PF discovers scheme and avoids almost R$ 500 million in INSS fraud

The Federal Police identified a suspected fraud that could reach R$ 486 million in benefit payments, such as the reclusion aid, whose objective is to protect relatives who, with the arrest of the insured, may be left without income and, in the case of young , drop out of school to work.

The operation to identify deviations also relied on the work of the INSS (National Social Security Institute) and Febraban (Brazilian Federation of Banks). Intelligence sectors of the financial institutions that make these payments found evidence of irregularities in the transfers.

According to the PF, the alleged frauds were carried out through accessing the passwords of 29 INSS servers. The main suspicion is that the codes have been hacked. Also according to police officers participating in the action, with access to the agency’s system, criminals were able to reactivate benefits and change bank account data so that payments could be made.

Investigators told the Sheet that, among the evidence found so far, it was possible to identify in a large number of cases that the holders of bank accounts were not the same recipients of the benefits.

Another pattern noted is that the reactivations were carried out in benefits that were close to completing five years, with amounts that never exceeded R$ 100 thousand – which would, in theory, be to avoid drawing the attention of control bodies, such as the Coaf (Financial Activities Control Council).

“The Federal Police detected, through the use of massive data analysis tools, the existence of thousands of fraudulent reactivations of social benefits. Thus, the most urgent measure to prevent the evasion of public money was to activate the institutions financial institutions, making it possible to block the payment of millions of reais in fraudulent benefits”, said Cléo Mazzotti, general coordinator for Repression of Farm Crimes at the Federal Police.

The biggest concern on the police side was that payments would be stopped as soon as possible. This is because the experience of investigations of this type shows that it is difficult to recover the money once the transfer has been made. In some situations, it is possible to find the authors, but rarely the resources are returned.

The investigation began in June of this year and, since then, payment blocks began to be made.

More than 13,000 benefits that would be paid are in the crosshairs of the investigation – among them the prison aid. the benefit is paid to dependents of the worker who has at least two years of urban activity recognized by the INSS and does not receive a benefit from the agency, among other requirements.

According to the INSS, a more in-depth analysis will conclude, within this amount of R$ 486 million, which benefits would be paid irregularly and which were regular. Therefore, the agency still does not have information on how much can be recovered.

The PF is now investigating whether the action was orchestrated, if it came from the same group and seeks to identify the authors of the alleged fraud.

In the wake of measures to combat deviations, the INSS concluded in early September the distribution of tokens to improve security in the access of the agency’s servers to beneficiary data and the system that authorizes the granting of benefits.

With this, access is now protected by three mechanisms: the personal password of each server, two-step verification (code sent to the server’s cell phone) and the token (a kind of pen-drive that must be inserted into the computer to unlock the INSS system).

The tokens cost BRL 1.34 million and must be renewed in three years.

“Historically, the INSS is a target of fraud, it is the target of all kinds of problems. In recent years we have started to intensify partnerships with other bodies. Frauds were increasingly sophisticated, and the world is investing more and more in security. So the public sector cannot be left out of this”, said the director of information technology at the INSS, João Rodrigues da Silva Filho.

The token purchase process started last year, as an INSS project. The purchase was made in early 2022 and, now in September, the system of all the agency’s servers (about 20,000) began to require the device.

This new phase started as a test for a more restricted group of servers, but, after six months, it was adopted by the entire body.

The tokens were even distributed to servers of INSS agencies across the country. According to Filho, the device became necessary even to access the history and process of beneficiaries.

“The amount invested in security is very small in relation to the risk of fraud,” said the director.

The INSS works together with other bodies to avoid losses in the payment of benefits. In addition to the PF, there are working groups with the Ministry of Social Security and Labor, GSI (Institutional Security Office) and Dataprev.

Banks, for example, cross-check data to find out if the benefit to be paid will be deposited in an account with the same CPF or a family member. Otherwise, there is an indication of fraud.

Another measure foreseen by the INSS is the exchange of the computer network, for one with faster access and that gives more autonomy to the agency. Currently, in case of any suspicion of irregular access to server information and passwords, the INSS cannot immediately block access — sometimes it depends on Dataprev.

In addition, the INSS wants to invest more in courses and public servants’ awareness of the risks of fraud to prevent the system from being circumvented.