s a facility that is looking to divert funds for its own benefit, then there’s going to be less to go around to hire the right staff. Then, part of the staff that are on, that are there, are they being adequately trained? Do they know how they’re supposed to handle residents to avoid them contracting the virus?

Some of your listeners might be saying, “It’s interesting, patient abuse and neglect, but I work in a financial institution, and that really has nothing to do with abuse and neglect in a nursing facility,” for example. To that, I would say when I look at the big picture, we’re looking at nursing facilities who may be diverting funds, engaging in self-dealing, and that’s not something that our group will readily see, because we don’t see those bank accounts, but your listeners might. They may see self-dealing going on. They may see unusual transactions and accounts.

The outcome is that those monies are being diverted from what otherwise would have gone to ensuring those safeguards, hiring qualified staff and training those staff. So, it all comes full circle – from my perspective, anyway – that we’re working hand in hand here, the government and the private sector. We’re all trying to do good here. If we share some of what we’re seeing, if financial institutions identify this kind of activity, there could be a big picture behind it that they don’t readily see. So, reporting it could do all kinds of good. I encourage people to report things if there is no reasonable explanation for it.

I think that’s really important – that if you are a bank connecting those dots, it’s really just helping the government and investigators in the public sector, hopefully, start to piece that puzzle together. I know in the United States, there’s Section 314(b) of the PATRIOT Act, which allows financial institutions to talk to each other and maybe piece things together a little bit more before it’s turned over to the government or even with the government. Here, we have FMLIT in Hong Kong, which is a task force involving the police, the HKMA and the top 10 retail banks. So, those are definitely things ­– typologies and trends – that are looked at within that group.

I think also to your point around the nexus between fraud and some of the personal medical equipment that’s going on is, we have a raft of manufacturers in this region that are making PPE. Some of them may be sending the PPE to providers in the United States or other regions. It could either be not of the right quality, and you might be able to see that because of the amount of money they’re spending on the types of materials that they’re using, or because they’re diverting funds, or you might even be able to see some of these providers that are getting it paying exorbitant prices or paying really reduced prices. Those can yield some red flags.

That’s a great point. There is a human element to all this. Yes, you’re living in a world of finance, but there are people’s lives that are at stake here. It is really life and death here in the nursing facilities. If you can identify fraud and report it, then something can be done about it. It can actually help improve lives. It can help ensure safety for those residents who really don’t have anyone else looking out for them. That’s something that when you work in a financial institution, you may not see it. It may not be as obvious as when you’re working in the government, where you’re coming in contact with these families. You’re coming in contact with the staff who really care about their job, who really want to do the right thing. I do think it’s important to share with your listeners the importance of their work and what good can come from it in protecting the lives of those who really can’t protect themselves.

I think, definitely, your group is helping save lives in the pandemic and even before. I think that all of us, from our work in the financial crime space, whether it’d be some of the organisations involved in human trafficking here that are fighting against that and working to uncover typologies, or even some of the drugs and other illicit activity that can sometimes go through a financial institution – people that are working and looking at alerts or working within the Financial Crime Compliance Department can be on the frontline of preventing that.

I couldn’t agree more.

In this new environment, what can financial institutions do to spot fraud more readily?

That’s a good question. I would just say the old rules apply here. You look for reasonableness. When there’s something unusual happening, try to identify a reasonable explanation for it. Knowing your customer, knowing what’s expected activity in the account, yes, that is drummed into everybody’s heads. I know that, but it’s true. If you know what the customer does, if you know their source of wealth and you know what’s expected in the account, what’s different going on from those expectations, that should trigger a review.

I know realistically, folks, that there are so many alerts generated. There is always pressure to review them efficiently and expeditiously, but there will be the occasional alert that really deserves a deeper dive. Looking at what’s reasonable, looking at the customer’s profile, I think is a good place to start. In government, also, we have access to some information. I’m sure some of your listeners are saying, “Look, we don’t see how providers are billing. It’s not really within our wheelhouse to see everything that one of our clients, if they happen to be a healthcare provider, is doing in their business.” I agree with that. You can’t see the whole picture. In government, we see the billings. Our data warehouse contains over seven billion claims, believe it or not.

Yes, it’s amazing. That’s an amazing amount of data.

Our data team has a field day with it. We can do all kinds of peer analysis. We can look at specialists – I mentioned that before. Our agency, we can request information. We can subpoena information. We can call people in and put them on the record under oath. We can see industry trends. We can see what’s going on with the peers over time in a particular healthcare specialty, and we can see if things are trending up or down and try to identify the root cause of that.

Financial institutions – of course, the focus is going to be on funds, movements of funds. Are there payouts? We mentioned nursing facilities. Are there payments to third parties that may be not at arm’s length when you investigate the owners of these third parties, and what are the explanations for those third-party transactions? Is there a lot of in-and-out activity? Are there spikes in income where you wouldn’t necessarily expect there to be? Those are some things that I think financial institutions see and they can look into – use it as a springboard into an investigation.

Sure. One of the problems – and you mentioned it right up front in your last answer – is that there is a vast amount of alerts that are out there. Ultimately, some of these rules-based monitoring systems are creating a haystack to spot a needle, but then, when you find that needle, you don’t want to be rushed to be able to find it. One of the things is, how do you get better at finding those real nuggets, or needles within that haystack, so that you can spend time on those, make the referrals, have those investigations? We’re starting to see it with some of the banks out here. Is there a way to potentially merge some of the monitoring activity that goes on from a transaction-monitoring AML perspective and a fraud perspective, for instance?

Well, I think there is. I also think that financial institutions really need to decide for themselves how best to do it. Merging two disparate groups is one approach. Offering some platform where there’s a cross-divisional communication going on is really what I think you’re after here. You want to share information. You want to use it as a training opportunity. In the two financial institutions that I had worked in, we had those types of efforts in both places. I worked in an environment that was very collaborative across divisions within compliance.

What does this do? Well, if you get these disparate groups together, you can understand the client better. That client is going to have different touchpoints. Maybe they are trading in one part of the financial institutions. Maybe they’re doing a banking activity. If you don’t see the whole picture, you don’t really know or understand that client’s activity holistically.

Can you do this with every customer? No, but you can do it for other ones that are hitting your radar regularly. You can say, “Hey, look, I’ve looked at this client using the tools that we have. Let me bring it to this other group and see if it’s hitting their radar as well. Maybe something happening outside of our shop is going on that can help explain benignly what I’m looking at – or maybe, alternatively, it would add suspicion to what’s going on.”

The other thing is, by having this cross-divisional communication, you get to talk about the rules a little bit more. I mean we’ve all sat through or given anti-money laundering training. You sit there for an hour, talk about the rules, and then you go back to your job.

That’s usually boring as hell because there’s nothing relevant to you within those trainings. One of the things that I always try to do when I’m giving training is make it interactive, tailor to the audience, but nine times out of 10, even when I have to take the AML training internally, whether I was at banks or whether even when I came here or at EY, I tell you, it’s just like watching paint dry.

Well, I hope I was an exception to that, Josh.

I’m not talking about you.

That’s OK, that’s OK. It’s so hard.

They’ve got all these computer programmes now. That’s like autotrain, and you tick the box.

Right. Why is this important, Josh? There are a lot of nuances. The people that work in those anti-money laundering rules – the financial crime compliance personnel who live and breathe these rules because they have to – they are responsible for ensuring the appropriate reporting of activity. They know this stuff. The people, the other folks around the firm, whether they work in compliance or not, are less familiar, because that’s not part of what they have to deal with every day. If you can get these groups together, you could share these nuances, and over time, people will understand it a little bit better.

If you were to ask people cold, like, “Hey, do you have to report a transaction even if it didn’t happen?” Let’s say a customer proposed to do something – it was an attempt at transaction – but compliance got involved, and they shared with the business, they discussed, and they said, “No, we’re not going to allow this to happen, because it would have been suspicious if it happened – it would have been a problem,” do you have to report that? Now, I don’t know.

I know in the U.S., the answer is yes, you have to report attempted transactions under certain circumstances. I don’t know about all the regions where your listeners are all located, but that’s the kind of information that financial crime compliance personnel can share. It’s usually going to be happening outside of a training, because it’s a nuanced thing. It’s something that you’re not going to get in a quick training programme.

The other thing is – and this is probably even more difficult, but more important to really gain appreciation for – the threshold of suspicion: When have you reached a reportable event? The people, again, that live and breathe these rules, they’re the ones that really have to understand when something is reportable. Josh, I think you would agree, they usually have a lower bar than other people around the firm will have. Many people say, “Well, that’s not really suspicious. We don’t know a crime took place here.” You might hear that. Well, you know what? Let government worry about whether a crime has occurred. As a financial institution, I would really strongly encourage people that if you’re even having a conversation about whether a crime might have occurred, that’s probably met a threshold of suspicious that requires a reporting in most jurisdictions.

I think in pretty much every jurisdiction. Here in Hong Kong, proposed transactions, as well, would be reportable. I think your point about getting together and discussing issues across compliance teams or with legal or fraud teams across the financial institutions is really key. I have seen it also work well with the front office as well. A lot of times, front office people, particularly once they have really good training that shows that there is some activity that could be suspicious going on in their neck of the woods, will say, “You know what? I’ve actually seen a client” – or “I have seen a group of clients” – “acting differently than I would expect them with the market.” They ultimately refer behavior to you or refer activity to you, and, quite frankly, those are more beneficial, at least, in my experience than any alert you could get.

Excellent point, Josh. You asked me earlier, “What makes somebody good at issue spotting?” So, we could talk about at the individual level, and then we could talk about at the team level. I think it’s interesting to look at the composition of the team. If you have different perspectives, different backgrounds, on that team, I think that’s also very valuable.

We both have been in environments where this has occurred – where you have people who worked in the operations area of the firm come in as analysts looking at transactions. They have a great appreciation of how things work operationally, and they have a unique perspective of what would be unusual, I think. We’ve had businesspeople, relationship managers, work in financial crime compliance also very successfully because they’re coming in it from a perspective from the client: Would a client want to do this? Would they want to do that? What would be in it for them to want to do something like this?

Absolutely.

I think talking about what you’re looking at – talking about the risks, sharing the risks, whether it’s cross-divisional or within the team – it’s always good to have a diverse cross section of staff doing this work and talking about what they’re looking at.

One key area that I have seen, at least in the last couple of years, is trade finance. These guys who work in the trades finance base know all the products. You could take an AML person to the end of the earth, and they will never understand all the trade finance products. They might understand the risk. They might understand overinvoicing and underinvoicing, but they’re never going to understand these products. I’ve tried for several years now – read papers, try to learn. You can’t learn just by looking at suspicious activity all the time. You need that insight from somebody who’s actually done the work a lot of times to be able to make sense of it, or even complex trading issues.

It’s good to know your limitations, It’s good to be OK with that and do something about it. Sometimes it means talking to the right people, and sometimes it means hiring those people to help you walk through the thicket that we live in.

It’s like the basketball adage – I know this from experience – you can’t teach height, so my basketball career was pretty much over after grade school.

The other thing I just – one final thought on this cross-divisional communication is, I think it helps develop your staff professionally to expose them to other parts of the firm and give them an opportunity to learn those things. Maybe they don’t become the trade finance experts, but you know what? I worked with someone who went on to become an investment banker. I worked with people who went into other roles in the firm or outside the firm, seeking other opportunities because they got the tools. They learned a lot about the other parts of the firm, and being exposed in financial crime compliance to other areas, I think, sets you up for a good, sound career whether you stay in financial crime compliance, which I believe offers many opportunities for career growth.

In some cases, people will move on. You want to encourage that and not discourage that. I always felt that you don’t want to keep people in their place by limiting the opportunities for growth, because then you’re going to have what? You’re going to have a bunch of dissatisfied staffers who are going to stick around anyway. That might be a little controversial for hiring managers to hear, but there’s an opportunity to share opinions, and that’s mine.

Sure. I think you want your – being a good manager is about having your staff grow and giving them opportunities. You mentioned somebody that started out in financial crime compliance, but I haven’t thought of the guy for years. Chester Lui – he went from being within financial crime compliance at Goldman. He’s a private banker now, and he’s moved on to a couple of institutions. Now, I hear he’s got a pretty good book. I haven’t seen him since. Chester, if you’re listening, I’d love to get together for lunch.

I would, too. It’ll probably cold by the time it gets to me, but ­–

We’ll have to fly you out here in private. Maybe we can get you a plane.

Josh, I am with the government, and that’ll be prohibited –

Oh, that’s true. That’s true.

But I appreciate the offer.

That’s true. So, some final thoughts: I think we covered a lot of ground in the podcast – a lot of great insights – but just some final thoughts from you, Mike.

Well, first, Josh, thank you for having me. This has been a fun experience, and I didn’t really know what to expect. This has been really fun putting on my old hat a little bit, sharing a little bit about what we’re doing at the New York State Attorney General’s Office in our Medicaid fraud-control unit. I hope that your listeners found some of that interesting. Look, the work that your listeners do, it's invaluable. The SARs, when they’re filed, can do so much good to alert law enforcement to activity that would not have come across otherwise. So, it’s really important what you’re doing. So, keep it up, and I mean that. That’s not hyperbole.

No one sees the whole picture. You think, government, oh, we’re all-seeing. No, no. We don’t see it unless you bring it to our attention in some cases. It’s being the good citizen, some people call it, but it’s really important work, and I know – and many people in government know – how difficult that job is. We talked about some of the challenges, and there are others, but you should know that your work is important and it’s meaningful. There is an outcome. There are people’s lives that are impacted by what you do.

Keep up the good work to the extent that your rules permit this. It is permitted in the U.S. to make what we call affirmative referrals: Pick up the phone. Call somebody in government. Alert them that an STR or SAR has been filed, because Josh, you touched on it earlier – there’s been a significant increase in filings over the years, and it’s very tough. It’s not like I mentioned about in the old days, when our group would read every one. We couldn’t do that today, realistically. They are going to be really important ones, filings that might not be seen by anyone.

So, if you feel you came across something important, certainly, in the healthcare sector, that’s something we’d like to hear from you on if your regulations permit it. When you do file, give all the information. I used to think of myself as sort of a news reporter: What information does a reader need to know to really understand what happened in this situation? What are all the relevant factors? Who, what, when, where, and why? Not like, “Let me just write as little possible so I get credit for filing.” No. That’s not so helpful. Adding the color – there could be more information known about the entity that you’re reporting on that the government’s aware of. So, the more information you provide can make the information get to where it needs to go, and you’re more likely to get the right outcome. I know it means more work, but that makes it a more meaningful process, and we all want our work to be meaningful.

Yes. Absolutely, Mike. I think how many times, when we’re looking at an investigation or reviewing a client, and something as small as an address or a matched phone number or a client account that might be related in some small way because they received some transactions from there make the difference in an investigation. Really trying to put all that information really helps any investigator. It helps the government definitely, from when I had spoken with the regulators and yourself.

Mike, I really appreciate you coming on the podcast. Thank you very much. I look forward to catching up with you again soon.

Thank you, Josh. I look forward to coming back next year and talking about some of the cases that we brought during COVID.

Maybe you’ll be able to travel over here, and we can do it live.

There you go again. I would love to as a private citizen.

Yes. That’s great. Thanks a lot, Mike.

Thank you, Josh.